• Registrarse
  • Iniciar sesión


  • Página 2 de 3 PrimeroPrimero 123 ÚltimoÚltimo
    Resultados 11 al 20 de 22

    Ayuda para eliminar hbpix (Solucionado)

    ...

          
    1. #11
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.569

      Re: Ayuda para eliminar hbpix

      Hola

      Sigue estos pasos, para eliminar las herramientas utilizadas:

      • Utiliza de nuevo >> Descarga >> DelFix
        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca todas las casillas.
      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), revisa que se hayan eliminado las herramientas utilizadas.


      Nos confirmas si podemos dar como resuelto el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    2. #12
      Usuario Avatar de redblitz
      Registrado
      dic 2017
      Ubicación
      Colombia
      Mensajes
      13

      Re: Ayuda para eliminar hbpix

      Hola, al parecer han sido eliminados.

      # DelFix v1.013 - Logfile created 30/12/2017 at 19:52:54
      # Updated 17/04/2016 by Xplode
      # Username : usuario - USUARIO-PC
      # Operating System : Windows 7 Professional Service Pack 1 (64 bits)

      ~ Activating UAC ... OK

      ~ Removing disinfection tools ...

      Deleted : C:\AdwCleaner
      Deleted : C:\Users\usuario\Desktop\AdwCleaner[C0].txt
      Deleted : C:\Users\usuario\Desktop\AdwCleaner[S2].txt
      Deleted : C:\Users\usuario\Desktop\JRT.txt
      Deleted : C:\Users\usuario\Desktop\JRT2.txt
      Deleted : C:\Users\usuario\Downloads\adwcleaner_7.0.6.0.exe
      Deleted : C:\Users\usuario\Downloads\JRT.exe

      ~ Creating registry backup ... OK

      ~ Cleaning system restore ...

      Deleted : RP #190 [Punto de control programado | 12/30/2017 05:53:20]
      Deleted : RP #191 [JRT Pre-Junkware Removal | 12/30/2017 19:57:43]
      Deleted : RP #192 [JRT Pre-Junkware Removal | 12/30/2017 23:49:51]

      New restore point created !

      ~ Resetting system settings ... OK

      ########## - EOF - ##########

      Seguiré testeando el pc por un rato, te confirmaré más tarde.

    3. #13
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.569

      Re: Ayuda para eliminar hbpix

      Hola

      De acuerdo, pruebalo tranquilamente para estar seguros y nos comentas

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #14
      Usuario Avatar de redblitz
      Registrado
      dic 2017
      Ubicación
      Colombia
      Mensajes
      13

      Re: Ayuda para eliminar hbpix

      Hola denuevo, estaba navegando y se volvió a descargar el hbpix

    5. #15
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.569

      Re: Ayuda para eliminar hbpix

      Hola

      Descarga Farbar Recovery Scan Tool segun la arquitectura de tu sistema (32 o 64 bits)

      • La guardas en el escritorio >> Esto es muy importante..
      • Doble clic para ejecutar Frst.exe. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En la ventana del Disclaimer, presiona Yes.

      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #16
      Usuario Avatar de redblitz
      Registrado
      dic 2017
      Ubicación
      Colombia
      Mensajes
      13

      Re: Ayuda para eliminar hbpix

      FRST

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2018
      Ran by usuario (administrator) on USUARIO-PC (01-01-2018 15:01:34)
      Running from C:\Users\usuario\Desktop
      Loaded Profiles: usuario (Available Profiles: usuario)
      Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AMD) C:\Windows\System32\atiesrxx.exe
      (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
      (AMD) C:\Windows\System32\atieclxx.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
      (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
      (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      () C:\Windows\System32\PnkBstrA.exe
      () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
      (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
      (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
      (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-05-16] (Synaptics Incorporated)
      HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [382072 2016-05-12] ()
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2017-12-26] (AVAST Software)
      HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-10] (Intel Corporation)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
      Winlogon\Notify\igfxcui: igfxdev.dll [X]
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {29ca20c9-7d7e-11e2-8b45-806e6f6e6963} - E:\setup.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {5b332615-4078-11e5-ad37-d05099441164} - F:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {5b3326f3-4078-11e5-ad37-d05099441164} - F:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {74b1a107-f7ef-11e4-8060-d05099441164} - F:\setup.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {d9e1238b-11ed-11e5-bf9d-d05099441164} - F:\setup.exe

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\Parameters: [DhcpNameServer] 190.157.8.33 190.157.8.1
      Tcpip\..\Interfaces\{2CF3EDB4-B713-4D7D-B766-2D35982ADD08}: [DhcpNameServer] 192.168.10.1
      Tcpip\..\Interfaces\{3EDFF6AD-28F2-4306-9301-3705572AF44B}: [DhcpNameServer] 190.157.8.33 190.157.8.1
      Tcpip\..\Interfaces\{602C7A73-7504-42E6-83D7-14603BE65617}: [DhcpNameServer] 192.168.10.1
      Tcpip\..\Interfaces\{ADF30ADD-E6A7-4D4F-B3CE-B1F5B9773FBD}: [DhcpNameServer] 192.168.10.1

      Internet Explorer:
      ==================
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://co.msn.com/?ocid=iehp
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
      BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-16] (AVAST Software)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-28] (Oracle Corporation)
      BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-16] (AVAST Software)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-28] (Oracle Corporation)

      FireFox:
      ========
      FF DefaultProfile: zn453sew.default
      FF ProfilePath: C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\zn453sew.default [2017-12-30]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
      FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
      FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
      FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-28] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-28] (Oracle Corporation)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\usuario\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2015-03-18] (Raidcall)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

      Chrome:
      =======
      CHR DefaultProfile: Default
      CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default [2018-01-01]
      CHR Extension: (Word a PDF - Smallpdf.com) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkpncleclnaihjlknbcpbjpanihohdh [2015-08-11]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
      CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2017-12-26] (AVAST Software)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2017-12-26] (AVAST Software)
      S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1268256 2015-12-14] ()
      S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
      S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
      R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344184 2016-05-12] (Intel Corporation)
      R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
      S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
      R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
      S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-03-22] () [File not signed]
      S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
      S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3512928 2015-07-22] (INCA Internet Co., Ltd.)
      S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2155328 2017-12-19] (Electronic Arts)
      R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3025224 2017-12-19] (Electronic Arts)
      R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2017-12-17] ()
      R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-12-15] ()
      R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-17] (Realtek Semiconductor)
      R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
      S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2017-12-26] (AVAST Software)
      R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2017-12-26] (AVAST Software)
      R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2017-12-26] (AVAST Software)
      R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2017-12-26] (AVAST Software)
      R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2017-12-26] (AVAST Software)
      R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [149344 2017-12-26] (AVAST Software)
      S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2017-12-26] (AVAST Software)
      R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-05] (AVAST Software)
      R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146664 2017-12-26] (AVAST Software)
      R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2017-12-26] (AVAST Software)
      R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2017-12-26] (AVAST Software)
      R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2017-12-26] (AVAST Software)
      R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457400 2017-12-26] (AVAST Software)
      R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2017-12-26] (AVAST Software)
      R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2017-12-26] (AVAST Software)
      R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-06-13] (Disc Soft Ltd)
      U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2014-07-29] (Huawei Technologies Co., Ltd.)
      S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
      S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [290520 2013-08-19] (Realtek Semiconductor Corp.)
      S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
      S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
      S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
      S3 clwvd; system32\DRIVERS\clwvd.sys [X]
      S3 dump_wmimmc; \??\C:\Program Files (x86)\NCSOFT\BnS\bin\GameGuard\dump_wmimmc.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-01-01 15:01 - 2018-01-01 15:02 - 000016155 _____ C:\Users\usuario\Desktop\FRST.txt
      2018-01-01 15:01 - 2018-01-01 15:01 - 000000000 ____D C:\FRST
      2018-01-01 14:58 - 2018-01-01 14:59 - 002393088 _____ (Farbar) C:\Users\usuario\Desktop\FRST64.exe
      2018-01-01 14:45 - 2018-01-01 14:45 - 000000000 ____D C:\ProgramData\SWCUTemp
      2017-12-31 18:02 - 2017-12-31 18:02 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-12-31 18:02 - 2017-12-31 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-12-31 18:02 - 2017-12-31 18:02 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-12-31 18:02 - 2017-12-31 18:02 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-12-31 18:02 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
      2017-12-30 21:29 - 2017-12-30 21:29 - 000000000 ____D C:\ProgramData\X360CE
      2017-12-30 19:58 - 2017-12-30 19:58 - 000000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      2017-12-30 19:52 - 2017-12-30 19:52 - 000000000 ____D C:\Windows\ERUNT
      2017-12-30 02:23 - 2017-12-30 02:23 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\AMD
      2017-12-30 01:16 - 2017-12-30 01:17 - 000003152 _____ C:\Windows\System32\Tasks\StartCN
      2017-12-30 01:16 - 2017-12-30 01:17 - 000003066 _____ C:\Windows\System32\Tasks\StartDVR
      2017-12-30 01:16 - 2017-12-30 01:16 - 000000000 ____D C:\Program Files (x86)\AMD
      2017-12-30 01:15 - 2017-12-30 01:15 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
      2017-12-30 00:06 - 2017-12-30 00:06 - 000000000 ____D C:\Users\usuario\AppData\Local\RadeonInstaller
      2017-12-30 00:04 - 2017-12-30 00:06 - 025900000 _____ (AMD Inc.) C:\Users\usuario\Downloads\radeon-software-adrenalin-17.12.1-minimalsetup-171211_64bit.exe
      2017-12-29 23:27 - 2017-12-29 23:31 - 083316440 _____ (Malwarebytes ) C:\Users\usuario\Downloads\mb3-setup-35891.35891-3.3.1.2183-1.0.262-1.0.3374.exe
      2017-12-29 19:19 - 2017-12-29 19:19 - 000000000 _____ C:\autoexec.bat
      2017-12-26 13:19 - 2017-12-26 13:18 - 000149344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
      2017-12-26 13:18 - 2017-12-26 13:18 - 000365680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
      2017-12-17 20:59 - 2017-12-17 21:00 - 000000000 ____D C:\Users\usuario\Documents\Battlefield 4
      2017-12-17 20:59 - 2017-12-17 20:59 - 000000000 ____D C:\ProgramData\Electronic Arts
      2017-12-15 17:20 - 2017-12-15 17:20 - 000001235 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
      2017-12-15 17:19 - 2017-12-15 17:19 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
      2017-12-06 18:28 - 2017-12-06 18:28 - 011771056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
      2017-12-06 18:28 - 2017-12-06 18:28 - 009574032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
      2017-12-06 18:28 - 2017-12-06 18:28 - 000161344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
      2017-12-06 18:28 - 2017-12-06 18:28 - 000143864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
      2017-12-06 18:28 - 2017-12-06 18:28 - 000009936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
      2017-12-06 18:27 - 2017-12-06 18:27 - 013172832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
      2017-12-06 18:27 - 2017-12-06 18:27 - 001554952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
      2017-12-06 18:27 - 2017-12-06 18:27 - 000173216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
      2017-12-06 18:26 - 2017-12-06 18:26 - 000547208 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
      2017-12-06 18:26 - 2017-12-06 18:26 - 000470920 _____ C:\Windows\system32\dgtrayicon.exe
      2017-12-06 18:26 - 2017-12-06 18:26 - 000461192 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
      2017-12-06 18:26 - 2017-12-06 18:26 - 000449416 _____ C:\Windows\system32\GameManager64.dll
      2017-12-06 18:26 - 2017-12-06 18:26 - 000357256 _____ C:\Windows\SysWOW64\GameManager32.dll
      2017-12-06 18:26 - 2017-12-06 18:26 - 000155688 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
      2017-12-06 18:26 - 2017-12-06 18:26 - 000149896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
      2017-12-06 18:26 - 2017-12-06 18:26 - 000126848 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
      2017-12-06 18:26 - 2017-12-06 18:26 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
      2017-12-06 18:26 - 2017-12-06 18:26 - 000036232 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
      2017-12-06 18:26 - 2017-12-06 18:26 - 000033160 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 015728520 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 000700296 _____ (AMD) C:\Windows\system32\atieclxx.exe
      2017-12-06 18:25 - 2017-12-06 18:25 - 000536968 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
      2017-12-06 18:25 - 2017-12-06 18:25 - 000475016 _____ (AMD) C:\Windows\system32\atitmm64.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 000472456 _____ (AMD) C:\Windows\system32\atiesrxx.exe
      2017-12-06 18:25 - 2017-12-06 18:25 - 000458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 000405384 _____ C:\Windows\system32\atieah64.exe
      2017-12-06 18:25 - 2017-12-06 18:25 - 000349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
      2017-12-06 18:25 - 2017-12-06 18:25 - 000325512 _____ C:\Windows\SysWOW64\atieah32.exe
      2017-12-06 18:25 - 2017-12-06 18:25 - 000197000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 000170888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 000141704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 000124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 000124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 000115592 _____ (AMD) C:\Windows\system32\atimuixx.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 000078728 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 000068488 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
      2017-12-06 18:25 - 2017-12-06 18:25 - 000067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
      2017-12-06 18:24 - 2017-12-06 18:24 - 015434120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 014318984 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 012924808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 012359216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 011825664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 001055624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 001055624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 000866184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 000694152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 000342920 _____ C:\Windows\system32\clinfo.exe
      2017-12-06 18:24 - 2017-12-06 18:24 - 000163720 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 000111440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 000111440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 000092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 000092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 000072072 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
      2017-12-06 18:24 - 2017-12-06 18:24 - 000065416 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 065593736 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 041693064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
      2017-12-06 18:23 - 2017-12-06 18:23 - 031553416 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 016034696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 002932616 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 002541448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 001232264 _____ (AMD) C:\Windows\system32\coinst_17.50.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 000436616 _____ C:\Windows\system32\amdgfxinfo64.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 000352136 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 000305544 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
      2017-12-06 18:23 - 2017-12-06 18:23 - 000175288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 000153640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 000148360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 000139656 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 000124296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 000120680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 000105736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
      2017-12-06 18:23 - 2017-12-06 18:23 - 000060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
      2017-12-06 18:22 - 2017-12-06 18:22 - 051028872 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
      2017-12-06 18:22 - 2017-12-06 18:22 - 029516680 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
      2017-12-06 18:22 - 2017-12-06 18:22 - 025145224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
      2017-12-06 18:22 - 2017-12-06 18:22 - 013607304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
      2017-12-06 18:22 - 2017-12-06 18:22 - 000543624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
      2017-12-06 18:22 - 2017-12-06 18:22 - 000373640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
      2017-12-06 18:22 - 2017-12-06 18:22 - 000157064 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
      2017-12-06 18:22 - 2017-12-06 18:22 - 000139144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
      2017-12-06 18:22 - 2017-12-06 18:22 - 000135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
      2017-12-06 18:22 - 2017-12-06 18:22 - 000117128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
      2017-12-06 18:01 - 2017-12-06 18:01 - 000846176 _____ C:\Windows\SysWOW64\atiapfxx.blb
      2017-12-06 18:01 - 2017-12-06 18:01 - 000846176 _____ C:\Windows\system32\atiapfxx.blb
      2017-12-06 17:19 - 2017-12-06 17:19 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
      2017-12-06 17:13 - 2017-12-06 17:13 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-01-01 14:52 - 2009-07-13 23:45 - 000020800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-01-01 14:52 - 2009-07-13 23:45 - 000020800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-01-01 14:44 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-12-31 18:14 - 2017-04-24 19:11 - 000065536 _____ C:\Windows\system32\spu_storage.bin
      2017-12-31 17:44 - 2009-07-14 00:08 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
      2017-12-31 13:58 - 2015-10-06 13:56 - 000000000 ____D C:\ProgramData\Origin
      2017-12-31 13:18 - 2017-03-03 11:51 - 000214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
      2017-12-31 13:18 - 2017-03-03 11:51 - 000214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
      2017-12-31 13:16 - 2015-10-06 14:01 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Origin
      2017-12-31 12:45 - 2015-05-05 20:00 - 000000000 ____D C:\Program Files (x86)\Steam
      2017-12-30 21:29 - 2014-03-06 15:15 - 000109296 _____ C:\Users\usuario\AppData\Local\GDIPFONTCACHEV1.DAT
      2017-12-30 21:07 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
      2017-12-30 18:54 - 2015-05-05 20:31 - 000000000 ____D C:\Users\usuario\AppData\Roaming\DAEMON Tools Lite
      2017-12-30 14:39 - 2017-09-18 09:47 - 000000000 ____D C:\Users\usuario\AppData\Local\CrashDumps
      2017-12-30 14:39 - 2015-05-05 20:29 - 000000000 ____D C:\Users\usuario\AppData\Roaming\uTorrent
      2017-12-30 14:39 - 2013-02-22 18:58 - 000000000 ____D C:\Windows\Panther
      2017-12-30 14:22 - 2009-07-13 23:45 - 000416280 _____ C:\Windows\system32\FNTCACHE.DAT
      2017-12-30 02:23 - 2017-07-07 11:57 - 000000000 ____D C:\Users\usuario\AppData\Local\JDownloader 2.0
      2017-12-30 01:22 - 2017-04-24 19:44 - 000000000 ____D C:\Users\usuario\AppData\Local\AMD
      2017-12-30 01:17 - 2017-10-08 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
      2017-12-30 01:11 - 2017-04-24 19:06 - 000000000 ____D C:\Program Files (x86)\VulkanRT
      2017-12-30 00:06 - 2017-05-07 09:03 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
      2017-12-30 00:06 - 2017-04-24 19:00 - 000000000 ____D C:\AMD
      2017-12-29 19:19 - 2013-02-22 12:14 - 000000000 ____D C:\Users\usuario
      2017-12-28 21:24 - 2017-07-09 13:58 - 000000000 ____D C:\Users\usuario\Documents\The Witcher 3
      2017-12-26 13:19 - 2017-08-16 18:26 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
      2017-12-26 13:18 - 2017-11-16 12:55 - 000185096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
      2017-12-26 13:18 - 2017-08-16 18:26 - 000343768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
      2017-12-26 13:18 - 2017-08-16 18:26 - 000321512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
      2017-12-26 13:18 - 2017-08-16 18:26 - 000199448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
      2017-12-26 13:18 - 2017-08-16 18:26 - 000057696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
      2017-12-26 13:18 - 2015-05-05 18:24 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
      2017-12-26 13:18 - 2014-03-06 15:20 - 001025176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
      2017-12-26 13:18 - 2014-03-06 15:20 - 000457400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2017-12-26 13:18 - 2014-03-06 15:20 - 000358672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
      2017-12-26 13:18 - 2014-03-06 15:20 - 000204456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
      2017-12-26 13:18 - 2014-03-06 15:20 - 000146664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2017-12-26 13:18 - 2014-03-06 15:20 - 000110336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
      2017-12-26 13:18 - 2014-03-06 15:20 - 000084384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
      2017-12-20 19:30 - 2017-01-07 19:29 - 000000000 ____D C:\Program Files (x86)\Origin
      2017-12-17 21:15 - 2017-06-08 12:13 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
      2017-12-17 21:13 - 2017-06-08 12:13 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
      2017-12-17 21:05 - 2017-03-05 19:40 - 000076152 _____ C:\Windows\system32\PnkBstrA.exe
      2017-12-15 17:20 - 2009-07-14 00:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
      2017-12-15 17:19 - 2017-03-03 11:51 - 000076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
      2017-12-09 20:24 - 2015-07-29 14:22 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-12-06 18:28 - 2017-09-01 19:31 - 000196400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
      2017-12-06 18:28 - 2017-09-01 19:31 - 000009936 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
      2017-12-06 18:27 - 2017-09-01 19:31 - 015969336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
      2017-12-06 18:27 - 2017-09-01 19:31 - 001960760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
      2017-12-06 18:25 - 2017-04-10 12:31 - 000224136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
      2017-12-06 18:25 - 2017-04-10 12:31 - 000144776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
      2017-12-06 18:24 - 2017-04-10 12:31 - 001462664 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
      2017-12-06 18:22 - 2017-04-10 12:29 - 035687304 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll

      Some files in TEMP:
      ====================
      2017-12-29 23:14 - 2017-12-29 23:14 - 000043520 ____N () C:\Users\usuario\AppData\Local\Temp\proxy_vole515027273509687545.dll
      2017-12-29 23:14 - 2017-12-29 23:14 - 000043520 ____N () C:\Users\usuario\AppData\Local\Temp\proxy_vole6772308213071147216.dll
      2017-12-29 23:14 - 2017-12-29 23:14 - 000043520 ____N () C:\Users\usuario\AppData\Local\Temp\proxy_vole7163970891527982913.dll

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-12-30 00:46

      ==================== End of FRST.txt ============================

    7. #17
      Usuario Avatar de redblitz
      Registrado
      dic 2017
      Ubicación
      Colombia
      Mensajes
      13

      Re: Ayuda para eliminar hbpix

      Addition

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.01.2018
      Ran by usuario (01-01-2018 15:02:34)
      Running from C:\Users\usuario\Desktop
      Windows 7 Professional Service Pack 1 (X64) (2013-02-22 17:14:18)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-2000995180-2305491754-1873863449-500 - Administrator - Disabled)
      Invitado (S-1-5-21-2000995180-2305491754-1873863449-501 - Limited - Disabled)
      usuario (S-1-5-21-2000995180-2305491754-1873863449-1000 - Administrator - Enabled) => C:\Users\usuario

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
      AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      . . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden
      . . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
      µTorrent (HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\uTorrent) (Version: 3.4.2.32691 - BitTorrent Inc.)
      Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
      Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
      Adobe Reader XI (11.0.10) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
      AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
      Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
      Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
      Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
      Curse (HKLM-x32\...\{75080CC9-4C7A-45C4-B149-9C2790FA88F6}) (Version: 6.0.0.0 - Curse)
      DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.0.0.0054 - Disc Soft Ltd)
      DRAGON BALL XENOVERSE 2 (HKLM-x32\...\DRAGON BALL XENOVERSE 2_is1) (Version: - )
      ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
      Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
      Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4414 - Intel Corporation)
      Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
      Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
      Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
      Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
      JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
      Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
      Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
      Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
      MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
      NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
      Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.)
      Paquete de idioma de Microsoft .NET Framework 4.5 ESN (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50709 - Microsoft Corporation)
      PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
      Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29070 - Realtek Semiconductor Corp.)
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.68.201.2013 - Realtek)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
      RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
      SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
      Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
      Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
      The Witcher 3: Wild Hunt Game of the Year Edition (HKLM\...\dGhld2l0Y2hlcjN3aWxkaHVudA_is1) (Version: 1 - )
      Uplay (HKLM-x32\...\Uplay) (Version: 40.0 - Ubisoft)
      Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
      Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-7) (Version: 1.0.39.1 - LunarG, Inc.)
      Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
      Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Hidden
      Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-4) (Version: 1.0.54.0 - LunarG, Inc.)
      Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
      Winamp (HKLM-x32\...\Winamp) (Version: 5.6 - Nullsoft, Inc)
      WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-2000995180-2305491754-1873863449-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-26] (AVAST Software)
      ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-26] (AVAST Software)
      ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-26] (AVAST Software)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-26] (AVAST Software)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-12-06] (Advanced Micro Devices, Inc.)
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
      ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-05-12] (Intel Corporation)
      ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-26] (AVAST Software)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {36D2FA5A-29D1-4B0C-982E-1F6AD7E7FD2D} - System32\Tasks\{073E5579-DAA6-419E-8C57-313C9BEF22A5} => C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
      Task: {45AB245D-F4B7-4005-9148-10C0D3A7562A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2017-12-06] (Advanced Micro Devices, Inc.)
      Task: {5E8014E8-7B4A-4BE7-B8AA-7B3737A434D1} - System32\Tasks\{8DD469CB-CE13-4BE0-80FA-697F848E7851} => C:\Riot Games\League of Legends\lol.launcher.exe
      Task: {63846205-4335-4B3E-977D-5824615C4BB0} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-12-06] (Advanced Micro Devices, Inc.)
      Task: {6801E50B-DF74-4242-B5C8-8D4DBDFDEEB2} - System32\Tasks\{08B902D8-2719-4F57-9B87-E79A28F3F8CE} => C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
      Task: {687DC443-8934-4C46-9FED-CFE5D27E4390} - System32\Tasks\{648C7F31-F50A-417A-BE1C-FB847C22FF63} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\Downloads\raidcall.exe -d C:\Users\usuario\Downloads
      Task: {699F907D-1608-4D43-8939-63A502587B4A} - System32\Tasks\{4969D6AC-6F09-4AAD-B5C4-0A0EAA5AD733} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\Downloads\jxpiinstall.exe -d C:\Users\usuario\Downloads
      Task: {84AA527D-2F27-4CFE-8376-1844197224BC} - System32\Tasks\SafeZone scheduled Autoupdate 1462640030 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
      Task: {876CD40B-C55A-46A8-98D1-C0517DCAC1A2} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      Task: {8A8C40A1-525A-49DF-9BD2-613FEF313717} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
      Task: {8FEE8B3E-C832-4AA5-B51E-6D5788BAF704} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
      Task: {9579F8F4-A367-452C-874E-7F849EFA37A9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-26] (AVAST Software)
      Task: {95BE9B5A-CDEE-4AB6-994D-DE724EC63F2D} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
      Task: {9D30406F-A882-464B-9F61-FC6F9098E1E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-26] (Google Inc.)
      Task: {C83333CE-E936-434E-A945-85D29E2669F9} - System32\Tasks\{B5A26E4E-D296-4AA9-BEDA-0638AA756033} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\Downloads\jxpiinstall(2).exe -d C:\Users\usuario\Downloads
      Task: {D7AD7987-6676-4D69-8ACC-600C6FD27BC5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2017-12-09] (AVAST Software)
      Task: {DB656A63-4A5F-4630-A383-8F7C944D98ED} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
      Task: {E4EC7F16-1BAF-4A8C-B325-B816D888ED4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-26] (Google Inc.)
      Task: {EA67CF82-9E75-4034-9090-2AD7EAE298A9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
      Task: {FA7C0519-A9EB-4498-9469-8CC8D728D09C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
      Task: {FFD6107A-C6EE-4206-9A27-43A54F4802B3} - System32\Tasks\{06BDCF04-2DDD-4188-B64D-08BDCBE0F61D} => D:\CLOS2\Castlevania Lords of Shadow 2\bin\CLOS2.exe

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2017-03-05 19:40 - 2017-12-17 21:05 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe
      2016-06-08 18:04 - 2016-06-08 18:04 - 000117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
      2016-06-08 18:04 - 2016-06-08 18:04 - 000256152 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\analyzer.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000067920 _____ () c:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000067984 _____ () C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000236840 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000902824 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000349568 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
      2010-01-30 02:40 - 2010-01-30 02:40 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
      2017-07-22 00:55 - 2017-07-22 00:55 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
      2017-07-22 00:55 - 2017-07-22 00:55 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
      2017-12-09 20:24 - 2017-12-05 23:24 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libglesv2.dll
      2017-12-09 20:24 - 2017-12-05 23:24 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libegl.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000196248 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000745408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000148936 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000293944 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
      2018-01-01 14:45 - 2018-01-01 14:45 - 005767312 _____ () C:\Program Files\AVAST Software\Avast\defs\18010102\algo.dll
      2017-08-16 18:25 - 2017-08-16 18:25 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2017-12-26 13:18 - 2017-12-26 13:18 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-07-13 21:34 - 2009-06-10 16:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: 190.157.8.33 - 190.157.8.1
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
      MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
      MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
      MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
      MSCONFIG\startupreg: YouCam Service => "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
      FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
      FirewallRules: [{3BBBAF26-86CA-49F3-8902-9FD200720E51}] => (Allow) G:\UTILIDADES\KMSpico 9.1.3 Final\KMSpico 9.1.3 Final_Portable\AutoPico.exe
      FirewallRules: [{111686BA-E347-41F5-A48A-2CB68351A103}] => (Allow) G:\UTILIDADES\KMSpico 9.1.3 Final\KMSpico 9.1.3 Final_Portable\AutoPico.exe
      FirewallRules: [{3431CC84-C206-4B8D-BF43-DCB4284A03E2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{1B3D4A88-0C27-4088-97C4-15E73C2711BC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{C2C001EE-120C-40DF-ABF9-7ABE3DE4A82A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
      FirewallRules: [{B3434D1B-9325-48D5-BEC6-2C4DEFD2BB8A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{93110C93-DB18-4E20-83BB-8A6AB8A6EDC7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{38FF15D8-76DF-4306-8BEA-22EC927993E2}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\updates\3.4.9_43085.exe
      FirewallRules: [{2C3C4EA7-706A-4025-952E-EECF147C8F5D}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\updates\3.4.9_43085.exe
      FirewallRules: [{315C78E3-5D01-42D4-B888-C93FEF0A3DAA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
      FirewallRules: [{C5A2ABEF-86D2-401F-8DB3-A9E0B97FF5C1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
      FirewallRules: [{890BBB44-0F4F-4030-BA4E-F44282EB2074}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
      FirewallRules: [{87F0AFF9-1CC7-40D3-980B-1D39AFE871FD}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
      FirewallRules: [TCP Query User{B41DF012-B91F-43F6-8420-CA3717BEA276}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
      FirewallRules: [UDP Query User{B2A139A6-3A54-429D-B1F9-04E55C6A7162}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
      FirewallRules: [{4C8444A2-1809-4FCC-BC59-29DF0A20F88B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
      FirewallRules: [{3F669FCB-5D0B-45F3-AE6A-E6D1A3B641BB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
      FirewallRules: [{9B48D8A7-CB58-4378-9CD0-ECF7ADF7B13E}] => (Allow) D:\SteamLibrary\steamapps\common\My Summer Car\mysummercar.exe
      FirewallRules: [{ED84D6E5-1112-4279-AEE1-28B0EB374AEF}] => (Allow) D:\SteamLibrary\steamapps\common\My Summer Car\mysummercar.exe
      FirewallRules: [{D60A04A4-68B0-4DAD-928A-AC0C7EEB7015}] => (Allow) D:\SteamLibrary\steamapps\common\Assassin's Creed Unity\ACU.exe
      FirewallRules: [{9EEC160F-F141-4964-9021-0A3CC818F329}] => (Allow) D:\SteamLibrary\steamapps\common\Assassin's Creed Unity\ACU.exe
      FirewallRules: [{CBEBE4D7-DA1C-49C4-AF7D-47E832B2052E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{4F4BC3A1-9C81-4150-A63F-222235713C87}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
      FirewallRules: [{976F63CB-39B9-42A1-8C96-84669340D83B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
      FirewallRules: [{357277F1-0556-421D-9745-B9E93D39A63D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
      FirewallRules: [{E2FBEE73-AAE9-4E30-8A5C-E31BFB4E0E7D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
      FirewallRules: [{AD44F1F3-0B0C-4D29-899E-AB2CCB31AF32}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
      FirewallRules: [{27D85792-6F99-4CD8-BE8F-EB5CC6541E8F}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
      FirewallRules: [{BF3B7E42-18FD-4A65-9A23-A40ACEC9D8B5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
      FirewallRules: [{8CAABBA4-4293-47D0-8319-74B1C7426821}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
      FirewallRules: [{A07B9554-D8BC-4847-AA09-5B731C777C00}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
      FirewallRules: [{C3EB7478-9B5B-48CA-ADFB-37109B05DBC9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe

      ==================== Restore Points =========================

      30-12-2017 22:43:50 Se ha instalado DirectX

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (01/01/2018 02:46:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
      Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
      .

      Error: (01/01/2018 02:46:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
      Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
      .

      Error: (01/01/2018 02:46:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
      Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
      .

      Error: (01/01/2018 02:46:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
      Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
      .

      Error: (01/01/2018 02:45:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
      Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
      .

      Error: (12/31/2017 06:13:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
      Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
      .

      Error: (12/31/2017 06:13:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
      Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
      .

      Error: (12/31/2017 06:13:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
      Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
      .

      Error: (12/31/2017 06:13:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
      Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
      .

      Error: (12/31/2017 06:11:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
      Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
      .


      System errors:
      =============
      Error: (12/30/2017 10:51:57 PM) (Source: cdrom) (EventID: 7) (User: )
      Description: El dispositivo, \Device\CdRom0, tiene un bloque defectuoso.

      Error: (12/30/2017 06:42:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (12/30/2017 06:42:00 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (12/30/2017 06:41:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) HD Graphics Control Panel Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (12/30/2017 06:41:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (12/30/2017 06:41:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

      Error: (12/30/2017 06:41:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (12/30/2017 06:41:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) ME Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (12/30/2017 06:41:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Intel(R) Capability Licensing Service Interface terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

      Error: (12/30/2017 06:41:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio AMD External Events Utility se terminó de manera inesperada. Esto ha sucedido 1 veces.


      CodeIntegrity:
      ===================================
      Date: 2016-09-20 19:38:43.344
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\aswHdsKe.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

      Date: 2016-09-20 19:38:43.342
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\aswHdsKe.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

      Date: 2016-01-24 16:00:04.001
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

      Date: 2016-01-24 16:00:03.970
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

      Date: 2016-01-24 15:54:24.674
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

      Date: 2016-01-24 15:54:24.642
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

      Date: 2016-01-24 15:50:50.789
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

      Date: 2016-01-24 15:50:50.756
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

      Date: 2016-01-24 15:33:15.405
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

      Date: 2016-01-24 15:33:15.375
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
      Percentage of memory in use: 64%
      Total physical RAM: 4035.81 MB
      Available physical RAM: 1441.99 MB
      Total Virtual: 8069.8 MB
      Available Virtual: 4252.85 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:195.31 GB) (Free:102.83 GB) NTFS ==>[drive with boot components (obtained from BCD)]
      Drive d: () (Fixed) (Total:736.2 GB) (Free:571.99 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (Size: 931.5 GB) (Disk ID: 00001131)
      Partition 1: (Active) - (Size=195.3 GB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=736.2 GB) - (Type=05)

      ==================== End of Addition.txt ============================

    8. #18
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.569

      Re: Ayuda para eliminar hbpix

      Hola

      Sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

      • Para hacerlo descarga >> DelFix en tu escritorio.
        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca unicamente la casilla "Create registry backup".
      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación inicia tu equipo desde el >> Modo Seguro de Windows con función de red.

      Si tu SO es Windows 8/8.1/10 usa el 2º MÉTODO: de esta Faq de Windows 8 (aplicable a Windows 10) >> ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.


      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {29ca20c9-7d7e-11e2-8b45-806e6f6e6963} - E:\setup.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {5b332615-4078-11e5-ad37-d05099441164} - F:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {5b3326f3-4078-11e5-ad37-d05099441164} - F:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {74b1a107-f7ef-11e4-8060-d05099441164} - F:\setup.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {d9e1238b-11ed-11e5-bf9d-d05099441164} - F:\setup.exe
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
      S3 clwvd; system32\DRIVERS\clwvd.sys [X]
      S3 dump_wmimmc; \??\C:\Program Files (x86)\NCSOFT\BnS\bin\GameGuard\dump_wmimmc.sys [X]
      2017-12-30 19:58 - 2017-12-30 19:58 - 000000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      2017-12-29 23:14 - 2017-12-29 23:14 - 000043520 ____N () C:\Users\usuario\AppData\Local\Temp\proxy_vole515027273509687545.dll
      2017-12-29 23:14 - 2017-12-29 23:14 - 000043520 ____N () C:\Users\usuario\AppData\Local\Temp\proxy_vole6772308213071147216.dll
      2017-12-29 23:14 - 2017-12-29 23:14 - 000043520 ____N () C:\Users\usuario\AppData\Local\Temp\proxy_vole7163970891527982913.dll
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File 
      
      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Pon el reporte y comenta como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #19
      Usuario Avatar de redblitz
      Registrado
      dic 2017
      Ubicación
      Colombia
      Mensajes
      13

      Re: Ayuda para eliminar hbpix

      Hola, el pc ha estado funcionando con bastante normalidad, cabe resaltar que el sitio donde se descargo por ultima vez hbpix estaba recomendando distintos programas que ni conocía, al parecer era otro de esos sitios "truchos" por así decirlo.

      El reporte es el siguiente:

      Fix result of Farbar Recovery Scan Tool (x64) Version: 01.01.2018
      Ran by usuario (01-01-2018 20:58:22) Run:1
      Running from C:\Users\usuario\Desktop
      Loaded Profiles: usuario (Available Profiles: usuario)
      Boot Mode: Safe Mode (with Networking)
      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {29ca20c9-7d7e-11e2-8b45-806e6f6e6963} - E:\setup.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {5b332615-4078-11e5-ad37-d05099441164} - F:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {5b3326f3-4078-11e5-ad37-d05099441164} - F:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {74b1a107-f7ef-11e4-8060-d05099441164} - F:\setup.exe
      HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\...\MountPoints2: {d9e1238b-11ed-11e5-bf9d-d05099441164} - F:\setup.exe
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
      S3 clwvd; system32\DRIVERS\clwvd.sys [X]
      S3 dump_wmimmc; \??\C:\Program Files (x86)\NCSOFT\BnS\bin\GameGuard\dump_wmimmc.sys [X]
      2017-12-30 19:58 - 2017-12-30 19:58 - 000000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      2017-12-29 23:14 - 2017-12-29 23:14 - 000043520 ____N () C:\Users\usuario\AppData\Local\Temp\proxy_vole515027273509687545.dll
      2017-12-29 23:14 - 2017-12-29 23:14 - 000043520 ____N () C:\Users\usuario\AppData\Local\Temp\proxy_vole6772308213071147216.dll
      2017-12-29 23:14 - 2017-12-29 23:14 - 000043520 ____N () C:\Users\usuario\AppData\Local\Temp\proxy_vole7163970891527982913.dll
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      *****************

      Error: Restore point can only be created in normal mode.
      Processes closed successfully.
      "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
      "HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => removed successfully
      "HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29ca20c9-7d7e-11e2-8b45-806e6f6e6963}" => removed successfully
      HKLM\Software\Classes\CLSID\{29ca20c9-7d7e-11e2-8b45-806e6f6e6963} => key not found
      "HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b332615-4078-11e5-ad37-d05099441164}" => removed successfully
      HKLM\Software\Classes\CLSID\{5b332615-4078-11e5-ad37-d05099441164} => key not found
      "HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b3326f3-4078-11e5-ad37-d05099441164}" => removed successfully
      HKLM\Software\Classes\CLSID\{5b3326f3-4078-11e5-ad37-d05099441164} => key not found
      "HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74b1a107-f7ef-11e4-8060-d05099441164}" => removed successfully
      HKLM\Software\Classes\CLSID\{74b1a107-f7ef-11e4-8060-d05099441164} => key not found
      "HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9e1238b-11ed-11e5-bf9d-d05099441164}" => removed successfully
      HKLM\Software\Classes\CLSID\{d9e1238b-11ed-11e5-bf9d-d05099441164} => key not found
      "HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
      "HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
      CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13] => Error: No automatic fix found for this entry.
      "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => removed successfully
      "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
      "HKLM\System\CurrentControlSet\Services\clwvd" => removed successfully
      clwvd => service removed successfully
      "HKLM\System\CurrentControlSet\Services\dump_wmimmc" => removed successfully
      dump_wmimmc => service removed successfully
      C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
      C:\Users\usuario\AppData\Local\Temp\proxy_vole515027273509687545.dll => moved successfully
      C:\Users\usuario\AppData\Local\Temp\proxy_vole6772308213071147216.dll => moved successfully
      C:\Users\usuario\AppData\Local\Temp\proxy_vole7163970891527982913.dll => moved successfully
      "HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
      HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found

      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows

      Error al renovar la interfaz Conexi¢n de *rea local 5: no se puede establecer contacto con el
      servidor DHCP. La solicitud super¢ el tiempo de espera.

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0 [ 7.5.7601 ]
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      Unable to connect to BITS - 0x8007042c

      ========= End of CMD: =========


      ========= RemoveProxy: =========

      "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
      "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
      "HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
      "HKU\S-1-5-21-2000995180-2305491754-1873863449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


      ========= End of RemoveProxy: =========

      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      =========== EmptyTemp: ==========

      BITS transfer queue => 0 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18793519 B
      Java, Flash, Steam htmlcache => 566895826 B
      Windows/system/drivers => 13180500 B
      Edge => 0 B
      Chrome => 421710864 B
      Firefox => 10835440 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Users => 0 B
      Default => 0 B
      Public => 0 B
      ProgramData => 0 B
      systemprofile => 66356 B
      systemprofile32 => 66088 B
      LocalService => 0 B
      NetworkService => 66228 B
      usuario => 7538733 B

      RecycleBin => 0 B
      EmptyTemp: => 991 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 21:00:41 ====

    10. #20
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.569

      Re: Ayuda para eliminar hbpix

      Hola

      Se solucionó el problema?

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.