archivo modificado, posiblemente por un virus

[jtres]

Hola, veo que el problema no es nuevo, pero al mismo tiempo veo que las soluciones son más bien particulares a cada uno. Les acabo de enviar el archivo elistara infectado por correo asi como la explicacion de lo sucedido que anoto aquí.



Desde hace varios dias, algo está fallando gravemente en el pc. Es un portable

asus S550CM con W8 incluido; no tengo ninguna clase de disco de instalacion. Ahora parece que vienen así.

Creo recordar que todo empieza hace como una semana que tuve que desinstalar IDM porque me cansé que me dijera que era un fake. No recuerdo porqué, buscando soluciones instalé un problema nefasto, YAC, que añadió mas problemas a los que ya tenia.Me costó desinstalarlo y no estoy seguro que lo esté completamente. El problema se acentúa cuando mi avira me anuncia sin cesar que un programa intenta modificar el registro pero sin indicarme qué programa. Me pide un escaneo y no encuentra nada. Superantispyware, malwarebytes, no encuentran nada así igual que Avira.Ante el deterioro del pc intento eset on line que encuentra alguna cosa pero no me decido a desinstalar nada, lo único raro es que enuentra un trojan en el archivos host. les añadiré el reporte de eset luego; los programas del reporte los eliminé todos menos el archivo host y el unlocker que creo que es un falso positivo. En TotalVirus solo Eset y Qihoo encuentran en el archivo host algo raro. Traté de usar el ElistarA y la respuesta era "archivo modificado posiblemente por un virus contacte con satinfo" Los comentarios nada buenos aconsejavan pasar a modo seguro mientras se aclaran las cosas. Paso a modo seguro y pruebo con dr Web qu me obliga a desinstalar el avira y luego me sale con que "El motor de filtrado de base (BFE) no está instalado o está dañado"; pruebo con el capersky online, empieza y simplemente se termina sin decir nada; probé varias veces y nada. Entonces se me ocurrió hacer un logo de hijackthis y el resultado fue lo que me decidió a pedirles socorro; hay demasiadas cosas "Unknown owner" y "file missing" para que esto sea normal. A pesar de estar bajo modo seguro. Les añado el logo de eset y el log de hijack. Espero poder salvar algo de todo esto.



El logo de Eset en modo normal:

D:\Downloads\DLL-Files.com Fixer\DLL-Files Fixer 3.2.81.3050.7z a variant of Win32/Systweak potentially unwanted application

D:\Downloads\DLL-Files.com Fixer\DLL-Files Fixer 3.2.81.3050\DLL-Files Fixer 3.2.81.3050\Setup.exe a variant of Win32/Systweak potentially unwanted application

D:\Downloads\FlashFXP\bon_FlashFXP v5.1.3817 + Portable [Multi] [MG].rar Win32/Spy.Weecnaw.A trojan

D:\Downloads\IDM\IDM\IDM\IDM 6.23 build 9 Setup + Universal Web V3\IDM Speed Booster.exe a variant of Win32/Adware.MultiPlug.GX application

D:\Downloads\WinMail_progs\UniOptimizer\UniOpt_Setup.exe a variant of Win32/AdWare.RegTweaker.A application

D:\Maconfig.com\antivirus\yet_another_cleaner_nee.exe a variant of Win32/ELEX.CC potentially unwanted application

D:\Mis documentos\hosts_avril_2015.txt Win32/Qhost trojan

D:\Progs Basicos\unlocker.rar a variant of Win32/Toolbar.Babylon.E potentially unwanted application

D:\Progs Basicos\Browsers-correo\hosts2.txt Win32/Qhost trojan

D:\Progs Basicos\unlocker\unlocker\Unlocker1.9.2.exe a variant of Win32/Toolbar.Babylon.E potentially unwanted application

----

El logo de Eset en modo seguro:

D:\$RECYCLE.BIN\S-1-5-21-1208357557-3212375012-4182987995-1002\$RO3UHYI.rar Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

D:\$RECYCLE.BIN\S-1-5-21-1208357557-3212375012-4182987995-1002\$RTOB306.5075\CCleaner 5.01.5075\CCleaner 5.01.5075.7z Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

D:\$RECYCLE.BIN\S-1-5-21-1208357557-3212375012-4182987995-1002\$RTOB306.5075\CCleaner 5.01.5075\CCleaner 5.01.5075\CCleaner 5.01.5075\Setup.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

D:\$RECYCLE.BIN\S-1-5-21-1208357557-3212375012-4182987995-1002\$RTOB306.5075\CCleaner 5.01.5075\CCleaner 5.01.5075\CCleaner 5.01.5075\·Medicinas (Haz Doble Clic).rar Win32/Keygen.KG potentially unsafe application deleted - quarantined

D:\$RECYCLE.BIN\S-1-5-21-1208357557-3212375012-4182987995-1002\$RTOB306.5075\CCleaner 5.01.5075\CCleaner 5.01.5075\CCleaner 5.01.5075\·Medicinas (Haz Doble Clic)\·Medicinas (Haz Doble Clic)\Keymaker-CORE.7z Win32/Keygen.KG potentially unsafe application deleted - quarantined

D:\$RECYCLE.BIN\S-1-5-21-1208357557-3212375012-4182987995-1002\$RTOB306.5075\CCleaner 5.01.5075\CCleaner 5.01.5075\CCleaner 5.01.5075\·Medicinas (Haz Doble Clic)\·Medicinas (Haz Doble Clic)\Keymaker-CORE\cr-pirfm.exe Win32/Keygen.KG potentially unsafe application deleted - quarantined

D:\antivirus\Auslogics BoostSpeed Premium 7.7.0.0.7z Win32/Keygen.KE potentially unsafe application deleted - quarantined

D:\Downloads\Defraggler\dfsetup218.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

D:\Downloads\IDM\IDM.rar multiple threats deleted - quarantined

D:\Mis documentos\hosts_avril_2015.txt Win32/Qhost trojan cleaned by deleting - quarantined

D:\Progs Basicos\Browsers-correo\hosts2.txt Win32/Qhost trojan cleaned by deleting - quarantined

D:\Progs Basicos\Browsers-correo\WinRAR 5.20\WinRAR 5.20\·Medicinas (Haz Doble Clic)\·Medicinas (Haz Doble Clic)\Keygen FFF\WinRAR.v5.01_KEYGEN-FFF.exe a variant of Win32/Keygen.AI potentially unsafe application deleted - quarantined

---------

El logo de hijackthis:

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 23:44:28, on 10/04/2015

Platform: Unknown Windows (WinNT 6.03.1408)

MSIE: Unable to get Internet Explorer version!



FIREFOX: 37.0.1 (x86 es-ES)

Boot mode: Safe mode



Running processes:

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

D:\antivirus\HijackThis.exe

C:\WINDOWS\SysWOW64\NOTEPAD.EXE

C:\WINDOWS\SysWOW64\NOTEPAD.EXE

C:\WINDOWS\SysWOW64\NOTEPAD.EXE



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon

O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun

O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\RunOnce: [Dr.Web Setup] "D:\antivirus\drweb-1000-win-space.exe"

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Guardar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html

O8 - Extra context menu item: Mostrar Barra de Herramientas - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html

O8 - Extra context menu item: Personalizar Menú - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Rellenar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html

O9 - Extra button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra 'Tools' menuitem: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra 'Tools' menuitem: Guardar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra 'Tools' menuitem: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://*.ma-config.com

O15 - Trusted Zone: http://*.touslesdrivers.com

O17 - HKLM\System\CCS\Services\Tcpip\..\{ED32B43B-F391-4A63-8E38-A5BC4E802CA7}: NameServer = 209.244.0.3,209.244.0.4

O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @oem4.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)

O23 - Service: @oem4.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)

O23 - Service: @oem4.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyLpmService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe

O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\GeofenceMonitorService.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: Ma-Config Agent (MaConfigAgent) - Unknown owner - C:\Program Files\ma-config.com\MaConfigAgent.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vmicres.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: ASUS Wake Service (WakeupService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe

O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe



--

End of file - 28170 bytes

[msc hotline sat]

Se ven muchos servicios sospechosos como este



O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe



Pudiera ser que el SVCHOST.EXE que utiliza no sea el original, por lo que no estaria demas que tambien nos lo enviara para analizarlo.



El lunes, de vuelta al trabajo en SATINFO, analizaremos el ELISTARA modificado, que dice habernos enviado y este otro, e informarmos del,resultado.



Saludos



ms, q11-4-2015

[jtres]

gracies per responder. Supongo que te refieres al archivo svchost que está ubicado en system32. Al parecer hay dos svchost uno en el propio S32 y otro en la carpeta S32/fr-FR que termina en mui. El portable originalmente viene en francés y luego yo lo paso a español. tal vez sea la razón. Te mando ambos; el del S32 pesa 38Ko y el de la carpeta fr-Fr 2Ko. Los comprimo con rar juntos para enviarlos con la clave infected y cuando pruebo a abrirlos me da "Error en la suma de control el fichero codificado svchost_exe_mui\svchost.exe.mui.Fichero dañado o contraseña incorrecta". Comprimiéndolos en zip(?) funciona bien. Tambien te notifico que despues de probar con delpsguard que me restauró el archivo host y pasar el archivo winsock probé en modo normal de instalar dr.web y funcionó, pero no encontró nada aparte de borrarme el archivo fileassasine que consideraba como el trojan.vbcrypt.150. De todas maneras el elistara sigue diciendo que el archivo está modificado y el elitrip, como el elibagle, me dan un error "Acceso denegado al usuario: "ULL2"" aunque luego me deja escanear.
He aquí por si acaso os fuera útil el logo del elibagle del elitrip y del JRT que tambien probé:

(10-4-2015 15:14:51 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: ULL2
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1001

Lista de Acciones (por Acción Directa):
Acceso Denegado al Usuario.

(10-4-2015 15:14:51 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: porjuan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1002

Lista de Acciones (por Acción Directa):

(10-4-2015 15:14:53 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003

Lista de Acciones (por Acción Directa):

(10-4-2015 15:22:21 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003

Lista de Acciones (por Exploración):
Explorando "C:\"

Nº Total de Directorios: 33934
Nº Total de Ficheros: 203135
Nº de Ficheros Analizados: 25605
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

(10-4-2015 21:27:43 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: ULL2
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1001

Lista de Acciones (por Acción Directa):
Acceso Denegado al Usuario.

(10-4-2015 21:27:43 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: porjuan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1002

Lista de Acciones (por Acción Directa):

(10-4-2015 21:27:43 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003

Lista de Acciones (por Acción Directa):

(10-4-2015 21:28:04 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: ULL2
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1001

Lista de Acciones (por Acción Directa):
Acceso Denegado al Usuario.

(10-4-2015 21:28:04 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: porjuan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1002

Lista de Acciones (por Acción Directa):

(10-4-2015 21:28:04 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003

Lista de Acciones (por Acción Directa):

(10-4-2015 21:37:35 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003

Lista de Acciones (por Exploración):
Explorando "C:\"

Nº Total de Directorios: 33819
Nº Total de Ficheros: 192455
Nº de Ficheros Analizados: 25354
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

(11-4-2015 15:37:33 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: ULL2
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1001

Lista de Acciones (por Acción Directa):
Acceso Denegado al Usuario.

(11-4-2015 15:37:33 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: porjuan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1002

Lista de Acciones (por Acción Directa):

(11-4-2015 15:37:33 (GMT))
EliBagle v14.22 (c)2013 S.G.H. / Satinfo S.L. (Actualizado el 25 de

Marzo del 2013)
----------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.9600)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003

Lista de Acciones (por Acción Directa):

(11-4-2015 15:56:55 (GMT))
EliVBNA v3.69 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 28 de

Noviembre del 2014)
--------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: ULL2
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1001

Lista de Acciones (por Acción Directa):
Acceso Denegado al Usuario.

(11-4-2015 15:56:56 (GMT))
EliVBNA v3.69 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 28 de

Noviembre del 2014)
--------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: porjuan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1002

Lista de Acciones (por Acción Directa):

(11-4-2015 15:56:56 (GMT))
EliVBNA v3.69 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 28 de

Noviembre del 2014)
--------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003

Lista de Acciones (por Acción Directa):

(11-4-2015 16:08:39 (GMT))
EliVBNA v3.69 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 28 de

Noviembre del 2014)
--------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003

Lista de Acciones (por Exploración):
Explorando "C:\"

Nº Total de Directorios: 34443
Nº Total de Ficheros: 199453
Nº de Ficheros Analizados: 26496
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

(11-4-2015 16:16:45 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de

Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: ULL2
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1001
Cadenas Víricas: 1345

Lista de Acciones (por Acción Directa):
Acceso Denegado al Usuario.

(11-4-2015 16:16:46 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de

Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: porjuan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1002
Cadenas Víricas: 1345

Lista de Acciones (por Acción Directa):

(11-4-2015 16:16:47 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de

Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003
Cadenas Víricas: 1345

Lista de Acciones (por Acción Directa):

(11-4-2015 16:20:53 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de

Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003
Cadenas Víricas: 1345

Lista de Acciones (por Exploración):
Explorando "C:\"

Nº Total de Directorios: 34439
Nº Total de Ficheros: 199445
Nº de Ficheros Analizados: 32546
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

(11-4-2015 17:36:59 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de

Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003
Cadenas Víricas: 1345

Lista de Acciones (por Exploración):
Explorando "C:\"

Nº Total de Directorios: 34440
Nº Total de Ficheros: 199446
Nº de Ficheros Analizados: 32547
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

(11-4-2015 22:02:14 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de

Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: ULL2
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1001
Cadenas Víricas: 1345

Lista de Acciones (por Acción Directa):
Acceso Denegado al Usuario.

(11-4-2015 22:02:15 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de

Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: porjuan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1002
Cadenas Víricas: 1345

Lista de Acciones (por Acción Directa):

(11-4-2015 22:02:16 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de

Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003
Cadenas Víricas: 1345

Lista de Acciones (por Acción Directa):

------------------
y el del elitrip:
(11-4-2015 22:18:26 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: ULL2
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1001
Cadenas Víricas: 1345

Lista de Acciones (por Acción Directa):
Acceso Denegado al Usuario.

(11-4-2015 22:18:27 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: porjuan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1002
Cadenas Víricas: 1345

Lista de Acciones (por Acción Directa):

(11-4-2015 22:18:27 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003
Cadenas Víricas: 1345

Lista de Acciones (por Acción Directa):

(11-4-2015 22:19:57 (GMT))
EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de Diciembre del 2014)
---------------------------------------------
Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)
Usuario: Juan
ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003
Cadenas Víricas: 1345

Lista de Acciones (por Exploración):
Explorando "C:\"

Nº Total de Directorios: 34489
Nº Total de Ficheros: 200182
Nº de Ficheros Analizados: 32552
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
--------------
el del JRT (Junkware Removal Tool):
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.3 (04.07.2015:1)
OS: Windows 8.1 x64
Ran by porjuan on 11/04/2015 at 22:58:27,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\WINDOWS\wininit.ini"
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\porjuan\AppData\Roaming\mozilla\firefox\profiles\dc8lg1rj.default-1425258027815\prefs.js

user_pref("extensions.speeddial.thumbnail-1-url", "hxxp://www.google.com/webhp?hl=es");
user_pref("extensions.speeddial.thumbnail-153-url", "hxxp://www.downloadhelper.net/video-search-results.php?quiet=true");
user_pref("extensions.speeddial.thumbnail-223-url", "hxxp://www.google.fr/webhp?lr=&cr=&hl=fr&ie=UTF-8&oe=UTF-8");
user_pref("extensions.speeddial.thumbnail-232-url", "hxxp://www.downloadhelper.net/video-search-results.php?cx=005536796155304041479%3Ahbixpuuu7l8&cof=FORID%3A11&from=dh-famil
user_pref("extensions.speeddial.thumbnail-302-url", "hxxp://www.google.com/webhp?hl=es");
user_pref("extensions.speeddial.thumbnail-307-url", "hxxp://www.google.fr/webhp?lr=&cr=&hl=fr&ie=UTF-8&oe=UTF-8");
user_pref("extensions.speeddial.thumbnail-344-url", "hxxp://www.google.com/webhp?hl=es");
user_pref("extensions.speeddial.thumbnail-350-url", "hxxp://www.google.fr/webhp?lr=&cr=&hl=fr&ie=UTF-8&oe=UTF-8");
user_pref("extensions.speeddial.thumbnail-364-label", "TorrentNews.net");
user_pref("extensions.speeddial.thumbnail-364-url", "hxxp://torrentnews.net/");
user_pref("extensions.speeddial.thumbnail-367-url", "hxxp://tipego.com/");
user_pref("extensions.speeddial.thumbnail-50-url", "hxxp://www.google.com/webhp?hl=es");
user_pref("extensions.speeddial.thumbnail-55-url", "hxxp://www.google.fr/webhp?lr=&cr=&hl=fr&ie=UTF-8&oe=UTF-8");
user_pref("extensions.speeddial.thumbnail-7-url", "hxxp://www.google.fr/webhp?lr=&cr=&hl=fr&ie=UTF-8&oe=UTF-8");
user_pref("extensions.speeddial.thumbnail-92-url", "hxxp://www.google.com/webhp?hl=es");
user_pref("extensions.speeddial.thumbnail-97-url", "hxxp://www.google.fr/webhp?lr=&cr=&hl=fr&ie=UTF-8&oe=UTF-8");
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/04/2015 at 23:01:17,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hasta luego

[msc hotline sat]

Pues mañana los recibiremos y los analizarmos, tras lo cual informaremos.



Sobre los dos SVCHOST, no es normal. El lanzador de tareas de windows original solo esta en la carpeta de sistema, y muchas veces lo duplican, por un malware con su nombre, pero lo pero lo ubican en diferente carpeta, o con un nombre ligeramente diferente, como SCVHOST, VSCHOST, etc, y si ha sido sustutuido por uno infectado, lo veremos al analizarlo.



En cualquier caso puede ser una nueva variante de malware aun no controlado, de los que hay miles a diario...



Mañana sabremos a que atenernos.



Saludos



ms, 12-4-2015

[jtres]

Vale.

Te cuento otra por si ves relacion. Yo uso como correo desde siempre el windows mail por lo simple y facil como el viejo outlook.

Me parecía, pero ahora estoy seguro, que por alguna razón que desconozco o por algo que no sé, se me borran los correos que llegan sin dejar señales. Me explico. En la página de ustedes he tenido que cambiar la direccion electronica pues la página web de la que tenía ya no existe. Al hacer el cambio me pide confirmación del cambio por el correo que se me envía. Veo en Wmail que que se descargan varios correos pero estos no aparecen en ninguna parte Paré el antivirus y igual pare el comodo cortafuegos e igual; lo hice varias veces. Apurado por no tener correo con ustedes tuve que ir a yahoo email para poder verlo y validar el cambio de ese modo. Ahora que me fijo bien, ya me extrañaba que siempre recibo una cantidad enorme de basura que parte directamente a la carpeta de correo no deseado, en principio va todo, luego selecciono los que no deben ir, ahora está siempre limpita. Habrá relación? Chao

[msc hotline sat]

Lo que le esta entrando parece ser el tipico spam, sin que tenga que ver con la posible infeccion que ya tenga.



Y el que desaparezcan algunos de estos mails, puede muy bien ser accion de sus antimalwares, sean antivirus, cortafuegos y demas protectores que tenga instalados, incluidos las protecciones que tienen las nuevas versiones de los actuales navegadores, que todo ayuda.



Pero veremos las muestras que nos ha enviado, a ver si hay suerte y tienen relacion con alguno de sus problemas y lo podemos solucionar...



Saludos



ms, 12-4-2015

RFRPA

[msc hotline sat]

Hemos subido nuevo ELISTARA 32.05



Pruebelo y comentenos el resultado, gracias





saludos



ms, 13-4-2015

[jtres]

Hola, hola, bueno ando bastante desanimado porque el ordenador de torre que tiene W7 tiene los mismos sintomas, cosa que no me extraña por otra parte, pues generalmente uso los mismos programas y hago las mismas actividades.

En W7 conseguí ejecutar el eset, el kapersky, el dr web el elistara y el elipups. Ninguno encontró nada grave; el elipups que al principio me decía que el archivo estaba infectado, al final me sacó que el opera era un programa indeseado y lo desinstalé. De cualquier manera cuando veo el logo de hijackthis en W7 es parecido al del portable con W8.

En el portable con W8 ayer probé de pasar los elistara y el elipups y nada funcionaba, ni internet, comodo firewall tenia una equis de problema de defense(?), los iconos que estaban en la barra de tareas desaparecieron, todos los enlaces a google que tengo en la pagina de inicio de firefos, speed dial, desaparecieron, en fin, un caos. Cerré el portable.

Hoy empecé por descargar de nuevo el elistara y el elipups

El elistara aparte de decirme de entrada que "Acceso Denegado al Usuario:"ULL2"" hizo un escaneo sin mayores problemas.

El elipups se abrió mostrando que no habia "No detectados PUPs conocidos" y la sola opcion era salir. Te mandoe al logo ProgramLog, asi como del elistart y del hijackthis.

Tengo un punto de restauración del 7 de abril y no sé si usarla. Qué me recomiendas.

Aqui los losgos:

(14-4-2015 09:29:34 (GMT))

EliStartPage v32.04 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 10 de Abril del 2015)

------------------------------------------------

Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)

Usuario: ULL2

ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1001

Cadenas Víricas: 23678

Lista de Acciones (por Acción Directa):

Acceso Denegado al Usuario.

(14-4-2015 09:29:43 (GMT))

EliStartPage v32.04 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 10 de Abril del 2015)

--------------------------------------------------

Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)

Usuario: porjuan

ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1002

Cadenas Víricas: 23678

Lista de Acciones (por Acción Directa):

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE

(14-4-2015 09:29:53 (GMT))

EliStartPage v32.04 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 10 de Abril del 2015)

--------------------------------------------------

Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)

Usuario: Juan

ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003

Cadenas Víricas: 23678

Lista de Acciones (por Acción Directa):

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE

(14-4-2015 09:32:41 (GMT))

EliStartPage v32.04 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 10 de Abril del 2015)

--------------------------------------------------

Sistema Operativo: Windows 8.1 (6.3.0) (64 bits)

Usuario: Juan

ID de Usuario: S-1-5-21-1208357557-3212375012-4182987995-1003

Cadenas Víricas: 23678

Lista de Acciones (por Exploración):

Explorando "C:\"

Nº Total de Directorios: 38577

Nº Total de Ficheros: 216952

Nº de Ficheros Analizados: 49936

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0

----------------------------------------



El logo elipups:

(14-4-2015 09:36:19 (GMT))

EliPUPs v2.18 (c)2015 S.G.H. / Satinfo S.L. (Modificado el 10 de Abril del 2015)

-------------------------------------------

Sistema Operativo: Windows 8.1 (6.3.NULL2) NULL2 (64 bits)



Lista de Todos los Programas Instalados.

Descripción -> Cadena de Desinstalación.

----------------------------------------

Windows Driver Package - ASUS (ATP) Mouse (11/09/2012 1.0.0.153) -> C:\PROGRA~1\DIFX\4A7292~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\asustp.inf_amd64_c8afc71cb1fe0404\asustp.inf

CCleaner -> "C:\Program Files\CCleaner\uninst.exe"

Unlocker 1.9.2 -> C:\Program Files\Unlocker\uninst.exe

WinRAR 5.20 (64-bit) -> C:\Program Files\WinRAR\uninstall.exe

ASUS VivoBook -> MsiExec.exe /I{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}

ASUS Screen Saver -> MsiExec.exe /I{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}

Canon MG5200 series MP Drivers -> "C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series\DELDRV64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series /L0x000c

COMODO Firewall -> MsiExec.exe /I{18F14F4B-D8A9-4309-817E-3BC0B7664E53}

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 -> MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}

Intel(R) Rapid Storage Technology -> MsiExec.exe /I{27DEA29A-222C-45F8-B70D-0A7B303FC71B}

ExpressCache -> MsiExec.exe /I{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}

Intel(R) Rapid Storage Technology -> "C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall

Revo Uninstaller Pro 3.1.2 -> "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"

Microsoft Office Office 64-bit Components 2007 -> MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}

Microsoft Office Shared 64-bit MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-002A-0C0A-1000-0000000FF1CE}

Ma-Config.com (64 bits) -> MsiExec.exe /X{914DEF20-C55F-429E-ADC8-9B33237804B6}

ASUS Power4Gear Hybrid -> MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}

PDF-Viewer -> "C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"

Qualcomm Atheros Bluetooth Suite (64) -> MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801}

Microsoft Visual C++ 2005 Redistributable (x64) -> MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}

NVIDIA Pilote graphique 347.71 -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver

NVIDIA GeForce Experience 2.4.1.21 -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience

NVIDIA Logiciel système PhysX 9.14.0702 -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX

SUPERAntiSpyware -> "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"

Intel® Trusted Connect Service Client -> MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}

Intel(R) Rapid Start Technology -> C:\Program Files (x86)\Intel\irstrt\Uninstall\setup.exe -uninstall

Adobe Flash Player 17 NPAPI -> C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_134_Plugin.exe -maintain plugin

RoboForm 7-9-11-5 (All Users) -> "C:\Program Files (x86)\Siber Systems\AI RoboForm\rfwipeout.exe"

ASUS WebStorage Sync Agent -> C:\Program Files (x86)\ASUS\WebStorage Sync Agent\uninst.exe

Battle.net -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=battle.net --displayname="Battle.net"

Canon My Printer -> "C:\Program Files\Canon\MyPrinter\uninst.exe" /UninstallRemove C:\Program Files\Canon\MyPrinter\uninst.ini

Canon Quick Menu -> "C:\Program Files (x86)\Canon\Quick Menu\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Quick Menu\uninst.ini

Canon IJ Network Scan Utility -> "C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSU.exe" /UninstallRemove C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\uninst.ini

Canon IJ Network Tool -> C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe

DelPSGuard versión 5.0.2 -> "C:\Program Files (x86)\DelPSGuard\unins000.exe"

Diablo III -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=esES --uid=diablo3_eses --displayname="Diablo III"

Instalación de DivX -> C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall

EaseUS Partition Master 10.2 Trial Edition -> "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\unins000.exe"

Canon Easy-WebPrint EX -> "C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.ini

ESET Online Scanner v3 -> C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

Intel(R) Dynamic Platform and Thermal Framework -> C:\Program Files (x86)\Intel\Intel(R) Dynamic Platform and Thermal Framework\Uninstall\setup.exe -uninstall

FlashFXP 5 -> "C:\ProgramData\{4E9C0E19-EB2A-4563-B74E-07D2536941E3}\FlashFXP5_Setup.exe" REMOVE=TRUE MODIFY=FALSE

Glary Utilities 5.15 -> C:\Program Files (x86)\Glary Utilities 5\uninst.exe

Google Chrome -> "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

HD Tune Pro 5.50 -> "C:\Program Files (x86)\HD Tune Pro\unins000.exe"

ASUSDVD -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall

IrfanView (remove only) -> "C:\Program Files (x86)\IrfanView\iv_uninstall.exe"

Malwarebytes Anti-Malware versión 2.0.4.1028 -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"

Mozilla Firefox 37.0.1 (x86 es-ES) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"

Mozilla Maintenance Service -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"

Canon MP Navigator EX 4.0 -> "C:\Program Files (x86)\Canon\MP Navigator EX 4.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 4.0\uninst.ini

SpywareBlaster 5.0 -> "C:\Program Files (x86)\SpywareBlaster\unins000.exe"

UltraISO Premium V9.61 -> "C:\Program Files (x86)\UltraISO\unins000.exe"

WMInstall -> "C:\WINDOWS\unins000.exe"

ASUS LifeFrame3 -> MsiExec.exe /X{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}

Qualcomm Atheros Client Installation Program -> "C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -runfromtemp -l0x0409 -removeonly

System Explorer 6.4.0 -> "C:\Program Files (x86)\System Explorer\unins000.exe"

ASUS Smart Gesture -> MsiExec.exe /I{4D3286A6-F6AB-498A-82A4-E4F040529F3D}

ASUS Tutor -> MsiExec.exe /I{58172D66-2F69-4215-9AEC-ED8196023736}

Google Update Helper -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}

Intel(R) Management Engine Components -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall

Microsoft Visual C++ 2005 Redistributable -> MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

Realtek Ethernet Controller Driver -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly

DllTool 1.0 -> "C:\Program Files (x86)\DllTool\1.0\unins000.exe"

WinFlash -> MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}

Microsoft Office Professional Plus 2007 -> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

Microsoft Office Access MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-0015-0C0A-0000-0000000FF1CE}

Microsoft Office Excel MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-0016-0C0A-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-0018-0C0A-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-0019-0C0A-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-001A-0C0A-0000-0000000FF1CE}

Microsoft Office Word MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-001B-0C0A-0000-0000000FF1CE}

Microsoft Office Proof (Catalan) 2007 -> MsiExec.exe /X{90120000-001F-0403-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007 -> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007 -> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Portuguese (Brazil)) 2007 -> MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}

Microsoft Office Proof (Basque) 2007 -> MsiExec.exe /X{90120000-001F-042D-0000-0000000FF1CE}

Microsoft Office Proof (Galician) 2007 -> MsiExec.exe /X{90120000-001F-0456-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007 -> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (Spanish) 2007 -> MsiExec.exe /X{90120000-002C-0C0A-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-0044-0C0A-0000-0000000FF1CE}

Microsoft Office Shared MUI (Spanish) 2007 -> MsiExec.exe /X{90120000-006E-0C0A-0000-0000000FF1CE}

VC80CRTRedist - 8.0.50727.6195 -> MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 -> MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

ATK Package -> MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}

NVIDIA PhysX -> MsiExec.exe /I{B455E95A-B804-439F-B533-336B1635AE97}

Realtek PCIE Card Reader -> "C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly

ASUSDVD -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 -> MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

Intel(R) Processor Graphics -> C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall

Realtek High Definition Audio Driver -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709

Intel(R) SDK for OpenCL - CPU Only Runtime Package -> C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall

Microsoft OneDrive -> C:\Users\porjuan\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\OneDriveSetup.exe /uninstall

Registry Help Pro -> C:\Users\porjuan\AppData\Local\Registry Help Pro\uninstall.exe



Lista de PUPs conocidos.

Descripción -> Cadena de Desinstalación.

----------------------------------------



El logo de hjackthis:

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 11:38:04, on 14/04/2015

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Unable to get Internet Explorer version!



FIREFOX: 37.0.1 (x86 es-ES)

Boot mode: Normal



Running processes:

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE

C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE

C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

C:\WINDOWS\SysWOW64\Notepad.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

C:\IijackZhis\HijackThis.exe



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon

O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun

O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Guardar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html

O8 - Extra context menu item: Mostrar Barra de Herramientas - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html

O8 - Extra context menu item: Personalizar Menú - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Rellenar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html

O9 - Extra button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra 'Tools' menuitem: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra 'Tools' menuitem: Guardar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra 'Tools' menuitem: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @oem4.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)

O23 - Service: @oem4.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)

O23 - Service: @oem4.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyLpmService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe

O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\GeofenceMonitorService.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: Ma-Config Agent (MaConfigAgent) - Unknown owner - C:\Program Files\ma-config.com\MaConfigAgent.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vmicres.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: ASUS Wake Service (WakeupService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe

O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe



--

End of file - 28713 bytes

[msc hotline sat]

El HJT ya no lo usamos, en su lugar ofrecemos soporte sobre el log del SPROCES



Para generarlo, ejecuta el SPROCES y pulsa SALIR, y veras en C:\sproclog.txt DICHO INFORME.



Con un COPIAR Y PEGAR, lo posteas, como respuesta a este Tema, y lo analizaremos





Y afortunadamente, el Windows 8 será sustituido inminentemente por el Windows 10, que muy pronto estará disponible.



saludos



ms, 14-4-2015

[jtres]

Hola e aquí el log de sprocess:



(15-4-2015 11:33:56 GMT)

SProces v8.3 (c)2015 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows 8.1 (v6.3) (64 bits)

Internet Explorer: (v9.11.9600.17690) 0

Equipo: PCJUAN

Usuario: porjuan

Sesión de Usuario: porjuan



103 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WININIT.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\DWM.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\ASLDRSRV.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKGFNEX\GFNEXSRV.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SASCORE64.EXE

C:\WINDOWS\SYSTEM32\ADMINSERVICE.EXE

C:\WINDOWS\SYSTEM32\CMDAGENT.EXE

C:\WINDOWS\SYSTEM32\DPTFPARTICIPANTPROCESSORSERVICE.EXE

C:\WINDOWS\SYSTEM32\DASHOST.EXE

C:\WINDOWS\SYSTEM32\DPTFPOLICYCONFIGTDPSERVICE.EXE

C:\WINDOWS\SYSTEM32\DPTFPOLICYLPMSERVICE.EXE

C:\WINDOWS\SYSTEM32\EXPRESSCACHE.EXE

C:\WINDOWS\SYSTEM32\GFEXPERIENCESERVICE.EXE

C:\WINDOWS\SYSTEM32\HECISERVER.EXE

C:\WINDOWS\SYSWOW64\IRSTRTSV.EXE

C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL\JHI_SERVICE.EXE

C:\WINDOWS\SYSTEM32\MACONFIGAGENT.EXE

C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\MBAMSCHEDULER.EXE

C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\MBAMSERVICE.EXE

C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NETSERVICE\NVNETWORKSERVICE.EXE

C:\WINDOWS\SYSTEM32\NVSTREAMSVC.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\ASUSWAKEUPSERVICE.EXE

C:\WINDOWS\SYSTEM32\MSMPENG.EXE

C:\PROGRAM FILES (X86)\BLUETOOTH SUITE\ATH_COEXAGENT.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\CAVWP.EXE

C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\GOOGLEUPDATE.EXE

C:\PROGRAM FILES\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORDATAMGRSVC.EXE

C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\FWSERVICE\INTELMEFWSERVICE.EXE

C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE

C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE

C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE

C:\WINDOWS\SYSTEM32\WLANEXT.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\HCONTROL.EXE

C:\WINDOWS\SYSTEM32\EXPLORER.EXE

C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\MBAM.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\KBFILTR.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKOSD2\ATKOSD2.EXE

C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK MEDIA\DMEDIA.EXE

C:\WINDOWS\SYSTEM32\TASKHOSTEX.EXE

C:\WINDOWS\SYSTEM32\ASPATCHTOUCHPANEL64.EXE

C:\WINDOWS\SYSTEM32\VIVOBOOK.EXE

C:\WINDOWS\SYSTEM32\CISTRAY.EXE

C:\WINDOWS\SYSTEM32\BATTERYLIFE.EXE

C:\WINDOWS\SYSTEM32\TABTIP.EXE

C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\INK\TABTIP32.EXE

C:\WINDOWS\SYSTEM32\ASUSTPLOADER.EXE

C:\WINDOWS\SYSTEM32\QUICKGESTURE64.EXE

C:\PROGRAM FILES (X86)\ASUS\ASUS SMART GESTURE\QUICKGESTURE\X86\QUICKGESTURE.EXE

C:\WINDOWS\SYSTEM32\ASUSTPCENTER.EXE

C:\WINDOWS\SYSTEM32\NVSTREAMNETWORKSERVICE.EXE

C:\WINDOWS\SYSTEM32\NVSTREAMSVC.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\WINDOWS\SYSTEM32\ASUSTPHELPER.EXE

C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE

C:\WINDOWS\SYSTEM32\HKCMD.EXE

C:\WINDOWS\SYSTEM32\DPTFPOLICYLPMSERVICEHELPER.EXE

C:\WINDOWS\SYSTEM32\RAVCPL64.EXE

C:\WINDOWS\SYSTEM32\RAVBG64.EXE

C:\WINDOWS\SYSTEM32\BTTRAY.EXE

C:\WINDOWS\SYSTEM32\BTVSTACK.EXE

C:\WINDOWS\SYSTEM32\ACTIVATEDESKTOP.EXE

C:\WINDOWS\SYSTEM32\CIS.EXE

C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\UPDATE CORE\NVBACKEND.EXE

C:\PROGRAM FILES (X86)\INTERNET DOWNLOAD MANAGER\IDMAN.EXE

C:\PROGRAM FILES (X86)\INTERNET DOWNLOAD MANAGER\IEMONITOR.EXE

C:\PROGRAM FILES (X86)\CYBERLINK\POWERDVD10\PDVD10SERV.EXE

C:\PROGRAM FILES (X86)\CANON\QUICK MENU\CNQMMAIN.EXE

C:\PROGRAM FILES (X86)\CANON\CANON IJ NETWORK SCAN UTILITY\CNMNSUT.EXE

C:\WINDOWS\SYSTEM32\SPLWOW64.EXE

C:\PROGRAM FILES (X86)\CANON\QUICK MENU\CNQMUPDT.EXE

C:\PROGRAM FILES\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORICON.EXE

C:\WINDOWS\SYSTEM32\NVVSVC.EXE

C:\WINDOWS\SYSTEM32\NVXDSYNC.EXE

C:\WINDOWS\SYSTEM32\NVVSVC.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE

C:\WINDOWS\SYSTEM32\AUDIODG.EXE

C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE

C:\PROGRAM FILES (X86)\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE

C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE

C:\WINDOWS\SYSTEM32\NVTRAY.EXE

C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE

C:\USERS\PORJUAN\DESKTOP\SPROCES\SPROCES.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R0 - HKUS\S-1-5-21-1208357557-3212375012-4182987995-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'Juan')

R0 - HKUS\S-1-5-21-1208357557-3212375012-4182987995-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'Juan')

F2 - REG:system.ini: UserInit=userinit.exe (HKLM x86)

O1 - Hosts: 127.0.0.1 http://es.easeus.com

O1 - Hosts: 127.0.0.1 es.easeus.com

O1 - Hosts: 127.0.0.1 www.easeus.com

O1 - Hosts: 127.0.0.1 easeus.com

O1 - Hosts: 127.0.0.1 www.survey.com-annualsurvey

O1 - Hosts: 127.0.0.1 survey.com-annualsurvey

O1 - Hosts: 127.0.0.1 www.avs4you.com

O1 - Hosts: 127.0.0.1 avs4you.com

O1 - Hosts: 127.0.0.1 www.videoredo.net

O1 - Hosts: 127.0.0.1 videoredo.net

O1 - Hosts: 127.0.0.1 www.videoredo.com

O1 - Hosts: 127.0.0.1 videoredo.com

O1 - Hosts: 127.0.0.1 www.iolo.com

O1 - Hosts: 127.0.0.1 iolo.com

O1 - Hosts: 127.0.0.1 www.auslogics.com

O1 - Hosts: 127.0.0.1 auslogics.com

O1 - Hosts: 127.0.0.1 www.revouninstallerpro.com

O1 - Hosts: 127.0.0.1 revouninstallerpro.com

O1 - Hosts: 127.0.0.1 license.piriform.com

O1 - Hosts: 127.0.0.1 www.glarysoft.com

...

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll

O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

O2 - BHO (x86): IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

O2 - BHO (x86): Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO (x86): RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3 - Toolbar (x86): &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

O3 - Toolbar (x86): Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun

O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot

O4 - HKUS\S-1-5-21-1208357557-3212375012-4182987995-1003\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Juan')

O4 - HKUS\S-1-5-21-1208357557-3212375012-4182987995-1003\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (User 'Juan')

O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

O4 - HKLM\..\Run: [IgfxTray] "C:\WINDOWS\system32\igfxtray.exe"

O4 - HKLM\..\Run: [HotKeysCmds] "C:\WINDOWS\system32\hkcmd.exe"

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe

O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3

O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"

O4 - HKLM\..\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

O4 - HKLM\..\Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

O4 - HKLM\..\Run: [ShadowPlay] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

O4 - HKLM\..\Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60

O4 - HKLM\..\Wow6432Node\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S

O4 - HKLM\..\Wow6432Node\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Wow6432Node\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

O4 - HKLM\..\Wow6432Node\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Wow6432Node\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon

O4 - HKLM\..\Wow6432Node\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

O8 - Extra context menu item: Descargar con IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Guardar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html

O8 - Extra context menu item: Mostrar Barra de Herramientas - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html

O8 - Extra context menu item: Personalizar Menú - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Rellenar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html

O8 - Extra context menu item: Barre RoboForm - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html (User 'Juan')

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 (User 'Juan')

O8 - Extra context menu item: Enregistrer les formulaires - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html (User 'Juan')

O8 - Extra context menu item: Personnaliser le menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html (User 'Juan')

O8 - Extra context menu item: Remplir les formulaires - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html (User 'Juan')

O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm (User 'Juan')

O8 - Extra context menu item: Télécharger tous les liens avec Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm (User 'Juan')

O9 - Extra button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (HKLM)

O9 - Extra button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (HKLM)

O9 - Extra button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (HKLM)

O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (HKLM)

O9 - Extra button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (HKLM x86)

O9 - Extra button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (HKLM x86)

O9 - Extra button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (HKLM x86)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (HKLM x86)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics (x86)

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - (no file)

O20 - AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll

O20 - AppInit_DLLs (x86): C:\WINDOWS\SysWOW64\nvinit.dll

O20 - Winlogon Notify: IGFXCUI - IGFXDEV.DLL

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

O21 - SSODL (x86): WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)



Información Adicional:

----------------------

Acceso Rapido ('porjuan'): FlashFXP 5.lnk = C:\Program Files (x86)\FlashFXP 5\FlashFXP.exe

Acceso Rapido ('porjuan'): Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Acceso Rapido ('porjuan'): Shows Desktop.lnk =

Acceso Rapido ('porjuan'): Window Switcher.lnk =

Acceso Rapido ('Juan'): Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Acceso Rapido ('Juan'): Shows Desktop.lnk =

Acceso Rapido ('Juan'): Window Switcher.lnk =

Ext.Google Chrome. ('porjuan') Id: aapocclcgogkmnckokdopfmhonfmgoek

Ext.Google Chrome. ('porjuan') Id: aohghmighlieiainnegkcijnfilokake

Ext.Google Chrome. ('porjuan') Id: apdfllckaahabafndbhieahigkjlhalf

Ext.Google Chrome. ('porjuan') Id: blpcfgokakmgnkcojhhkbfbldkacnbeo

Ext.Google Chrome. ('porjuan') Id: coobgpohoikkiipiblmjeljniedjpjpf

Ext.Google Chrome. ('porjuan') Id: felcaaldnbdncclmgdcncolpebgiejap

Ext.Google Chrome. ('porjuan') Id: ngpampappnmepgilojfohadhhmbhlaekC:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx

Ext.Google Chrome. ('porjuan') Id: nmmhkkegccagdldgiimedpiccmgmieda

Ext.Google Chrome. ('porjuan') Id: pjkljhegncpnkpknbcohdijeoejaedia

Ext.Google Chrome. ('porjuan') Id: pnlccmojcmeohlpggmfnbbiapkmbliobC:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx

Ext.Google Chrome. ('Juan') Id: aapocclcgogkmnckokdopfmhonfmgoek

Ext.Google Chrome. ('Juan') Id: aohghmighlieiainnegkcijnfilokake

Ext.Google Chrome. ('Juan') Id: apdfllckaahabafndbhieahigkjlhalf

Ext.Google Chrome. ('Juan') Id: blpcfgokakmgnkcojhhkbfbldkacnbeo

Ext.Google Chrome. ('Juan') Id: coobgpohoikkiipiblmjeljniedjpjpf

Ext.Google Chrome. ('Juan') Id: felcaaldnbdncclmgdcncolpebgiejap

Ext.Google Chrome. ('Juan') Id: jeaohhlajejodfjadcponpnjgkiikocnNULL2

Ext.Google Chrome. ('Juan') Id: nmmhkkegccagdldgiimedpiccmgmieda

Ext.Google Chrome. ('Juan') Id: pjkljhegncpnkpknbcohdijeoejaedia

Ext.Google Chrome. ('Juan') Id: pnlccmojcmeohlpggmfnbbiapkmbliobC:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx

Ext.Google Chrome. ('Juan') Id: Temp



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ASMMAP64 - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: @oem4.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe

O23 - Service: @oem4.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe

O23 - Service: @oem4.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe

O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe

O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IDMWFP - Tonec Inc. - C:\WINDOWS\system32\DRIVERS\idmwfp.sys

O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe

O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

O23 - Service: Ma-Config Agent (MaConfigAgent) - CybelSoft - C:\Program Files\ma-config.com\MaConfigAgent.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvvsvc.exe

O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

O23 - Service: ASUS Wake Service (WakeupService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe

O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: @oem14.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class (AthBTPort) - Qualcomm Atheros - C:\WINDOWS\system32\DRIVERS\btath_flt.sys

O23 - Service: @oem41.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver (athr) - Qualcomm Atheros Communications, Inc. - C:\WINDOWS\system32\DRIVERS\athwbx.sys

O23 - Service: @oem5.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device (ATP) - ASUS Corporation - C:\WINDOWS\System32\drivers\AsusTP.sys

O23 - Service: @bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service (bcmfn2) - Windows (R) Win 7 DDK provider - C:\WINDOWS\System32\drivers\bcmfn2.sys

O23 - Service: @oem15.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver (BTATH_HCRP) - Qualcomm Atheros - C:\WINDOWS\System32\drivers\btath_hcrp.sys

O23 - Service: @oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device (BTATH_LWFLT) - Qualcomm Atheros - C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys

O23 - Service: BtFilter - Qualcomm Atheros - C:\WINDOWS\system32\DRIVERS\btfilter.sys

O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: DptfDevDram - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys

O23 - Service: DptfDevFan - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys

O23 - Service: DptfDevGen - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys

O23 - Service: DptfDevPch - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys

O23 - Service: DptfDevProc - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys

O23 - Service: DptfManager - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfManager.sys

O23 - Service: epmntdrv - Unknown owner - C:\WINDOWS\system32\epmntdrv.sys

O23 - Service: EuGdiDrv - Unknown owner - C:\WINDOWS\system32\EuGdiDrv.sys

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @oem17.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control (HIDSwitch) - ASUS - C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys

O23 - Service: @ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver (iaLPSSi_GPIO) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys

O23 - Service: @ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver (iaLPSSi_I2C) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys

O23 - Service: igfx - Intel Corporation - C:\WINDOWS\system32\DRIVERS\igdkmd64.sys

O23 - Service: @oem31.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device (intaud_WaveExtensible) - Intel Corporation - C:\WINDOWS\system32\drivers\intelaud.sys

O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\drivers\RTKVHD64.sys

O23 - Service: @oem25.inf,%IntcDAud.SvcDesc%;Son Intel(R) pour écrans (IntcDAud) - Intel(R) Corporation - C:\WINDOWS\system32\DRIVERS\IntcDAud.sys

O23 - Service: @oem12.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver (irstrtdv) - Intel Corporation - C:\WINDOWS\System32\drivers\irstrtdv.sys

O23 - Service: @oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator (iwdbus) - Intel Corporation - C:\WINDOWS\System32\drivers\iwdbus.sys

O23 - Service: jw0dzx9l - Unknown owner - C:\WINDOWS\system32\drivers\jw0dzx9l.sys (file missing)

O23 - Service: @oem11.inf,%kbfiltr.SvcDesc%;Keyboard Filter (kbfiltr) - - C:\WINDOWS\System32\drivers\kbfiltr.sys

O23 - Service: ma-config_amd64 - CybelSoft - C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys

O23 - Service: MBAMProtector - Malwarebytes Corporation - C:\WINDOWS\system32\drivers\mbam.sys

O23 - Service: MBAMSwissArmy - Malwarebytes Corporation - C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

O23 - Service: MBAMWebAccessControl - Malwarebytes Corporation - C:\WINDOWS\system32\drivers\mwac.sys

O23 - Service: @oem26.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface (MEIx64) - Intel Corporation - C:\WINDOWS\System32\drivers\HECIx64.sys

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys

O23 - Service: NvStreamKms - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys

O23 - Service: @oem37.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM) (nvvad_WaveExtensible) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvvad64v.sys

O23 - Service: Revoflt - VS Revo Group - C:\WINDOWS\SYSTEM32\DRIVERS\revoflt.sys

O23 - Service: @oem7.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA (RSBASTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys

O23 - Service: @oem40.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver (RTL8168) - Realtek - C:\WINDOWS\system32\DRIVERS\Rt630x64.sys

O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe



Listado de Servicios (Deshabilitados):

--------------------------------------



70 Servicios.

28 de Carga Automatica.

42 de Carga Manual.

0 Deshabilitados.



Listado de Programas Instalados:

--------------------------------

Windows Driver Package - ASUS (ATP) Mouse (11/09/2012 1.0.0.153) -> C:\PROGRA~1\DIFX\4A7292~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\asustp.inf_amd64_c8afc71cb1fe0404\asustp.inf

CCleaner -> "C:\Program Files\CCleaner\uninst.exe"

Unlocker 1.9.2 -> C:\Program Files\Unlocker\uninst.exe

WinRAR 5.20 (64-bit) -> C:\Program Files\WinRAR\uninstall.exe

ASUS VivoBook -> MsiExec.exe /I{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}

ASUS Screen Saver -> MsiExec.exe /I{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}

Canon MG5200 series MP Drivers -> "C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series\DELDRV64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series /L0x000c

COMODO Firewall -> MsiExec.exe /I{18F14F4B-D8A9-4309-817E-3BC0B7664E53}

Intel(R) Rapid Storage Technology -> MsiExec.exe /I{27DEA29A-222C-45F8-B70D-0A7B303FC71B}

ExpressCache -> MsiExec.exe /I{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}

Intel(R) Rapid Storage Technology -> "C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall

Revo Uninstaller Pro 3.1.2 -> "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"

Ma-Config.com (64 bits) -> MsiExec.exe /X{914DEF20-C55F-429E-ADC8-9B33237804B6}

ASUS Power4Gear Hybrid -> MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}

PDF-Viewer -> "C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"

Qualcomm Atheros Bluetooth Suite (64) -> MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801}

NVIDIA Controlador de gráficos 350.12 -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver

NVIDIA GeForce Experience 2.4.1.21 -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience

NVIDIA Software del sistema PhysX 9.15.0324 -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX

SUPERAntiSpyware -> "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"

Intel® Trusted Connect Service Client -> MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}

Intel(R) Rapid Start Technology -> C:\Program Files (x86)\Intel\irstrt\Uninstall\setup.exe -uninstall

Adobe Flash Player 17 NPAPI -> C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_134_Plugin.exe -maintain plugin

RoboForm 7-9-11-5 (All Users) -> "C:\Program Files (x86)\Siber Systems\AI RoboForm\rfwipeout.exe"

ASUS WebStorage Sync Agent -> C:\Program Files (x86)\ASUS\WebStorage Sync Agent\uninst.exe

Battle.net -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=battle.net --displayname="Battle.net"

Canon My Printer -> "C:\Program Files\Canon\MyPrinter\uninst.exe" /UninstallRemove C:\Program Files\Canon\MyPrinter\uninst.ini

Canon Quick Menu -> "C:\Program Files (x86)\Canon\Quick Menu\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Quick Menu\uninst.ini

Canon IJ Network Scan Utility -> "C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSU.exe" /UninstallRemove C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\uninst.ini

Canon IJ Network Tool -> C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe

DelPSGuard versión 5.0.2 -> "C:\Program Files (x86)\DelPSGuard\unins000.exe"

Diablo III -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=esES --uid=diablo3_eses --displayname="Diablo III"

Instalación de DivX -> C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall

EaseUS Partition Master 10.2 Trial Edition -> "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\unins000.exe"

Canon Easy-WebPrint EX -> "C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.ini

ESET Online Scanner v3 -> C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

Intel(R) Dynamic Platform and Thermal Framework -> C:\Program Files (x86)\Intel\Intel(R) Dynamic Platform and Thermal Framework\Uninstall\setup.exe -uninstall

FlashFXP 5 -> "C:\ProgramData\{4E9C0E19-EB2A-4563-B74E-07D2536941E3}\FlashFXP5_Setup.exe" REMOVE=TRUE MODIFY=FALSE

Glary Utilities 5.15 -> C:\Program Files (x86)\Glary Utilities 5\uninst.exe

Google Chrome -> "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

HD Tune Pro 5.50 -> "C:\Program Files (x86)\HD Tune Pro\unins000.exe"

ASUSDVD -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall

Internet Download Manager -> C:\Program Files (x86)\Internet Download Manager\Uninstall.exe

IrfanView (remove only) -> "C:\Program Files (x86)\IrfanView\iv_uninstall.exe"

Malwarebytes Anti-Malware versión 2.0.4.1028 -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"

Mozilla Firefox 37.0.1 (x86 es-ES) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"

Mozilla Maintenance Service -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"

Canon MP Navigator EX 4.0 -> "C:\Program Files (x86)\Canon\MP Navigator EX 4.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 4.0\uninst.ini

SpywareBlaster 5.0 -> "C:\Program Files (x86)\SpywareBlaster\unins000.exe"

UltraISO Premium V9.61 -> "C:\Program Files (x86)\UltraISO\unins000.exe"

WMInstall -> "C:\WINDOWS\unins000.exe"

ASUS LifeFrame3 -> MsiExec.exe /X{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}

Qualcomm Atheros Client Installation Program -> "C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -runfromtemp -l0x0409 -removeonly

System Explorer 6.4.0 -> "C:\Program Files (x86)\System Explorer\unins000.exe"

ASUS Smart Gesture -> MsiExec.exe /I{4D3286A6-F6AB-498A-82A4-E4F040529F3D}

ASUS Tutor -> MsiExec.exe /I{58172D66-2F69-4215-9AEC-ED8196023736}

Google Update Helper -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}

Intel(R) Management Engine Components -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall

Realtek Ethernet Controller Driver -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly

DllTool 1.0 -> "C:\Program Files (x86)\DllTool\1.0\unins000.exe"

WinFlash -> MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}

VC80CRTRedist - 8.0.50727.6195 -> MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}

ATK Package -> MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}

Realtek PCIE Card Reader -> "C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly

ASUSDVD -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall

Intel(R) Processor Graphics -> C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall

Realtek High Definition Audio Driver -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709

Intel(R) SDK for OpenCL - CPU Only Runtime Package -> C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall

Microsoft OneDrive -> C:\Users\porjuan\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\OneDriveSetup.exe /uninstall

Registry Help Pro -> C:\Users\porjuan\AppData\Local\Registry Help Pro\uninstall.exe

---------

Hasta luego

[flacoroo]

En cuanto al elistara que detecta inmediatamente cualquier modificación, haz lo siguiente bajalo en alguna computadora limpia y grabalo en un cd, los mismo que las demas herramientas que bajas de zonavirus, de esa manera no te lo modificara el virus y lo ejecutas en modo seguro

http://www.zonavirus.com/descargas/elistara.asp

Saludos

[jtres]

Hola, he aquí los logos de AdwCleaner y del herprotect.
El herprotect me pidio repetirlo por intervalos de media hora hasta que al final despues de cinco intentos ya no me pidió repetir dejando siempre cuatro archivos en "inconclusive". De los cuatro tres son del programa DIVX que, pienso yo, se les puede hacer confianza y el cuarto es un programa con un nombre bien raro, "ubiquitynativeservicecomponent.dll". Te mando el primero y el último logo de her protect. Tengo la impresion de que el portable va mejor. Aunque la mayor parte del tiempo estoy en modo seguro.
LOGO DE ADWCLEANER:
# AdwCleaner v4.201 - Registro generado 18/04/2015 en 10:39:19
# Actualizado 08/04/2015 por Xplode
# Base de datos : 2015-04-18.3 [Servidor]
# Sistema operativo : Windows 8.1 (x64)
# Nombre de usuario : porjuan - PCJUAN
# Ejecutado desde : C:\Users\porjuan\Desktop\adwcleaner_4.201.exe
# Opción : Limpiar

***** [ Servicios ] *****

***** [ Archivos / Carpetas ] *****

Carpeta Eliminar : C:\Device
Archivo Eliminar : C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0

***** [ Tareas programadas... ] *****


***** [ Accesos directos ] *****


***** [ Registro ] *****


***** [ Navegadores Web ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v37.0.1 (x86 es-ES)


-\\ Google Chrome v41.0.2272.118


*************************

AdwCleaner[R0].txt - [992 bytes] - [18/04/2015 10:36:52]
AdwCleaner[R1].txt - [1050 bytes] - [18/04/2015 10:38:17]
AdwCleaner[S0].txt - [970 bytes] - [18/04/2015 10:39:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1028 bytes] ##########
=========================================

1ER LOGO DE HERPROTECT:
Saved date: 18/04/2015 12:03:45
Files detected: 28
Files scanned: 9.951
Processes scanned: 18
Modules scanned: 405
ASEPs scanned: 518
Downloads scanned: 0
Deep analysis: 17/5
---------------------------------------------------------------------------------

Files

---------------------------------------------------------------------------------

File path: c:\windows\system32\drivers\intcdaud.sys
Publisher: Intel(R) Corporation
MD5: f5495b38bfb9149925f54f65ab40efbf
SHA-1: 3fbef8ee216245a0b26e3fb24f6345605a0b440b
Created: 30/01/2013 7:25:08
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as Gen:Variant.Adware.SMSHoax.95 (Adware)

---------------------------------------------------------------------------------

File path: c:\users\porjuan\desktop\herdprotectscan_setup.exe
Publisher: Reason Company Software Inc.
Signer: Reason Software Company Inc.
MD5: 172ed33198484df87fa015b695eaad80
SHA-1: 1df2124a741afc2ee0b2e90e904a3201e5cb3c3d
Created: 18/04/2015 10:30:39
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Malware.ArcadeWeb!6.727 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\porjuan\desktop\ifs.exe
Publisher:
MD5: 7f4908c30173dc2ca217a737f71d5c75
SHA-1: 2d22437a9352de74c20fd360346684daad6213de
Created: 11/04/2015 0:51:57
Detections: 3
Determination: Ignore detections (false positive)
- CMC Antivirus as Trojan.Win32.Generic!O (Undefined)
- McAfee Web Gateway as BehavesLike.Win32.Dropper.tc (Undefined)
- F-Prot as W32/AutoIt.CE.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\ext-ms-win-cluster-clusapi-l1-1-1.dll
Publisher: Microsoft Corporation
MD5: 6f5557e3f97cb2a957da5dcdaf1e22c1
SHA-1: c2a27e776fbfc3666642425dcc5f2b34bb41cb10
Created: 22/08/2013 6:14:14
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Backdoor/Bifrose.fxu (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\kbdcherp.dll
Publisher: Microsoft Corporation
MD5: f992fe1d923f59f806442449f3ea557b
SHA-1: d216f5bc5d466c1c9d94aa57a28c5226b214bdbc
Created: 22/08/2013 6:15:06
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/Kryptik.ahcy (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\blizzard entertainment\battle.net\cache\36\b2\36b27cd911b33c61730a8b82c8b2495fd16e8024fc3b2dde08861c77a852941c.auth
Publisher:
MD5: 140d0aaf310055ebebcdd91d3f0f522e
SHA-1: 8b0b8779b18467e4e180a74971aa469542a18f50
Created: 23/02/2015 1:26:30
Detections: 2
Determination: Ignore detections (false positive)
- Trend Micro House Call as PAK_Generic.001
- Trend Micro as PAK_Generic.001

---------------------------------------------------------------------------------

File path: c:\programdata\application data\divx\mpeg4encoder\uninstaller.exe
Publisher: DivX, LLC
MD5: d5c1aa696bcf6eb1b46fd655e7f54125
SHA-1: 674b65f2960534cb5cc83344a851b3c37ffffc4f
Created: 12/02/2015 1:29:15
Detections: 1
Determination: Inconclusive
- F-Secure as Win32.Ramnit.N (Malware)

---------------------------------------------------------------------------------

File path: c:\programdata\blizzard entertainment\battle.net\cache\36\b2\36b27cd911b33c61730a8b82c8b2495fd16e8024fc3b2dde08861c77a852941c.auth
Publisher:
MD5: 140d0aaf310055ebebcdd91d3f0f522e
SHA-1: 8b0b8779b18467e4e180a74971aa469542a18f50
Created: 23/02/2015 1:26:30
Detections: 2
Determination: Ignore detections (false positive)
- Trend Micro House Call as PAK_Generic.001
- Trend Micro as PAK_Generic.001

---------------------------------------------------------------------------------

File path: c:\programdata\divx\mpeg4encoder\uninstaller.exe
Publisher: DivX, LLC
MD5: d5c1aa696bcf6eb1b46fd655e7f54125
SHA-1: 674b65f2960534cb5cc83344a851b3c37ffffc4f
Created: 12/02/2015 1:29:15
Detections: 1
Determination: Inconclusive
- F-Secure as Win32.Ramnit.N (Malware)

---------------------------------------------------------------------------------

File path: c:\program files\asus\asus vivobook\maxxaudioaposhell64.dll
Publisher: Waves Audio Ltd.
Signer: US Waves inc
MD5: 20efa68e022844ad6e7aca7954d7480c
SHA-1: c9cf88288e5b38c3e21b8492d0c90fff4c346ecc
Created: 02/11/2012 23:30:24
Detections: 1
Determination: Ignore detections (false positive)
- Clam AntiVirus as PUA.Win32.Packer.PrivateExeProte-7

---------------------------------------------------------------------------------

File path: c:\program files\canon\myprinter\sc\bjmyres.dll
Publisher: CANON INC.
MD5: 9edf7283ea008f15f7ab45a0f2b2b722
SHA-1: 4597625dacbb6a64d9fd0fabfe2b2dd5e632685f
Created: 31/03/2015 21:34:32
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/Kryptik.bn (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\canonbj\ijprinter\canon mg5200 series\cncisco3.dll
Publisher: Canon Inc.
MD5: 01028580cc047439c55dcfb92f3a39a8
SHA-1: 86c3d3924acc6b5559faa07814c47ff4120b0786
Created: 31/03/2015 21:37:11
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Laneul (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\intel\intel(r) rapid storage technology\pt-br\iastorutil.resources.dll
Publisher: Intel Corporation
MD5: 1ed68426e97936969c465ecedf309e52
SHA-1: abbf946b1cca89d4bf3ae4e7025c5be72c3baf20
Created: 21/11/2013 8:31:48
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as Gen:Heur.Conjar (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\intel\intel(r) rapid storage technology\pt-pt\iastorviewmodel.resources.dll
Publisher: Intel Corporation
MD5: 0f9e9b0519d96aa13043b84da5efb48b
SHA-1: e8fabdf4c63b03dc24af3c8d204eb62480e9e373
Created: 21/11/2013 8:31:48
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as MemScan:Trojan.Dropper.Agent.UZQ (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\intel\intel(r) rapid storage technology\tr-tr\iastordatamgr.resources.dll
Publisher: Intel Corporation
MD5: ae6a5a00a801e08db3647ca17940db04
SHA-1: 2a61790a395f52a4084e2bbcd0f28cdb227c4ed6
Created: 21/11/2013 8:31:48
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as Android.Adware.Wapsx (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\tracker software\pdf viewer\pdfxcview.exe
Publisher: Tracker Software Products (Canada) Ltd.
MD5: bf61a59971429b7bf5381f391b6b8c12
SHA-1: 7f802e0289234ea0b2d6c67de21ad1d2098286f7
Created: 26/02/2015 15:15:15
Detections: 1
Determination: Ignore detections (false positive)
- Trend Micro House Call as TROJ_GEN.F47V0120 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.adera_2.5.2.34894_x86__8wekyb3d8bbwe\ubiquitynativeservicecomponent.dll
Publisher:
MD5: d9fdbcca3cb77114ddf77e9f80336f38
SHA-1: 899db5ba56363d89acb246770eede685c84065af
Created: 28/01/2015 0:21:44
Detections: 1
Determination: Inconclusive
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.studios.pinballfx2_1.7.1.942_x86__8wekyb3d8bbwe\microsoft.games.sentient.dll
Publisher: Microsoft
MD5: d65de90b43fd977de6983ff39bdc8754
SHA-1: 538c67ef85d494fca1677c2023159a0a363c52f0
Created: 28/01/2015 10:40:28
Detections: 1
Determination: Ignore detections (false positive)
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.studios.pinballfx2_1.8.1.957_x86__8wekyb3d8bbwe\microsoft.games.sentient.dll
Publisher: Microsoft
MD5: d65de90b43fd977de6983ff39bdc8754
SHA-1: 538c67ef85d494fca1677c2023159a0a363c52f0
Created: 28/01/2015 10:40:28
Detections: 1
Determination: Ignore detections (false positive)
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files (x86)\asus\webstorage sync agent\1.1.10.123\restartexplorer.exe
Publisher:
MD5: 61bb03f59ddf20286d3f9f97eead87b2
SHA-1: 2ff00eddc528559b4c9a46b389c03801df167e76
Created: 20/04/2011 7:59:44
Detections: 1
Determination: Ignore detections (false positive)
- Trend Micro House Call as TROJ_GEN.F47V1220 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\bluetooth suite\l10n\nb-no\bttray.nb-no.dll
Publisher:
MD5: 78a468660276a9957560401e47e38173
SHA-1: 7d5a5e97f3ed37f49467197b1b6e354f5fa990bf
Created: 29/09/2012 20:56:52
Detections: 1
Determination: Ignore detections (false positive)
- Jiangmin as Win32/Virut.bn

---------------------------------------------------------------------------------

File path: c:\program files (x86)\cyberlink\powerdvd10\audiofilter\dolbyhph.dll
Publisher: Lake Technology Limited, http://www.lake.com.au
MD5: 442b5be8aa79b0496c5d0234b78e20ce
SHA-1: 9956235bf6fe3a3220c73a84c8f57c951226655a
Created: 23/05/2012 10:48:46
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\delpsguard\dpsg.exe
Publisher: InfoSpyware.com
MD5: 08c39aa09de16ce14898fa5000992113
SHA-1: 67e2fa1b67a7513e2bae3c7c7deed1c616e32a9a
Created: 11/04/2015 17:26:25
Detections: 21
Determination: Adware
- McAfee as Artemis!08C39AA09DE1 (Undefined)
- Zillya! Antivirus as Trojan.KillAV.Win32.4020 (Undefined)
- K7 AntiVirus as Trojan (Undefined)
- K7 Gateway Antivirus as Trojan (Undefined)
- NANO AntiVirus as Trojan.Win32.Hosts.bnola (Undefined)
- Norman as Qhost.IAS (Undefined)
- avast! as Win32:PUP-gen [PUP] (Adware)
- Clam AntiVirus as Trojan.Killav-167 (Undefined)
- AegisLab AV Signature as DangerousObject.Multi.Gen (Undefined)
- Rising Antivirus as PE:Trojan.Win32.Generic.12478561!306677089 (Undefined)
- Comodo Security as TrojWare.Win32.Agent.~BAAC (Undefined)
- VIPRE Antivirus as Trojan.Win32.Generic (Undefined)
- McAfee Web Gateway as BehavesLike.Win32.Trojan.cc (Undefined)
- Jiangmin as Packed.Black.ngm
- Avira AntiVirus as TR/Gendal.2.5966 (Undefined)
- Kingsoft AntiVirus as Win32.Troj.Generic.(kcloud) (Undefined)
- ViRobot as Trojan.Win32.Qhost.71168 (Undefined)
- Vba32 AntiVirus as Trojan.BAT.KillAV (Undefined)
- IKARUS anti.virus as Trojan.Gendal (Undefined)
- Baidu Antivirus as Program.Win32.FakeASC (Adware)
- Qihoo 360 Security as Win32/Trojan.d3c (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\divx\codecs\dmfcontainer.dll
Publisher:
MD5: 70e2843ee69d1a4b424bcb3bc21d3635
SHA-1: 353e90c10560a0bf56fba743950c7f8660ec6119
Created: 17/12/2014 9:52:58
Detections: 2
Determination: Inconclusive
- F-Secure as Adware.Generic.1077299 (Adware)
- Dr.Web as Trojan.Packed (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\dlltool\1.0\ieclear.dll
Publisher:
MD5: eca4b82c2f924be937948ee4969bf9f3
SHA-1: c0fed627ef3e811b12a19ba21177490bb2b3ee72
Created: 07/03/2015 10:01:32
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Laneul (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\dlltool\1.0\resource.dll
Publisher:
MD5: 2c835c964171d1f8e9f1623fc6f22266
SHA-1: 17cb9b40a6324a3bb0d4a7c870ad52275e9d33d6
Created: 07/03/2015 10:01:32
Detections: 1
Determination: Ignore detections (false positive)
- McAfee Web Gateway as BehavesLike.Win32.VBobfus.cc (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\easeus\easeus partition master 10.2\bin\libpangoft2-1.0-0.dll
Publisher: Red Hat Software
MD5: 82cc0bb22b6eee16d68ea86d8a4518c6
SHA-1: 9f73c941fec5868c09745d1f02323b8bb9ce1d7f
Created: 17/03/2015 0:18:27
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoB (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\glary utilities 5\autoupdate.exe
Publisher: Glarysoft Ltd
Signer: Glarysoft Ltd
MD5: f179cb560b6bf22e7abc5680555eadb2
SHA-1: 1f6ee512ec8e99474e875b5dc7db3a9378e10d51
Created: 22/12/2014 7:52:14
Detections: 1
Determination: Ignore detections (false positive)
- Boost by Reason as Optional.Glarysoft.K

======================================
2DO LOGO DE ADWCLEANER:
Saved date: 18/04/2015 14:17:51
Files detected: 28
Files scanned: 9.982
Processes scanned: 19
Modules scanned: 444
ASEPs scanned: 509
Downloads scanned: 0
Deep analysis: 0/0
---------------------------------------------------------------------------------

Files

---------------------------------------------------------------------------------

File path: c:\windows\system32\drivers\intcdaud.sys
Publisher: Intel(R) Corporation
MD5: f5495b38bfb9149925f54f65ab40efbf
SHA-1: 3fbef8ee216245a0b26e3fb24f6345605a0b440b
Created: 30/01/2013 7:25:08
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as Gen:Variant.Adware.SMSHoax.95 (Adware)

---------------------------------------------------------------------------------

File path: c:\users\porjuan\desktop\herdprotectscan_setup.exe
Publisher: Reason Company Software Inc.
Signer: Reason Software Company Inc.
MD5: 172ed33198484df87fa015b695eaad80
SHA-1: 1df2124a741afc2ee0b2e90e904a3201e5cb3c3d
Created: 18/04/2015 10:30:39
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Malware.ArcadeWeb!6.727 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\porjuan\desktop\ifs.exe
Publisher:
MD5: 7f4908c30173dc2ca217a737f71d5c75
SHA-1: 2d22437a9352de74c20fd360346684daad6213de
Created: 11/04/2015 0:51:57
Detections: 3
Determination: Ignore detections (false positive)
- CMC Antivirus as Trojan.Win32.Generic!O (Undefined)
- McAfee Web Gateway as BehavesLike.Win32.Dropper.tc (Undefined)
- F-Prot as W32/AutoIt.CE.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\porjuan\desktop\sproces\sproces.exe
Publisher: Satinfo SL.
MD5: 92a0042ff09e718844f0e53fd2f6fd87
SHA-1: 21ad85231db2d7f6adadfabea1862bdaa9b22c4b
Created: 15/04/2015 10:08:40
Detections: 2
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)
- Comodo Security as TrojWare.Win32.TrojanDownloader.IstBar.~L (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\ext-ms-win-cluster-clusapi-l1-1-1.dll
Publisher: Microsoft Corporation
MD5: 6f5557e3f97cb2a957da5dcdaf1e22c1
SHA-1: c2a27e776fbfc3666642425dcc5f2b34bb41cb10
Created: 22/08/2013 6:14:14
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Backdoor/Bifrose.fxu (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\kbdcherp.dll
Publisher: Microsoft Corporation
MD5: f992fe1d923f59f806442449f3ea557b
SHA-1: d216f5bc5d466c1c9d94aa57a28c5226b214bdbc
Created: 22/08/2013 6:15:06
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/Kryptik.ahcy (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\blizzard entertainment\battle.net\cache\36\b2\36b27cd911b33c61730a8b82c8b2495fd16e8024fc3b2dde08861c77a852941c.auth
Publisher:
MD5: 140d0aaf310055ebebcdd91d3f0f522e
SHA-1: 8b0b8779b18467e4e180a74971aa469542a18f50
Created: 23/02/2015 1:26:30
Detections: 2
Determination: Ignore detections (false positive)
- Trend Micro House Call as PAK_Generic.001
- Trend Micro as PAK_Generic.001

---------------------------------------------------------------------------------

File path: c:\programdata\application data\divx\mpeg4encoder\uninstaller.exe
Publisher: DivX, LLC
MD5: d5c1aa696bcf6eb1b46fd655e7f54125
SHA-1: 674b65f2960534cb5cc83344a851b3c37ffffc4f
Created: 12/02/2015 1:29:15
Detections: 1
Determination: Inconclusive
- F-Secure as Win32.Ramnit.N (Malware)

---------------------------------------------------------------------------------

File path: c:\programdata\blizzard entertainment\battle.net\cache\36\b2\36b27cd911b33c61730a8b82c8b2495fd16e8024fc3b2dde08861c77a852941c.auth
Publisher:
MD5: 140d0aaf310055ebebcdd91d3f0f522e
SHA-1: 8b0b8779b18467e4e180a74971aa469542a18f50
Created: 23/02/2015 1:26:30
Detections: 2
Determination: Ignore detections (false positive)
- Trend Micro House Call as PAK_Generic.001
- Trend Micro as PAK_Generic.001

---------------------------------------------------------------------------------

File path: c:\programdata\divx\mpeg4encoder\uninstaller.exe
Publisher: DivX, LLC
MD5: d5c1aa696bcf6eb1b46fd655e7f54125
SHA-1: 674b65f2960534cb5cc83344a851b3c37ffffc4f
Created: 12/02/2015 1:29:15
Detections: 1
Determination: Inconclusive
- F-Secure as Win32.Ramnit.N (Malware)

---------------------------------------------------------------------------------

File path: c:\program files\asus\asus vivobook\maxxaudioaposhell64.dll
Publisher: Waves Audio Ltd.
Signer: US Waves inc
MD5: 20efa68e022844ad6e7aca7954d7480c
SHA-1: c9cf88288e5b38c3e21b8492d0c90fff4c346ecc
Created: 02/11/2012 23:30:24
Detections: 1
Determination: Ignore detections (false positive)
- Clam AntiVirus as PUA.Win32.Packer.PrivateExeProte-7

---------------------------------------------------------------------------------

File path: c:\program files\canon\myprinter\sc\bjmyres.dll
Publisher: CANON INC.
MD5: 9edf7283ea008f15f7ab45a0f2b2b722
SHA-1: 4597625dacbb6a64d9fd0fabfe2b2dd5e632685f
Created: 31/03/2015 21:34:32
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/Kryptik.bn (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\canonbj\ijprinter\canon mg5200 series\cncisco3.dll
Publisher: Canon Inc.
MD5: 01028580cc047439c55dcfb92f3a39a8
SHA-1: 86c3d3924acc6b5559faa07814c47ff4120b0786
Created: 31/03/2015 21:37:11
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Laneul (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\intel\intel(r) rapid storage technology\pt-br\iastorutil.resources.dll
Publisher: Intel Corporation
MD5: 1ed68426e97936969c465ecedf309e52
SHA-1: abbf946b1cca89d4bf3ae4e7025c5be72c3baf20
Created: 21/11/2013 8:31:48
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as Gen:Heur.Conjar (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\intel\intel(r) rapid storage technology\pt-pt\iastorviewmodel.resources.dll
Publisher: Intel Corporation
MD5: 0f9e9b0519d96aa13043b84da5efb48b
SHA-1: e8fabdf4c63b03dc24af3c8d204eb62480e9e373
Created: 21/11/2013 8:31:48
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as MemScan:Trojan.Dropper.Agent.UZQ (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\intel\intel(r) rapid storage technology\tr-tr\iastordatamgr.resources.dll
Publisher: Intel Corporation
MD5: ae6a5a00a801e08db3647ca17940db04
SHA-1: 2a61790a395f52a4084e2bbcd0f28cdb227c4ed6
Created: 21/11/2013 8:31:48
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as Android.Adware.Wapsx (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\tracker software\pdf viewer\pdfxcview.exe
Publisher: Tracker Software Products (Canada) Ltd.
MD5: bf61a59971429b7bf5381f391b6b8c12
SHA-1: 7f802e0289234ea0b2d6c67de21ad1d2098286f7
Created: 26/02/2015 15:15:15
Detections: 1
Determination: Ignore detections (false positive)
- Trend Micro House Call as TROJ_GEN.F47V0120 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.adera_2.5.2.34894_x86__8wekyb3d8bbwe\ubiquitynativeservicecomponent.dll
Publisher:
MD5: d9fdbcca3cb77114ddf77e9f80336f38
SHA-1: 899db5ba56363d89acb246770eede685c84065af
Created: 28/01/2015 0:21:44
Detections: 1
Determination: Inconclusive
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.studios.pinballfx2_1.7.1.942_x86__8wekyb3d8bbwe\microsoft.games.sentient.dll
Publisher: Microsoft
MD5: d65de90b43fd977de6983ff39bdc8754
SHA-1: 538c67ef85d494fca1677c2023159a0a363c52f0
Created: 28/01/2015 10:40:28
Detections: 1
Determination: Ignore detections (false positive)
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\microsoft.studios.pinballfx2_1.8.1.957_x86__8wekyb3d8bbwe\microsoft.games.sentient.dll
Publisher: Microsoft
MD5: d65de90b43fd977de6983ff39bdc8754
SHA-1: 538c67ef85d494fca1677c2023159a0a363c52f0
Created: 28/01/2015 10:40:28
Detections: 1
Determination: Ignore detections (false positive)
- Quick Heal as (Suspicious) - DNAScan

---------------------------------------------------------------------------------

File path: c:\program files (x86)\asus\webstorage sync agent\1.1.10.123\restartexplorer.exe
Publisher:
MD5: 61bb03f59ddf20286d3f9f97eead87b2
SHA-1: 2ff00eddc528559b4c9a46b389c03801df167e76
Created: 20/04/2011 7:59:44
Detections: 1
Determination: Ignore detections (false positive)
- Trend Micro House Call as TROJ_GEN.F47V1220 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\bluetooth suite\l10n\nb-no\bttray.nb-no.dll
Publisher:
MD5: 78a468660276a9957560401e47e38173
SHA-1: 7d5a5e97f3ed37f49467197b1b6e354f5fa990bf
Created: 29/09/2012 20:56:52
Detections: 1
Determination: Ignore detections (false positive)
- Jiangmin as Win32/Virut.bn

---------------------------------------------------------------------------------

File path: c:\program files (x86)\cyberlink\powerdvd10\audiofilter\dolbyhph.dll
Publisher: Lake Technology Limited, http://www.lake.com.au
MD5: 442b5be8aa79b0496c5d0234b78e20ce
SHA-1: 9956235bf6fe3a3220c73a84c8f57c951226655a
Created: 23/05/2012 10:48:46
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\divx\codecs\dmfcontainer.dll
Publisher:
MD5: 70e2843ee69d1a4b424bcb3bc21d3635
SHA-1: 353e90c10560a0bf56fba743950c7f8660ec6119
Created: 17/12/2014 9:52:58
Detections: 2
Determination: Inconclusive
- F-Secure as Adware.Generic.1077299 (Adware)
- Dr.Web as Trojan.Packed (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\dlltool\1.0\ieclear.dll
Publisher:
MD5: eca4b82c2f924be937948ee4969bf9f3
SHA-1: c0fed627ef3e811b12a19ba21177490bb2b3ee72
Created: 07/03/2015 10:01:32
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Laneul (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\dlltool\1.0\resource.dll
Publisher:
MD5: 2c835c964171d1f8e9f1623fc6f22266
SHA-1: 17cb9b40a6324a3bb0d4a7c870ad52275e9d33d6
Created: 07/03/2015 10:01:32
Detections: 1
Determination: Ignore detections (false positive)
- McAfee Web Gateway as BehavesLike.Win32.VBobfus.cc (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\easeus\easeus partition master 10.2\bin\libpangoft2-1.0-0.dll
Publisher: Red Hat Software
MD5: 82cc0bb22b6eee16d68ea86d8a4518c6
SHA-1: 9f73c941fec5868c09745d1f02323b8bb9ce1d7f
Created: 17/03/2015 0:18:27
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoB (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\glary utilities 5\autoupdate.exe
Publisher: Glarysoft Ltd
Signer: Glarysoft Ltd
MD5: f179cb560b6bf22e7abc5680555eadb2
SHA-1: 1f6ee512ec8e99474e875b5dc7db3a9378e10d51
Created: 22/12/2014 7:52:14
Detections: 1
Determination: Ignore detections (false positive)
- Boost by Reason as Optional.Glarysoft.K
===========

[msc hotline sat]

Dada la informacion aportada, hoy incluiremos en el SPROCES, la lista de ficheros/extensiones existente en ...\AppData\Local\Google\Chrome\User Data\Default\databases\ , donde por lo visto se escondía este malware PUP que ya se ha eliminado (SpeedDial2)



Para ello creamos nueva version 8.4 del SPROCES que estara disponible en nuestra web a partir de las 19 h CEST de hoy



Con ello podremos ver lo existente en dicha ubicación, que no controlabamos hasta ahora.



De todas formas con lo hecho ya parece estar limpio de malwares. Diganos si actualmente ya no persisten anomalias en su ordenador, y sino, comentenoslo en su proximo post de respuesta a este Tema, posteandonos el log que le genere dicha nueva version de SPROCES 8.4



saludois



ms, 20-4-2015

[jtres]

Hola,Bueno, te comento que efectivamente todo funciona mejor aunque encuentro el firefox bastante lento pero puede ser debido a que cada version es peor, a mon avis; sigue siendo el mejor sin embargo, amavis.
He aquí el logo de sprocess y si consideras que está libre de bichos lo damos por solucionado. Ni me he enterado que tenia un malware ni que se habia eliminado; es acaso esta cosa con el simpático nombre de "chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0"? Si es así, cómo entra esta cosa en el portable.
El logo de Sprocess:
(20-4-2015 15:01:33 GMT)
SProces v8.4 (c)2015 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 8.1 (v6.3) (64 bits)
Internet Explorer: (v9.11.9600.17690) 0
Equipo: PCJUAN
Usuario: porjuan
Sesión de Usuario: porjuan

86 Procesos Activos:
SMSS.EXE
CSRSS.EXE
WININIT.EXE
CSRSS.EXE
WINLOGON.EXE
SERVICES.EXE
LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
DWM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\ASLDRSRV.EXE
C:\WINDOWS\SYSTEM32\WLANEXT.EXE
CONHOST.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKGFNEX\GFNEXSRV.EXE
SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
ADMINSERVICE.EXE
CMDAGENT.EXE
DPTFPARTICIPANTPROCESSORSERVICE.EXE
DASHOST.EXE
DPTFPOLICYCONFIGTDPSERVICE.EXE
DPTFPOLICYLPMSERVICE.EXE
EXPRESSCACHE.EXE
HECISERVER.EXE
C:\WINDOWS\SYSWOW64\IRSTRTSV.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL\JHI_SERVICE.EXE
C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\MBAMSCHEDULER.EXE
C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\MBAMSERVICE.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
ASUSWAKEUPSERVICE.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\HCONTROL.EXE
C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\MBAM.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK HOTKEY\KBFILTR.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
BATTERYLIFE.EXE
ASPATCHTOUCHPANEL64.EXE
TASKHOSTEX.EXE
CISTRAY.EXE
VIVOBOOK.EXE
ASUSTPLOADER.EXE
TABTIP.EXE
QUICKGESTURE64.EXE
C:\PROGRAM FILES (X86)\ASUS\ASUS SMART GESTURE\QUICKGESTURE\X86\QUICKGESTURE.EXE
ASUSTPCENTER.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\INK\TABTIP32.EXE
C:\PROGRAM FILES (X86)\BLUETOOTH SUITE\ATH_COEXAGENT.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
IGFXTRAY.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATK MEDIA\DMEDIA.EXE
C:\PROGRAM FILES (X86)\ASUS\ATK PACKAGE\ATKOSD2\ATKOSD2.EXE
HKCMD.EXE
DPTFPOLICYLPMSERVICEHELPER.EXE
RAVCPL64.EXE
RAVBG64.EXE
BTTRAY.EXE
BTVSTACK.EXE
C:\PROGRAM FILES (X86)\INTERNET DOWNLOAD MANAGER\IDMAN.EXE
WMIPRVSE.EXE
C:\PROGRAM FILES (X86)\CYBERLINK\POWERDVD10\PDVD10SERV.EXE
C:\PROGRAM FILES (X86)\CANON\QUICK MENU\CNQMMAIN.EXE
C:\PROGRAM FILES (X86)\CANON\CANON IJ NETWORK SCAN UTILITY\CNMNSUT.EXE
ACTIVATEDESKTOP.EXE
C:\PROGRAM FILES (X86)\INTERNET DOWNLOAD MANAGER\IEMONITOR.EXE
C:\WINDOWS\SPLWOW64.EXE
CAVWP.EXE
C:\PROGRAM FILES (X86)\CANON\QUICK MENU\CNQMUPDT.EXE
CIS.EXE
C:\PROGRAM FILES\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORICON.EXE
ASUSTPHELPER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORDATAMGRSVC.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\FWSERVICE\INTELMEFWSERVICE.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE
C:\PROGRAM FILES (X86)\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE
WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE
C:\USERS\PORJUAN\DESKTOP\SPROCES\SPROCES.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKUS\S-1-5-21-1208357557-3212375012-4182987995-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'Juan')
R0 - HKUS\S-1-5-21-1208357557-3212375012-4182987995-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch (User 'Juan')
F2 - REG:system.ini: UserInit=userinit.exe (HKLM x86)
O1 - Hosts: 127.0.0.1 es.easeus.com
O1 - Hosts: 127.0.0.1 http://www.easeus.com
O1 - Hosts: 127.0.0.1 easeus.com
O1 - Hosts: 127.0.0.1 http://www.survey.com-annualsurvey
O1 - Hosts: 127.0.0.1 survey.com-annualsurvey
O1 - Hosts: 127.0.0.1 http://www.avs4you.com
O1 - Hosts: 127.0.0.1 avs4you.com
O1 - Hosts: 127.0.0.1 http://www.videoredo.net
O1 - Hosts: 127.0.0.1 videoredo.net
O1 - Hosts: 127.0.0.1 http://www.videoredo.com
O1 - Hosts: 127.0.0.1 videoredo.com
O1 - Hosts: 127.0.0.1 http://www.iolo.com
O1 - Hosts: 127.0.0.1 iolo.com
O1 - Hosts: 127.0.0.1 http://www.auslogics.com
O1 - Hosts: 127.0.0.1 auslogics.com
O1 - Hosts: 127.0.0.1 http://www.revouninstallerpro.com
O1 - Hosts: 127.0.0.1 revouninstallerpro.com
O1 - Hosts: 127.0.0.1 license.piriform.com
O1 - Hosts: 127.0.0.1 http://www.glarysoft.com
O1 - Hosts: 127.0.0.1 glarysoft.com
...
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO (x86): IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO (x86): Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO (x86): RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar (x86): &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar (x86): Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-21-1208357557-3212375012-4182987995-1003\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Juan')
O4 - HKUS\S-1-5-21-1208357557-3212375012-4182987995-1003\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (User 'Juan')
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [IgfxTray] "C:\WINDOWS\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\WINDOWS\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
O4 - HKLM\..\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Wow6432Node\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\Wow6432Node\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Wow6432Node\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Wow6432Node\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Wow6432Node\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O8 - Extra context menu item: Descargar con IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Guardar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
O8 - Extra context menu item: Mostrar Barra de Herramientas - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
O8 - Extra context menu item: Personalizar Menú - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Rellenar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
O8 - Extra context menu item: Barre RoboForm - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html (User 'Juan')
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 (User 'Juan')
O8 - Extra context menu item: Enregistrer les formulaires - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html (User 'Juan')
O8 - Extra context menu item: Personnaliser le menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html (User 'Juan')
O8 - Extra context menu item: Remplir les formulaires - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html (User 'Juan')
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm (User 'Juan')
O8 - Extra context menu item: Télécharger tous les liens avec Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm (User 'Juan')
O9 - Extra button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (HKLM)
O9 - Extra button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (HKLM)
O9 - Extra button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (HKLM)
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (HKLM)
O9 - Extra button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (HKLM x86)
O9 - Extra button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (HKLM x86)
O9 - Extra button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (HKLM x86)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (HKLM x86)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics (x86)
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll
O20 - AppInit_DLLs (x86): C:\WINDOWS\SysWOW64\nvinit.dll
O20 - Winlogon Notify: IGFXCUI - IGFXDEV.DLL
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
O21 - SSODL (x86): WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

Información Adicional:
----------------------
Acceso Rapido ('porjuan'): FlashFXP 5.lnk = C:\Program Files (x86)\FlashFXP 5\FlashFXP.exe
Acceso Rapido ('porjuan'): Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Acceso Rapido ('porjuan'): Shows Desktop.lnk =
Acceso Rapido ('porjuan'): Window Switcher.lnk =
Acceso Rapido ('Juan'): Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Acceso Rapido ('Juan'): Shows Desktop.lnk =
Acceso Rapido ('Juan'): Window Switcher.lnk =
Ext.Google Chrome. ('porjuan') Id: aapocclcgogkmnckokdopfmhonfmgoek
Ext.Google Chrome. ('porjuan') Id: aohghmighlieiainnegkcijnfilokake
Ext.Google Chrome. ('porjuan') Id: apdfllckaahabafndbhieahigkjlhalf
Ext.Google Chrome. ('porjuan') Id: blpcfgokakmgnkcojhhkbfbldkacnbeo
Ext.Google Chrome. ('porjuan') Id: coobgpohoikkiipiblmjeljniedjpjpf
Ext.Google Chrome. ('porjuan') Id: felcaaldnbdncclmgdcncolpebgiejap
Ext.Google Chrome. ('porjuan') Id: ngpampappnmepgilojfohadhhmbhlaek C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
Ext.Google Chrome. ('porjuan') Id: nmmhkkegccagdldgiimedpiccmgmieda
Ext.Google Chrome. ('porjuan') Id: pjkljhegncpnkpknbcohdijeoejaedia
Ext.Google Chrome. ('porjuan') Id: pnlccmojcmeohlpggmfnbbiapkmbliob C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx
Ext.Google Chrome. ('Juan') Id: aapocclcgogkmnckokdopfmhonfmgoek
Ext.Google Chrome. ('Juan') Id: aohghmighlieiainnegkcijnfilokake
Ext.Google Chrome. ('Juan') Id: apdfllckaahabafndbhieahigkjlhalf
Ext.Google Chrome. ('Juan') Id: blpcfgokakmgnkcojhhkbfbldkacnbeo
Ext.Google Chrome. ('Juan') Id: coobgpohoikkiipiblmjeljniedjpjpf
Ext.Google Chrome. ('Juan') Id: felcaaldnbdncclmgdcncolpebgiejap
Ext.Google Chrome. ('Juan') Id: jeaohhlajejodfjadcponpnjgkiikocn NULL2
Ext.Google Chrome. ('Juan') Id: nmmhkkegccagdldgiimedpiccmgmieda
Ext.Google Chrome. ('Juan') Id: pjkljhegncpnkpknbcohdijeoejaedia
Ext.Google Chrome. ('Juan') Id: pnlccmojcmeohlpggmfnbbiapkmbliob C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx
Ext.Google Chrome. ('Juan') Id: Temp
DataBases Google Chrome. ('porjuan'): Databases.db
DataBases Google Chrome. ('Juan'): Databases.db
DataBases Google Chrome. ('Juan'): Databases.db-journal

Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASMMAP64 - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @oem4.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem4.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
O23 - Service: @oem4.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IDMWFP - Tonec Inc. - C:\WINDOWS\system32\DRIVERS\idmwfp.sys
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: ASUS Wake Service (WakeupService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @oem14.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class (AthBTPort) - Qualcomm Atheros - C:\WINDOWS\system32\DRIVERS\btath_flt.sys
O23 - Service: @oem41.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver (athr) - Qualcomm Atheros Communications, Inc. - C:\WINDOWS\system32\DRIVERS\athwbx.sys
O23 - Service: @oem5.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device (ATP) - ASUS Corporation - C:\WINDOWS\System32\drivers\AsusTP.sys
O23 - Service: @bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service (bcmfn2) - Windows (R) Win 7 DDK provider - C:\WINDOWS\System32\drivers\bcmfn2.sys
O23 - Service: @oem15.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver (BTATH_HCRP) - Qualcomm Atheros - C:\WINDOWS\System32\drivers\btath_hcrp.sys
O23 - Service: @oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device (BTATH_LWFLT) - Qualcomm Atheros - C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
O23 - Service: BtFilter - Qualcomm Atheros - C:\WINDOWS\system32\DRIVERS\btfilter.sys
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DptfDevDram - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys
O23 - Service: DptfDevFan - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys
O23 - Service: DptfDevGen - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys
O23 - Service: DptfDevPch - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys
O23 - Service: DptfDevProc - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys
O23 - Service: DptfManager - Intel Corporation - C:\WINDOWS\system32\DRIVERS\DptfManager.sys
O23 - Service: epmntdrv - Unknown owner - C:\WINDOWS\system32\epmntdrv.sys
O23 - Service: EuGdiDrv - Unknown owner - C:\WINDOWS\system32\EuGdiDrv.sys
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem17.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control (HIDSwitch) - ASUS - C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
O23 - Service: @ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver (iaLPSSi_GPIO) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
O23 - Service: @ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver (iaLPSSi_I2C) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
O23 - Service: igfx - Intel Corporation - C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
O23 - Service: @oem31.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device (intaud_WaveExtensible) - Intel Corporation - C:\WINDOWS\system32\drivers\intelaud.sys
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\drivers\RTKVHD64.sys
O23 - Service: @oem25.inf,%IntcDAud.SvcDesc%;Son Intel(R) pour écrans (IntcDAud) - Intel(R) Corporation - C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
O23 - Service: @oem12.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver (irstrtdv) - Intel Corporation - C:\WINDOWS\System32\drivers\irstrtdv.sys
O23 - Service: @oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator (iwdbus) - Intel Corporation - C:\WINDOWS\System32\drivers\iwdbus.sys
O23 - Service: jw0dzx9l - Unknown owner - C:\WINDOWS\system32\drivers\jw0dzx9l.sys (file missing)
O23 - Service: @oem11.inf,%kbfiltr.SvcDesc%;Keyboard Filter (kbfiltr) - - C:\WINDOWS\System32\drivers\kbfiltr.sys
O23 - Service: ma-config_amd64 - CybelSoft - C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys
O23 - Service: Ma-Config Agent (MaConfigAgent) - CybelSoft - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: MBAMProtector - Malwarebytes Corporation - C:\WINDOWS\system32\drivers\mbam.sys
O23 - Service: MBAMSwissArmy - Malwarebytes Corporation - C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
O23 - Service: MBAMWebAccessControl - Malwarebytes Corporation - C:\WINDOWS\system32\drivers\mwac.sys
O23 - Service: @oem26.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface (MEIx64) - Intel Corporation - C:\WINDOWS\System32\drivers\HECIx64.sys
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: @oem37.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM) (nvvad_WaveExtensible) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvvad64v.sys
O23 - Service: Revoflt - VS Revo Group - C:\WINDOWS\SYSTEM32\DRIVERS\revoflt.sys
O23 - Service: @oem7.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA (RSBASTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys
O23 - Service: @oem40.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver (RTL8168) - Realtek - C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe

Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

69 Servicios.
21 de Carga Automatica.
47 de Carga Manual.
1 Deshabilitados.

Listado de Programas Instalados:
--------------------------------
Windows Driver Package - ASUS (ATP) Mouse (11/09/2012 1.0.0.153) -> C:\PROGRA~1\DIFX\4A7292~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\asustp.inf_amd64_c8afc71cb1fe0404\asustp.inf
CCleaner -> "C:\Program Files\CCleaner\uninst.exe"
Unlocker 1.9.2 -> C:\Program Files\Unlocker\uninst.exe
WinRAR 5.20 (64-bit) -> C:\Program Files\WinRAR\uninstall.exe
ASUS VivoBook -> MsiExec.exe /I{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}
ASUS Screen Saver -> MsiExec.exe /I{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
Canon MG5200 series MP Drivers -> "C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series\DELDRV64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series /L0x000c
COMODO Firewall -> MsiExec.exe /I{18F14F4B-D8A9-4309-817E-3BC0B7664E53}
Intel(R) Rapid Storage Technology -> MsiExec.exe /I{27DEA29A-222C-45F8-B70D-0A7B303FC71B}
ExpressCache -> MsiExec.exe /I{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}
Intel(R) Rapid Storage Technology -> "C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall
Revo Uninstaller Pro 3.1.2 -> "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"
Ma-Config.com (64 bits) -> MsiExec.exe /X{914DEF20-C55F-429E-ADC8-9B33237804B6}
ASUS Power4Gear Hybrid -> MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
PDF-Viewer -> "C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
Qualcomm Atheros Bluetooth Suite (64) -> MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801}
NVIDIA Controlador de gráficos 350.12 -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA GeForce Experience 2.4.1.21 -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Software del sistema PhysX 9.15.0324 -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
SUPERAntiSpyware -> "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Intel® Trusted Connect Service Client -> MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
Intel(R) Rapid Start Technology -> C:\Program Files (x86)\Intel\irstrt\Uninstall\setup.exe -uninstall
Adobe Flash Player 17 NPAPI -> C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_134_Plugin.exe -maintain plugin
RoboForm 7-9-11-5 (All Users) -> "C:\Program Files (x86)\Siber Systems\AI RoboForm\rfwipeout.exe"
ASUS WebStorage Sync Agent -> C:\Program Files (x86)\ASUS\WebStorage Sync Agent\uninst.exe
Battle.net -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=battle.net --displayname="Battle.net"
Canon My Printer -> "C:\Program Files\Canon\MyPrinter\uninst.exe" /UninstallRemove C:\Program Files\Canon\MyPrinter\uninst.ini
Canon Quick Menu -> "C:\Program Files (x86)\Canon\Quick Menu\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Quick Menu\uninst.ini
Canon IJ Network Scan Utility -> "C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSU.exe" /UninstallRemove C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\uninst.ini
Canon IJ Network Tool -> C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe
Diablo III -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=esES --uid=diablo3_eses --displayname="Diablo III"
Instalación de DivX -> C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
EaseUS Partition Master 10.2 Trial Edition -> "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\unins000.exe"
Canon Easy-WebPrint EX -> "C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.ini
ESET Online Scanner v3 -> C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
Intel(R) Dynamic Platform and Thermal Framework -> C:\Program Files (x86)\Intel\Intel(R) Dynamic Platform and Thermal Framework\Uninstall\setup.exe -uninstall
FlashFXP 5 -> "C:\ProgramData\{4E9C0E19-EB2A-4563-B74E-07D2536941E3}\FlashFXP5_Setup.exe" REMOVE=TRUE MODIFY=FALSE
Glary Utilities 5.15 -> C:\Program Files (x86)\Glary Utilities 5\uninst.exe
Google Chrome -> "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
HD Tune Pro 5.50 -> "C:\Program Files (x86)\HD Tune Pro\unins000.exe"
herdProtect Anti-Malware Scanner -> "C:\Program Files\Reason\herdProtect\Scanner\uninstall.exe"
ASUSDVD -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
Internet Download Manager -> C:\Program Files (x86)\Internet Download Manager\Uninstall.exe
IrfanView (remove only) -> "C:\Program Files (x86)\IrfanView\iv_uninstall.exe"
Malwarebytes Anti-Malware versión 2.0.4.1028 -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Mozilla Firefox 37.0.1 (x86 es-ES) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Canon MP Navigator EX 4.0 -> "C:\Program Files (x86)\Canon\MP Navigator EX 4.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 4.0\uninst.ini
SpywareBlaster 5.0 -> "C:\Program Files (x86)\SpywareBlaster\unins000.exe"
UltraISO Premium V9.61 -> "C:\Program Files (x86)\UltraISO\unins000.exe"
WMInstall -> "C:\WINDOWS\unins000.exe"
ASUS LifeFrame3 -> MsiExec.exe /X{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
Qualcomm Atheros Client Installation Program -> "C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -runfromtemp -l0x0409 -removeonly
System Explorer 6.4.0 -> "C:\Program Files (x86)\System Explorer\unins000.exe"
ASUS Smart Gesture -> MsiExec.exe /I{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
ASUS Tutor -> MsiExec.exe /I{58172D66-2F69-4215-9AEC-ED8196023736}
Google Update Helper -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Intel(R) Management Engine Components -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Realtek Ethernet Controller Driver -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
DllTool 1.0 -> "C:\Program Files (x86)\DllTool\1.0\unins000.exe"
WinFlash -> MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
VC80CRTRedist - 8.0.50727.6195 -> MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
ATK Package -> MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Realtek PCIE Card Reader -> "C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly
ASUSDVD -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
Intel(R) Processor Graphics -> C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Realtek High Definition Audio Driver -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Intel(R) SDK for OpenCL - CPU Only Runtime Package -> C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Microsoft OneDrive -> C:\Users\porjuan\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\OneDriveSetup.exe /uninstall
Registry Help Pro -> C:\Users\porjuan\AppData\Local\Registry Help Pro\uninstall.exe
----------------------------------

[msc hotline sat]

Pues atribuimos el problema debido a esta extension que estaba ubicada atipicamente en C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\databases\, que pasamos a controlar a partir del SPROCES 8.4, pero que vemos que ya no hay nada mas:


DataBases Google Chrome. ('porjuan'): Databases.db
DataBases Google Chrome. ('Juan'): Databases.db
DataBases Google Chrome. ('Juan'): Databases.db-journal


Con todo ello y por lo que nos indica, damos el Tema por solucionado y procedemos a cerrarlo

SI NOS NECESITA DE NUEVO; YA SABE DONDE ESTAMOS

saludos

ms 21-4-2015