aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

¿tu ordenador va lento, pierdes la conexion a internet, se reinicia solo, salen errores continuamente... este es tu foro para tu problemas con los virus
Responder
jisaav
Asiduo al foro
Asiduo al foro
Mensajes: 60
Registrado: 24 Sep 2007, 01:41

aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por jisaav » 27 Ago 2018, 15:52

Buenas tardes, escribo por lo siguiente.

Instalé por curiosidad y por tratar de aprender acerca de criptomonedas, archivos que creo afectaron mi computador.

Creo que consume mucho recurso de la memoria, y además ralentiza el funcionamiento general del sistema.

Aparece una ventana emergente del cmd, además de una ventana con un aviso que dice tal cual: "Windows no puede encontrar el archivo "C:/Users/(NombreDeUsuario)/AppData/Roaming/Microsoft/Windows/webuagu/usefigftf.exe" Asegúrese de que el nombre esté escrito correctamente e inténtelo de nuevo"


Hace unos meses intenté, por otras vías, detectar información que me ayudara en otros foros a atacar al problema, pero el resultadofue negativo; tardaba mucho, me refiero a días, en dar un resultado del análisis el programa, y no podía dejar de usar la computadora, pues es parte de mi trabajo diario.

Si me recomienda una forma de intentar nuevamente, pues agradecido.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 90654
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por msc hotline sat » 29 Ago 2018, 09:04

Si siempre indica el mismo nombre del fichero, arranque en MODO SEGURO CON FUNCIONES DE RED y vea si asi lo puede localizar y enviarnoslo para analizar como indicamos en

viewtopic.php?f=2&t=45334

Lo analizaremos y, si es malware, lo pasaremos a controlar en proximo ELISTARA de lo cual le informaremos como respuesta a este Tema.

Por lo que indica, es muy posible que se trate de un BITCOINMINER que se lance arrancando en MODO NORMAL, por ello le indicamos que arranque en MODO SEGURO, para no cargar lo que no corresponda al sistema, y asi evitar que se esconda, como al parecer hace a veces...

Pendientes de sus noticias, reciba saludos

ms, 29-8-2018

jisaav
Asiduo al foro
Asiduo al foro
Mensajes: 60
Registrado: 24 Sep 2007, 01:41

Re: aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por jisaav » 29 Ago 2018, 17:44

Hola, he iniciado en modo seguro con funciones de red, y ni la ventana del cmd ni la ventana con el mensaje sobre el fichero faltante han surgido nuevamente. Ha de ser por lo que Ud. indica, que se lanza al arrancar en modo normal.

Ahora, no sé cómo proceder desde este punto. ¿Qué debo buscar? ¿Qué debo hacer a continuación?

Debo indicarle también que el sistema operativo que utilizo en windows 10, y tenía entendido que la utilidad elistara funciona sólo hasta el windows 7; Yo he seguido con frecuencia recomendaciones de estos foros en zonavirus, utilicé esa y otras utilidades mucho en el pasado.

agradecido por su tiempo.

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 90654
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por msc hotline sat » 29 Ago 2018, 18:25

Puede usar el actual ELISTARA con Windows 10, pero hagalo en MODO SEGURO y si aun no lo ha descargado, seleccion MODO SEGURO CON FUNCIONES DE RED, y tras descargarlo, lancelo sin reiniciar, y nos cuenta el resultado.

Y por si fuera el caso, vea si desde el CMD, con un DIR añadiendo al final /a y /s, aparece el dichoso fichero:

DIR C:/Users/(NombreDeUsuario)/AppData/Roaming/Microsoft/Windows/webuagu/usefigftf.exe /a /s

Si lo encuentra, añada ,VIR a la extensión de dicho fichero, para que no pueda ejecutarse de nuevo.

Saludos

ms, 29-8-2018

jisaav
Asiduo al foro
Asiduo al foro
Mensajes: 60
Registrado: 24 Sep 2007, 01:41

Re: aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por jisaav » 31 Ago 2018, 23:25

aquí el log que dejó el EliStarA:


(31-8-2018 18:06:25 (GMT))
EliStartPage v39.61 (c)2018 S.G.H. / Satinfo S.L. (Actualizado el 30 de Agosto del 2018)
--------------------------------------------------
Sistema Operativo: Windows 10 Home (6.3.17134) (64 bits)
Usuario: jisaav
ID de Usuario: S-1-5-21-921242894-1989990284-1724683343-1000
Cadenas Víricas: 36551

Lista de Acciones (por Acción Directa):
Eliminado Servicio, "GbpSv"
Detectado HOSTS no Standar.
Restaurado HOSTS por el Original.
Eliminada Carpeta "C:\ProgramData\GbPlugin"
Eliminada Carpeta "C:\Program Files (x86)\Gbplugin"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE

(31-8-2018 19:21:07 (GMT))
EliStartPage v39.61 (c)2018 S.G.H. / Satinfo S.L. (Actualizado el 30 de Agosto del 2018)
--------------------------------------------------
Sistema Operativo: Windows 10 Home (6.3.17134) (64 bits)
Usuario: Temporal Europa
ID de Usuario: S-1-5-21-921242894-1989990284-1724683343-1003
Cadenas Víricas: 36551

Lista de Acciones (por Acción Directa):
Error de Acceso a las Rutas del Usuario.

(31-8-2018 20:54:52 (GMT))
EliStartPage v39.61 (c)2018 S.G.H. / Satinfo S.L. (Actualizado el 30 de Agosto del 2018)
--------------------------------------------------
Sistema Operativo: Windows 10 Home (6.3.17134) (64 bits)
Usuario: Temporal Europa
ID de Usuario: S-1-5-21-921242894-1989990284-1724683343-1003
Cadenas Víricas: 36551

Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Program Files (x86)\Movistar\Escritorio movistar Latam\PCMCIAs\ATI\ATISETUP.EXE --> Eliminado, FakeAV.Winwebsec
C:\Program Files (x86)\ReiBoot\UNINST.EXE --> Eliminado, Worm.Kasidet.E
C:\Users\jisaav\Downloads\4.6.0.0TSHRE_I.C.ARE.PHONE.ZIP -> iPhoneCareProtrial503.exe -> Detectado Worm.Kasidet.E
C:\Users\jisaav\Downloads\IFS.EXE --> Eliminado, Autoit.QZ
C:\Users\jisaav\Downloads\REIBOOT 6.9.3.0.EXE --> Eliminado, Worm.Kasidet.E

Nº Total de Directorios: 71498
Nº Total de Ficheros: 647349
Nº de Ficheros Analizados: 253057
Nº de Ficheros Infectados: 5
Nº de Ficheros Eliminados: 4

(31-8-2018 21:03:46 (GMT))
EliStartPage v39.61 (c)2018 S.G.H. / Satinfo S.L. (Actualizado el 30 de Agosto del 2018)
--------------------------------------------------
Sistema Operativo: Windows 10 Home (6.3.17134) (64 bits)
Usuario: Temporal Europa
ID de Usuario: S-1-5-21-921242894-1989990284-1724683343-1003
Cadenas Víricas: 36551

Lista de Acciones (por Cierre):
Detectados Programas Potencialmente No Deseados (PUPs).
Ejecute el EliPUPs para proceder con su Desinstalación.
"AVG PC TuneUp"



____________




La utilidad ha eliminado algunos programas que ni llegue´a utilizar, porque me ralentizaron mucho el desempeño de la computadora.


Recomienda eliminar otro PUP. Lo haré a continuación


Respecto a revisar el directorio desde el cmd con la ruta que buscó, pues realmente no aparece ese fichero

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 90654
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por msc hotline sat » 02 Sep 2018, 01:03

Pues el Elistara ha detectado y eliminado algun que otro malware ... :mrgreen:


Y si ya no detecta el fichero, igual ya no aparece mas el dichoso mensajito.

Ya nos contará.

saludos

ms, 2-8-2018

jisaav
Asiduo al foro
Asiduo al foro
Mensajes: 60
Registrado: 24 Sep 2007, 01:41

Re: aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por jisaav » 05 Sep 2018, 18:36

Nada, sigue apareciendo la ventana del cmd, con el mensaje acerca del fichero faltante. Ejecuté el windows defender, y nada satisfactorio.

No sé que otra cosa hacer

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 90654
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por msc hotline sat » 06 Sep 2018, 07:18

Si ya no encuentra dicho fichero ni arrancando en MODO SEGURO, posiblemente ya haya sido eliminado pero quede una clave de registro intentando lanzarlo, que es lo que le aparece en un CMD

Lance el SPROCES y tras pulsar SALIR, posteenos el informe resultante (C:\Sproclog.txt)

Posiblemente veremos una ckave O4 RUN al respecto, la cual eliminaremos si es el caso


Pendientes de sus noticias, reciba saludos.

ms, 6-9-2018

jisaav
Asiduo al foro
Asiduo al foro
Mensajes: 60
Registrado: 24 Sep 2007, 01:41

Re: aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por jisaav » 10 Sep 2018, 00:03

Dejo por aquí el log más reciente del EliStarA, luego el de SProces. Antes, había limpiado un poco con la app CCleaner. El programa que detecta el EliStarA está en un ZIP (que habilité para que éste las mirara también), y ya lo eliminé:

Sistema Operativo: Windows 10 Home (6.3.17134) (64 bits)
Usuario: Jesús Saavedra
ID de Usuario: S-1-5-21-921242894-1989990284-1724683343-1000
Cadenas Víricas: 36665

Lista de Acciones (por Acción Directa):
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE

(9-9-2018 00:38:28 (GMT))
EliStartPage v39.67 (c)2018 S.G.H. / Satinfo S.L. (Actualizado el 7 de Septiembre del 2018)
--------------------------------------------------
Sistema Operativo: Windows 10 Home (6.3.17134) (64 bits)
Usuario: Temporal Europa
ID de Usuario: S-1-5-21-921242894-1989990284-1724683343-1003
Cadenas Víricas: 36665

Lista de Acciones (por Acción Directa):
Error de Acceso a las Rutas del Usuario.

(9-9-2018 02:03:08 (GMT))
EliStartPage v39.67 (c)2018 S.G.H. / Satinfo S.L. (Actualizado el 7 de Septiembre del 2018)
--------------------------------------------------
Sistema Operativo: Windows 10 Home (6.3.17134) (64 bits)
Usuario: Temporal Europa
ID de Usuario: S-1-5-21-921242894-1989990284-1724683343-1003
Cadenas Víricas: 36665

Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Users\Jesús Saavedra\Downloads\4.6.0.0TSHRE_I.C.ARE.PHONE.ZIP -> iPhoneCareProtrial503.exe -> Detectado Worm.Kasidet.E

Nº Total de Directorios: 70565
Nº Total de Ficheros: 635079
Nº de Ficheros Analizados: 252337
Nº de Ficheros Infectados: 1
Nº de Ficheros Eliminados: 0



(9-9-2018 02:20:33 GMT)
SProces v9.1 (c)2017 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 10 Home (v6.3.17134) (64 bits)
Internet Explorer: (v11.228.17134.0) 0
Equipo: JESUSSAAVEDRAPC
Usuario: Jesús I. Saavedra
Sesión de Usuario: Jesús I. Saavedra

49 Procesos Activos:
C:\WINDOWS\SYSTEM32\REGISTRY
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\FONTDRVHOST.EXE
C:\WINDOWS\SYSTEM32\FONTDRVHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MSMPENG.EXE
C:\WINDOWS\SYSTEM32\SIHOST.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\SHELLEXPERIENCEHOST.EXE
C:\WINDOWS\SYSTEM32\SEARCHUI.EXE
C:\WINDOWS\SYSTEM32\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\RUNTIMEBROKER.EXE
C:\WINDOWS\SYSTEM32\SKYPEHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\CTFMON.EXE
C:\WINDOWS\SYSTEM32\RUNTIMEBROKER.EXE
C:\WINDOWS\SYSTEM32\RUNTIMEBROKER.EXE
C:\WINDOWS\SYSTEM32\HELPPANE.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\APPLICATIONFRAMEHOST.EXE
C:\WINDOWS\SYSTEM32\SMARTSCREEN.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\USERS\JESúS SAAVEDRA\DOWNLOADS\SPROCES.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R0 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com (User 'Jesús Saavedra')
R0 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch (User 'Jesús Saavedra')
R0 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'Temporal Europa')
R0 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch (User 'Temporal Europa')
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0)
R1 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (0) (User 'Jesús Saavedra')
R1 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local> (0) (User 'Temporal Europa')
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll (MD5: 9D3FF60D568ECF26013DA49AA364D553)
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office16\GROOVEEX.DLL (MD5: FF7455F31181A98F0FFD834D45B61309)
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (MD5: D448BAA154B18710D51FDE76F25E7096)
O2 - BHO (x86): Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll (MD5: 0FB4C94DB5760CF8401E11489000CCBA)
O2 - BHO (x86): Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll (MD5: CB5C0324040396DFEA57F6BA2A263A90)
O2 - BHO (x86): SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (MD5: 363732CD59DC6BAE23BFAE6F5C13B6C1)
O2 - BHO (x86): Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office16\GROOVEEX.DLL (MD5: 9175E306863B4D3EB844C365779A6AE4)
O2 - BHO (x86): Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll (MD5: E427159BC63B397326D3048E2E77E93B)
O2 - BHO (x86): TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (MD5: E0611C2D1D2984165B5C66DBEC8582FD)
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (MD5: 1DC726B72BEF08C8F04828F6D9AE7F4F)
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" (MD5: B306E6D61881B167A5A35ED25717168E)
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_37BAFEC3A9DDB379E51783EF3EBED27B] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 (MD5: 67590595FC7F03C0BC697AB409621A36)
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --restore-last-session (MD5: 67590595FC7F03C0BC697AB409621A36)
O4 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1000\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User 'Jesús Saavedra') (MD5: 1DC726B72BEF08C8F04828F6D9AE7F4F)
O4 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1000\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" (User 'Jesús Saavedra') (MD5: B306E6D61881B167A5A35ED25717168E)
O4 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1000\..\Run: [GoogleChromeAutoLaunch_37BAFEC3A9DDB379E51783EF3EBED27B] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 (User 'Jesús Saavedra') (MD5: 67590595FC7F03C0BC697AB409621A36)
O4 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1000\..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --restore-last-session (User 'Jesús Saavedra') (MD5: 67590595FC7F03C0BC697AB409621A36)
O4 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1003\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Temporal Europa') (MD5: 450FDD861FD582026BDCE55FCB2162C4)
O4 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1003\..\Run: [OneDrive] "C:\Users\Temporal Europa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User 'Temporal Europa') (MD5: 91DD4AD85BB341CC8CF5187EA06FD171)
O4 - HKUS\S-1-5-21-921242894-1989990284-1724683343-1003\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'Temporal Europa')
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t (MD5: 6B640D9B1C114DDB8A534A9101DCEF29)
O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe (MD5: 8D8839FDB43DE6F35D4A26294B8B9549)
O4 - HKLM\..\Run: [Teco] "C:\Program Files\TOSHIBA\TECO\Teco.exe" /r (MD5: EF9C5CD482AC0C29C5EC885CBB94469A)
O4 - HKLM\..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (MD5: F82483A80D49ACCA81193A294FB233CD)
O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (MD5: 426350B428CD70D037A3326EB9E5EDFD)
O4 - HKLM\..\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
O4 - HKLM\..\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" (MD5: 7DC06D017872420EAFBD512225F8F4E2)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (MD5: 4B6E5E5810D06E94C552AEB76B4D954C)
O4 - HKLM\..\Run: [IgfxTray] "C:\WINDOWS\system32\igfxtray.exe" (MD5: 3402BBBC16E909985C4F184EB247E9BD)
O4 - HKLM\..\Run: [HotKeysCmds] "C:\WINDOWS\system32\hkcmd.exe" (MD5: 22BF0CCB64AAE89004355E924E0AD463)
O4 - HKLM\..\Run: [Persistence] "C:\WINDOWS\system32\igfxpers.exe" (MD5: FDA7C3D4227097EC5B45BF9E769B5427)
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Wow6432Node\..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (MD5: BB752714D14CB1F13969D721F1A3A60F)
O4 - HKLM\..\Wow6432Node\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (MD5: BED38B0ADFF5F5CC6E988A6491017E83)
O4 - HKLM\..\Wow6432Node\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup (MD5: 1E8EA41AC94BD680B56BE24D92F66EFA)
O4 - HKLM\..\Wow6432Node\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe (MD5: 34D296AFC913E302953C70463EF09A48)
O4 - HKLM\..\Wow6432Node\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" (MD5: 7021BCD337B4A88CF3A63AA4F0C5D05D)
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Servicio Local') (MD5: 450FDD861FD582026BDCE55FCB2162C4)
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'Servicio Local')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Servicio de red') (MD5: 450FDD861FD582026BDCE55FCB2162C4)
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'Servicio de red')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (MD5: 63A2D767B9261B4F33F97BF88F2FB197)
O8 - Extra context menu item: Add Web Page to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html
O8 - Extra context menu item: Append Lin&k Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert &Web Page to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Add Web Page to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html (User 'Jesús Saavedra')
O8 - Extra context menu item: Append Lin&k Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html (User 'Jesús Saavedra')
O8 - Extra context menu item: Convert &Web Page to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html (User 'Jesús Saavedra')
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html (User 'Jesús Saavedra')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 (User 'Jesús Saavedra')
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 (User 'Jesús Saavedra')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000 (User 'Temporal Europa')
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll (MD5: 553F9D97F79C8D7E59ED8DD11445BDDB) (HKLM)
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll (MD5: 9D3FF60D568ECF26013DA49AA364D553) (HKLM)
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (MD5: 7F616017A14C4E39D894C423FA05EAC7) (HKLM)
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll (MD5: 024751010BFF583D017B2CE5BA2E7683) (HKLM x86)
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll (MD5: 0FB4C94DB5760CF8401E11489000CCBA) (HKLM x86)
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (MD5: 8A46BB554FB108A9D34BE657FEFBE5F8) (HKLM x86)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (MD5: 363732CD59DC6BAE23BFAE6F5C13B6C1) (HKLM x86)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics (x86)
O16 - DPF (x86): {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 11.171.2) - http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
O16 - DPF (x86): {CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA} (Java Plug-in 1.7.0_71) - http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
O16 - DPF (x86): {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 11.171.2) - http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{501222ea-ffcf-49af-ab0c-08574d71e5a2}: NameServer = 8.8.8.8,4.4.4.4
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (MD5: CFAFFF6EE672898DBDA688B3CA90634E)
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL (MD5: EF99D43964A5A70B03A6F61F1CBDC8B8)
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL (MD5: EF99D43964A5A70B03A6F61F1CBDC8B8)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (MD5: 74D059376BBA1EC688E8A0386353F387)
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (MD5: 74D059376BBA1EC688E8A0386353F387)
O20 - Winlogon Notify: IGFXCUI - IGFXDEV.DLL (MD5: C79AB73C81B3237AD07302CF00E5B827)
O20 - Winlogon Notify (x86): GBPLUGINBDV - C:\PROGRAM FILES (X86)\GBPLUGIN\GBIEHBDV.DLL (file missing)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
O21 - SSODL (x86): WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
O22 - ShellExecuteHooks (x86): GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399026} - (no file)

Información Adicional:
----------------------
Acceso Rapido ('Jesús I. Saavedra'): Ad-Aware.lnk = C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe (MD5: 1B6FEC13F98D657263C9A1C815B7F045)
Acceso Rapido ('Jesús I. Saavedra'): Bandicam.lnk = C:\Program Files (x86)\Bandicam\bdcam.exe (MD5: 37DDF5A48FD370963EA002A46CE1B89C)
Acceso Rapido ('Jesús I. Saavedra'): DeepBurner.lnk = C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe (MD5: C126A5CEC45F618653B10292CBDF927B)
Acceso Rapido ('Jesús I. Saavedra'): Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (MD5: 67590595FC7F03C0BC697AB409621A36)
Acceso Rapido ('Jesús I. Saavedra'): JDownloader 2.lnk =
Acceso Rapido ('Jesús I. Saavedra'): Launch Internet Explorer Browser.lnk = C:\Program Files (x86)\Internet Explorer\iexplore.exe (MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)
Acceso Rapido ('Jesús I. Saavedra'): PIPESIM.lnk = C:\Program Files (x86)\Schlumberger\PIPESIM\Programs\Psim2000.exe (MD5: DB14AC93ACC9EB57AE9F99B2D5169883)
Acceso Rapido ('Jesús I. Saavedra'): Revo Uninstaller Pro.lnk = C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (MD5: FC378F63838F93FA9D6EAD904C938D15)
Acceso Rapido ('Jesús I. Saavedra'): Shows Desktop (1).lnk =
Acceso Rapido ('Jesús I. Saavedra'): Shows Desktop.lnk =
Acceso Rapido ('Jesús I. Saavedra'): Window Switcher (1).lnk =
Acceso Rapido ('Jesús I. Saavedra'): Window Switcher.lnk =
Acceso Rapido ('Jesús I. Saavedra'): Wondershare Data Recovery.lnk = C:\Program Files (x86)\Wondershare\Data Recovery\WSDataRecovery.exe (MD5: FBEF142FF64EF2B8B4090D6AF58D2800)
Acceso Rapido ('Jesús Saavedra'): Ad-Aware.lnk = C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe (MD5: 1B6FEC13F98D657263C9A1C815B7F045)
Acceso Rapido ('Jesús Saavedra'): Bandicam.lnk = C:\Program Files (x86)\Bandicam\bdcam.exe (MD5: 37DDF5A48FD370963EA002A46CE1B89C)
Acceso Rapido ('Jesús Saavedra'): DeepBurner.lnk = C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe (MD5: C126A5CEC45F618653B10292CBDF927B)
Acceso Rapido ('Jesús Saavedra'): Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (MD5: 67590595FC7F03C0BC697AB409621A36)
Acceso Rapido ('Jesús Saavedra'): JDownloader 2.lnk =
Acceso Rapido ('Jesús Saavedra'): Launch Internet Explorer Browser.lnk = C:\Program Files (x86)\Internet Explorer\iexplore.exe (MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)
Acceso Rapido ('Jesús Saavedra'): PIPESIM.lnk = C:\Program Files (x86)\Schlumberger\PIPESIM\Programs\Psim2000.exe (MD5: DB14AC93ACC9EB57AE9F99B2D5169883)
Acceso Rapido ('Jesús Saavedra'): Revo Uninstaller Pro.lnk = C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (MD5: FC378F63838F93FA9D6EAD904C938D15)
Acceso Rapido ('Jesús Saavedra'): Shows Desktop (1).lnk =
Acceso Rapido ('Jesús Saavedra'): Shows Desktop.lnk =
Acceso Rapido ('Jesús Saavedra'): Window Switcher (1).lnk =
Acceso Rapido ('Jesús Saavedra'): Window Switcher.lnk =
Acceso Rapido ('Jesús Saavedra'): Wondershare Data Recovery.lnk = C:\Program Files (x86)\Wondershare\Data Recovery\WSDataRecovery.exe (MD5: FBEF142FF64EF2B8B4090D6AF58D2800)
Ext.Google Chrome. ('Jesús I. Saavedra') Id: bbjllphbppobebmjpjcijfbakobcheof
Ext.Google Chrome. ('Jesús I. Saavedra') Id: bigefpfhnfcobdlfbedofhhaibnlghod
Ext.Google Chrome. ('Jesús I. Saavedra') Id: bjgfdlplhmndoonmofmflcbiohgbkifn
Ext.Google Chrome. ('Jesús I. Saavedra') Id: gcbommkclmclpchllfjekcdonpmejbdp
Ext.Google Chrome. ('Jesús I. Saavedra') Id: gdgodbfllkenehbjembldlmkjjdafigh
Ext.Google Chrome. ('Jesús I. Saavedra') Id: ghbmnnjooekpmoecnnnilnnbdlolhkhi
Ext.Google Chrome. ('Jesús I. Saavedra') Id: hdmclgnbhdiklglmmdcaelggigiiigpm
Ext.Google Chrome. ('Jesús I. Saavedra') Id: hihakjfhbmlmjdnnhegiciffjplmdhin
Ext.Google Chrome. ('Jesús I. Saavedra') Id: jlhmfgmfgeifomenelglieieghnjghma
Ext.Google Chrome. ('Jesús I. Saavedra') Id: lifbcibllhkdhoafpjfnlhfpfgnpldfl
Ext.Google Chrome. ('Jesús I. Saavedra') Id: mdanidgdpmkimeiiojknlnekblgmpdll
Ext.Google Chrome. ('Jesús I. Saavedra') Id: ndnaehgpjlnokgebbaldlmgkapkpjkkb
Ext.Google Chrome. ('Jesús I. Saavedra') Id: nmmhkkegccagdldgiimedpiccmgmieda
Ext.Google Chrome. ('Jesús I. Saavedra') Id: omghfjlpggmjjaagoclmmobgdodcjboh
Ext.Google Chrome. ('Jesús I. Saavedra') Id: pkedcjkdefgpdelpbcmbmeomcjbeemfm
Ext.Google Chrome. ('Jesús Saavedra') Id: bbjllphbppobebmjpjcijfbakobcheof
Ext.Google Chrome. ('Jesús Saavedra') Id: bigefpfhnfcobdlfbedofhhaibnlghod
Ext.Google Chrome. ('Jesús Saavedra') Id: bjgfdlplhmndoonmofmflcbiohgbkifn
Ext.Google Chrome. ('Jesús Saavedra') Id: gcbommkclmclpchllfjekcdonpmejbdp
Ext.Google Chrome. ('Jesús Saavedra') Id: gdgodbfllkenehbjembldlmkjjdafigh
Ext.Google Chrome. ('Jesús Saavedra') Id: ghbmnnjooekpmoecnnnilnnbdlolhkhi
Ext.Google Chrome. ('Jesús Saavedra') Id: hdmclgnbhdiklglmmdcaelggigiiigpm
Ext.Google Chrome. ('Jesús Saavedra') Id: hihakjfhbmlmjdnnhegiciffjplmdhin
Ext.Google Chrome. ('Jesús Saavedra') Id: jlhmfgmfgeifomenelglieieghnjghma
Ext.Google Chrome. ('Jesús Saavedra') Id: lifbcibllhkdhoafpjfnlhfpfgnpldfl
Ext.Google Chrome. ('Jesús Saavedra') Id: mdanidgdpmkimeiiojknlnekblgmpdll
Ext.Google Chrome. ('Jesús Saavedra') Id: ndnaehgpjlnokgebbaldlmgkapkpjkkb
Ext.Google Chrome. ('Jesús Saavedra') Id: nmmhkkegccagdldgiimedpiccmgmieda
Ext.Google Chrome. ('Jesús Saavedra') Id: omghfjlpggmjjaagoclmmobgdodcjboh
Ext.Google Chrome. ('Jesús Saavedra') Id: pkedcjkdefgpdelpbcmbmeomcjbeemfm
DataBases Google Chrome. ('Jesús I. Saavedra'): Databases.db
DataBases Google Chrome. ('Jesús Saavedra'): Databases.db
Tarea Programada: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
Tarea Programada: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
Tarea Programada: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
Tarea Programada: C:\WINDOWS\Tasks\HPCeeScheduleForJesús I. Saavedra.job

Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (MD5: 3D1BB871A893182B0058A4898D5AFE29)
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (MD5: C20CA26CDE768CA950C622B866292FC2)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (MD5: A4811754EF548619F68FB3418325BB66)
O23 - Service: Blackberry Device Manager - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (MD5: 686045905787B68D829CE647A6DFAD2B)
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe (MD5: B5C2F92EE1106DFE7BB1CCE4D35B6037)
O23 - Service: Servicio de Actualización de Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (MD5: A1F58FFF448E4099297D6EE0641D4D0E)
O23 - Service: DbxSvc - Dropbox, Inc. - C:\WINDOWS\system32\DbxSvc.exe (MD5: A67C40C5FA81B49F8A3DC834140E85A5)
O23 - Service: Team MFP Comm Driver (DgiVecp) - Samsung Electronics Co., Ltd. - C:\WINDOWS\SYSTEM32\Drivers\DgiVecp.sys (MD5: 2D589A2C024B2FB238535DB9F7B3597D)
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe (MD5: C5BA57819B4C7CF89434F06E4F1CF1C3)
O23 - Service: Google Update Servicio (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (MD5: 0C03FB91E17987EED93F60007B08DAA0)
O23 - Service: HP CUE DeviceDiscovery Service (hpqddsvc) - Hewlett-Packard Co. - C:\WINDOWS\system32\svchost.exe -k hpdevmgmt - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (MD5: EE281DD6843F3F697C1AD7933EEB1E9B)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (MD5: 9B02BA9006BB416680443C6AD6024DE9)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (MD5: 61323B88EFE90F6B144A3611B3ED1D7D)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (MD5: 2ED1786B7542CDA261029F6B526EDF44)
O23 - Service: Net Driver HPZ12 - Hewlett-Packard - C:\windows\System32\svchost.exe -k HPZ12 - C:\Windows\system32\HPZinw12.dll (MD5: 2334DC48997BA203B794DF3EE70521DB)
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Unknown owner - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\diMaster.dll (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\windows\SysWOW64\IoctlSvc.exe (MD5: 875E4E0661F3A5994DF9E5E3A0A4F96B)
O23 - Service: Pml Driver HPZ12 - Hewlett-Packard - C:\windows\System32\svchost.exe -k HPZ12 - C:\Windows\system32\HPZipm12.dll (MD5: AC78DF349F0E4CFB8B667C0CFFF83CCE)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (MD5: A116A610F29AA9E8F43A7EA209506772)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe (MD5: B7A4102FCA57F022CF69E3E1EAD61421)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe (MD5: 22CC2A61BC77C5972B58756049AA254E)
O23 - Service: SSPORT - Samsung Electronics - C:\windows\system32\Drivers\SSPORT.sys (MD5: 0211AB46B73A2623B86C1CFCB30579AB)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (MD5: 2CEA0C31C80C3B6DEAC1040F7B3AF577)
O23 - Service: TenorshareReibootService - Tenorshare Co,Ltd - C:\Program Files (x86)\ReiBoot\TenorshareReibootService.exe (MD5: 455DBFD465F18C04050CED4BBF614D4A)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (MD5: 71C321649B28638EE80A2EEB164C1DC8)
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe (MD5: 8E2C799D3476EAC32C3BA0DF7CE6AF19)
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe (MD5: 63AAFCF3EA5DBB17123E0BAE9AFE4D58)
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (MD5: 29D0886CF250FCEF1BF9E65AB8D2C0C8)
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (MD5: 098B8A408C17E125A3D9A8E1166780C8)
O23 - Service: TunnelBear Maintenance (TunnelBearMaintenance) - Unknown owner - C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe (MD5: A2C74C6BB79BE283B814C3A0C4211B16)
O23 - Service: TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver (TVALZFL) - TOSHIBA Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\TVALZFL.sys (MD5: 9C7191F4B2E49BFF47A6C1144B5923FA)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (MD5: 7E5E1603D0FF2D240AE70295C5C3FEFC)

Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (MD5: C47853B089FCEBAC91332AA6633CAE81)
O23 - Service: @bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service (bcmfn2) - Windows (R) Win 7 DDK provider - C:\WINDOWS\System32\drivers\bcmfn2.sys (MD5: 739D089777D2B66DBE7201E5EA4BA2D7)
O23 - Service: @cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver (cht4vbd) - Chelsio Communications - C:\WINDOWS\System32\drivers\cht4vx64.sys (MD5: C8EA9376E4D284F9DF24B27AC6E3AB85)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe (MD5: 5D19617245C798A0EED86D4D36B8C6E8)
O23 - Service: Servicio de Actualización de Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (MD5: A1F58FFF448E4099297D6EE0641D4D0E)
O23 - Service: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) (dg_ssudbus) - Samsung Electronics Co., Ltd. - C:\WINDOWS\system32\DRIVERS\ssudbus.sys (MD5: 0F4A5D01156B948B54550375498B08A2)
O23 - Service: GEAR ASPI Filter Driver (GEARAspiWDM) - GEAR Software Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (MD5: 8E98D21EE06192492A5671A6144D092F)
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (MD5: 0C03FB91E17987EED93F60007B08DAA0)
O23 - Service: hpqcxs08 - Hewlett-Packard Co. - C:\WINDOWS\system32\svchost.exe -k hpdevmgmt - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (MD5: 930370725FA0FE272346583A7A7D6BDB)
O23 - Service: @iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver (iagpio) - Intel(R) Corporation - C:\WINDOWS\System32\drivers\iagpio.sys (MD5: B5EC43755E62591197DE5CBBDAA9FEB7)
*O23 - Service: @iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller (iai2c) - Intel(R) Corporation - C:\WINDOWS\System32\drivers\iai2c.sys (MD5: D8CA23F9C5FEF44296FDE1E005C06EC0)
O23 - Service: @iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2 (iaLPSS2i_GPIO2) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys (MD5: 7B769C9D19C013F94874C4B15D59A005)
O23 - Service: @iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2 (iaLPSS2i_GPIO2_BXT_P) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys (MD5: E0F1B3A2A70FABE3BE1C9140BB55E607)
O23 - Service: @iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2 (iaLPSS2i_I2C) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys (MD5: 89A869BCC0588A3009ECB875B09ECD39)
O23 - Service: @iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2 (iaLPSS2i_I2C_BXT_P) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys (MD5: 2E693DF3C02A0859DB8DE25772751100)
O23 - Service: @ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver (iaLPSSi_GPIO) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (MD5: 16A10CCEDCF5AC4CAAE43DC9FC40392F)
O23 - Service: @ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver (iaLPSSi_I2C) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys (MD5: EB82A11613326691508D9ED9A4FE29E7)
O23 - Service: @mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver) (ibbus) - Mellanox - C:\WINDOWS\System32\drivers\ibbus.sys (MD5: 62CD9FA7394BCDF7784CCEFC9D00C9AA)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (MD5: 1CF03C69B49ACB70C722DF92755C0C8C)
O23 - Service: igfx - Intel Corporation - C:\WINDOWS\system32\DRIVERS\igdkmd64.sys (MD5: 226EAECA4F21F899E3F0C95297678A0B)
O23 - Service: @oem19.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio (IntcDAud) - Intel(R) Corporation - C:\WINDOWS\system32\DRIVERS\IntcDAud.sys (MD5: FC727061C0F47C8059E88E05D5C8E381)
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe (MD5: 8A640C05C43A9EB5DCAD2259578A39AF)
O23 - Service: @netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller (L1C) - Qualcomm Atheros Co., Ltd. - C:\WINDOWS\System32\drivers\L1C63x64.sys (MD5: 4E444F41E69BBE2E0BAE34D5DFCB5732)
O23 - Service: Lavasoft helper driver (Lavasoft Kernexplorer) - Unknown owner - C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys (MD5: 9A7FA6371F68335FD3C3D6488BC5A9F8)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe (MD5: 96FA5B38DD94C8D49289CE75150D97C3)
O23 - Service: @oem28.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface (MEIx64) - Intel Corporation - C:\WINDOWS\System32\drivers\HECIx64.sys (MD5: A6518DCC42F7A6E999BB3BEA8FD87567)
O23 - Service: @mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator (mlx4_bus) - Mellanox - C:\WINDOWS\System32\drivers\mlx4_bus.sys (MD5: A8931C3820D5F392D89176E0628E766E)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (MD5: 6B9E93FF7C9213359E548A494D733D52)
O23 - Service: @mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service (ndfltr) - Mellanox - C:\WINDOWS\System32\drivers\ndfltr.sys (MD5: AB9EB3CADF4D415B598487397476A23A)
O23 - Service: Apple Mobile Device Ethernet Service (Netaapl) - Apple Inc. - C:\WINDOWS\System32\drivers\netaapl64.sys (MD5: EE00C544C025958AF50C7B199F3C8595)
O23 - Service: Pangu effect driver (PGEffect) - TOSHIBA Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\pgeffect.sys (MD5: 91111CEBBDE8015E822C46120ED9537C)
O23 - Service: @oem53.inf,%QCUSBSER%;Qualcomm USB Device for Legacy Serial Communication (qcusbser) - Qualcomm Inc. - C:\WINDOWS\system32\DRIVERS\qcusbser.sys (MD5: F5E76151C86C818A6ECA628B731E1DDA)
O23 - Service: @oem41.inf,%SERVICE_DISPLAY_NAME%;Generic IO & Memory Access (QIOMem) - TOSHIBA - C:\WINDOWS\System32\drivers\QIOMem.sys (MD5: 43252AB49C9A43D22AA583C15E96F7B7)
O23 - Service: Revoflt - VS Revo Group - C:\WINDOWS\SYSTEM32\DRIVERS\revoflt.sys (MD5: 9C3AC71A9934B884FAC567A8807E9C4D)
O23 - Service: @oem12.inf,%RimUsb.DeviceDesc%;BlackBerry Smartphone (RimUsb) - Research In Motion Limited - C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys (MD5: 6D850FAD4CC9498D1F382B77BA4035CC)
O23 - Service: @oem38.inf,%RimVSerPort%;RIM Virtual Serial Port v2 (RimVSerPort) - Research in Motion Ltd - C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys (MD5: 344604E6913BD6E4EAEC34AF2E0943D7)
O23 - Service: @oem2.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader (RSUSBSTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\System32\Drivers\RtsUStor.sys (MD5: 135A64530D7699AD48F29D73A658DD11)
O23 - Service: RTSUVSTOR.Sys Realtek USB Card Reader (RSUSBVSTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\Drivers\RTSUVSTOR.sys (MD5: E5DC911D0FEB72CAFF2BBDD6E7C3672F)
O23 - Service: Realtek Wireless LAN 802.11n PCI-E NIC Driver (RTL8192Ce) - Realtek Semiconductor Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\rtl8192Ce.sys (MD5: 64FDF4FE366CA42DA2B7D9D424B6E39B)
O23 - Service: @netrtwlane_13.inf,%rtwlane_13.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter (rtwlane_13) - Realtek Semiconductor Corporation - C:\WINDOWS\System32\drivers\rtwlane_13.sys (MD5: 9748533EAF7F9E3D8F3F7A0AF066B31D)
O23 - Service: SmbDrvI - Synaptics Incorporated - C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys (MD5: 7BF253EF41DE12803F5A9BB655ED2514)
O23 - Service: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) (ssudmdm) - Samsung Electronics Co., Ltd. - C:\WINDOWS\system32\DRIVERS\ssudmdm.sys (MD5: D08FFE34AF5B7AC5F69EEA1E0E8C6ECE)
O23 - Service: SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.) (ssudserd) - Samsung Electronics Co., Ltd. - C:\WINDOWS\system32\DRIVERS\ssudserd.sys (MD5: F90875BEE85260EE6F65B433FA431962)
O23 - Service: SWDUMon - SlimWare Utilities, Inc. - C:\WINDOWS\system32\DRIVERS\SWDUMon.sys (MD5: 4C2D24EB13F611AC742809A2AAA25BE1)
O23 - Service: @oem7.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver (SynTP) - Synaptics Incorporated - C:\WINDOWS\system32\DRIVERS\SynTP.sys (MD5: 6B36C50CBE91A6B5AC9C31E407268CEA)
O23 - Service: @oem49.inf,%DeviceDescription%;TunnelBear Adapter V9 (tap-tb-0901) - The OpenVPN Project - C:\WINDOWS\System32\drivers\tap-tb-0901.sys (MD5: 5B4A09AB34D0205C616C4D247AD29F57)
O23 - Service: TOSHIBA Writing Engine Filter Driver (TDCMDPST) - TOSHIBA Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\tdcmdpst.sys (MD5: FD542B661BD22FA69CA789AD0AC58C29)
O23 - Service: @oem63.inf,%Thotkey%;Toshiba Hotkey Driver (Thotkey) - Toshiba Corporation - C:\WINDOWS\System32\drivers\Thotkey.sys (MD5: 32CF9A095F11EF3B27E5DF9B3343FC27)
O23 - Service: @oem34.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver (USBAAPL64) - Apple, Inc. - C:\WINDOWS\System32\Drivers\usbaapl64.sys (MD5: F957092C63CD71D85903CA0D8370F473)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - %ProgramData%\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe (file missing)
O23 - Service: @mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service (WinMad) - Mellanox - C:\WINDOWS\System32\drivers\winmad.sys (MD5: 762D8D839C44C5A0BE0449AA84034522)
O23 - Service: @mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service (WinVerbs) - Mellanox - C:\WINDOWS\System32\drivers\winverbs.sys (MD5: D2D6DB37E06608A5AF5B68D8E677B219)

Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (MD5: 64AB6F28047744B9B19C97459C2AB31B)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (MD5: 388AE59FE75F1B959DFA0900923C61BB)
O23 - Service: OpenSSH Authentication Agent (ssh-agent) - Unknown owner - C:\WINDOWS\System32\OpenSSH\ssh-agent.exe (MD5: 5EE518DFADC18573E681BB78833E93FA)

87 Servicios.
32 de Carga Automatica.
52 de Carga Manual.
3 Deshabilitados.

Listado de Programas Instalados:
--------------------------------
CCleaner -> "C:\Program Files\CCleaner\uninst.exe"
HP Imaging Device Functions 14.0 -> C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Solution Center 14.0 -> C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
OCR Software by I.R.I.S. 14.0 -> C:\Program Files (x86)\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
JDownloader 2 -> "C:\Users\Jesús Saavedra\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe"
Mozilla Firefox 61.0.2 (x64 es-ES) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Microsoft Project Professional 2016 -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\setup.exe" /uninstall PRJPRO /dll OSETUP.DLL
Microsoft Visio Professional 2016 -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\setup.exe" /uninstall VISPRO /dll OSETUP.DLL
Shop for HP Supplies -> C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Synaptics Pointing Device Driver -> rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
VLC media player -> C:\Program Files\VideoLAN\VLC\uninstall.exe
WinRAR 5.50 (64-bit) -> C:\Program Files\WinRAR\uninstall.exe
iTunes -> MsiExec.exe /I{02F0C3CD-24E7-4381-8EC7-564A9BFCFAB1}
KB4023057 -> MsiExec.exe /X{0C050BEE-16BE-4998-8959-2A421433DB6E}
Apple Application Support (64 bits) -> MsiExec.exe /I{0ECA3BB5-4410-414B-B226-241FF1C12CD0}
TOSHIBA Bulletin Board -> MsiExec.exe /X{1C8C049A-145F-4A6E-8290-B5C245EBE39D}
Vegas Pro 13.0 (64-bit) -> MsiExec.exe /X{204DC300-0BC8-11E5-B87F-F04DA23A5C58}
TOSHIBA ReelTime -> MsiExec.exe /X{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
MSVCRT Redists -> MsiExec.exe /I{24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58}
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) -> MsiExec.exe /I{25E80DAA-FD87-DCE5-202C-CC02F6673002}
Microsoft Security Client -> MsiExec.exe /X{3061DCA5-2D0B-48F9-800F-9D7C1FEB5E78}
Malwarebytes versión 3.4.5.2467 -> "C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe" /LOG
Bonjour -> MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}
iCloud -> MsiExec.exe /I{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}
TOSHIBA Disc Creator -> MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
Image Resizer for Windows (64 bit) -> MsiExec.exe /I{617CA6E9-D5FB-4017-8130-82E68C56C34D}
Revo Uninstaller Pro 3.1.6 -> "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"
Microsoft Audio Enhancement Troubleshooter installer -> MsiExec.exe /I{6E0351FF-6A71-45C5-A041-D4D9D8067EAF}
Microsoft Silverlight -> MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 -> C:\Program Files (x86)\HP\Digital Imaging\{8C925017-72A8-4C4A-AF21-84901E26638F}\setup\hpzscr40.exe -datfile hposcr28.dat -onestop -forcereboot
Update for Skype for Business 2016 (KB4032255) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{053B38B6-9400-4CCD-BD0C-95E28A4D5BC4}" "3082" "0"
Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{1B72EE00-315A-45E8-8404-3BE4C8357DBB}" "3082" "0"
Update for Microsoft PowerPoint 2016 (KB4018368) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{47F9558C-2432-44FB-81CD-D95AD18E7905}" "3082" "0"
Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{5B86EC47-F260-4C8C-A420-1AEF13AA16D4}" "3082" "0"
Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{62DCDA3D-AC97-476A-8814-FA7EC60EC943}" "3082" "0"
Update for Microsoft Project 2016 (KB4032238) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{855D9958-8BF8-42A1-92A4-74856FDAD17E}" "3082" "0"
Security Update for Microsoft Outlook 2016 (KB4032235) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{85A8FCC5-D8E7-4887-8726-2631FC20D45E}" "3082" "0"
Update for Microsoft OneNote 2016 (KB4022216) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B5C5D453-90A7-4688-8C57-1D5AAFF77EC1}" "3082" "0"
Update for Microsoft Publisher 2016 (KB3178696) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B65ED2DA-5B85-4CD8-8A15-821E8D7E78AB}" "3082" "0"
Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{BEE8A3FB-432A-4F06-8A38-F12ADB043344}" "3082" "0"
Update for Microsoft Visio 2016 (KB4018325) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{C8CF9E33-97E3-4DC1-AB0A-751A2D7E7B75}" "3082" "0"
Microsoft Access MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-0015-0C0A-1000-0000000FF1CE}
Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0015-0C0A-1000-0000000FF1CE}" "{62DCDA3D-AC97-476A-8814-FA7EC60EC943}" "3082" "0"
Microsoft Excel MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-0016-0C0A-1000-0000000FF1CE}
Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0016-0C0A-1000-0000000FF1CE}" "{1B72EE00-315A-45E8-8404-3BE4C8357DBB}" "3082" "0"
Microsoft PowerPoint MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-0018-0C0A-1000-0000000FF1CE}
Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0018-0C0A-1000-0000000FF1CE}" "{1B72EE00-315A-45E8-8404-3BE4C8357DBB}" "3082" "0"
Update for Microsoft PowerPoint 2016 (KB4018368) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0018-0C0A-1000-0000000FF1CE}" "{47F9558C-2432-44FB-81CD-D95AD18E7905}" "3082" "0"
Microsoft Publisher MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-0019-0C0A-1000-0000000FF1CE}
Update for Microsoft Publisher 2016 (KB3178696) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0019-0C0A-1000-0000000FF1CE}" "{B65ED2DA-5B85-4CD8-8A15-821E8D7E78AB}" "3082" "0"
Microsoft Outlook MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-001A-0C0A-1000-0000000FF1CE}
Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001A-0C0A-1000-0000000FF1CE}" "{5B86EC47-F260-4C8C-A420-1AEF13AA16D4}" "3082" "0"
Security Update for Microsoft Outlook 2016 (KB4032235) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001A-0C0A-1000-0000000FF1CE}" "{85A8FCC5-D8E7-4887-8726-2631FC20D45E}" "3082" "0"
Microsoft Word MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-001B-0C0A-1000-0000000FF1CE}
Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001B-0C0A-1000-0000000FF1CE}" "{1B72EE00-315A-45E8-8404-3BE4C8357DBB}" "3082" "0"
Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001B-0C0A-1000-0000000FF1CE}" "{5B86EC47-F260-4C8C-A420-1AEF13AA16D4}" "3082" "0"
Microsoft Project Professional 2016 -> MsiExec.exe /X{90160000-003B-0000-1000-0000000FF1CE}
Update for Microsoft Project 2016 (KB4032238) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-003B-0000-1000-0000000FF1CE}" "{855D9958-8BF8-42A1-92A4-74856FDAD17E}" "3082" "0"
Security Update for Microsoft Outlook 2016 (KB4032235) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-003B-0000-1000-0000000FF1CE}" "{85A8FCC5-D8E7-4887-8726-2631FC20D45E}" "3082" "0"
Microsoft InfoPath MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-0044-0C0A-1000-0000000FF1CE}
Microsoft Visio Professional 2016 -> MsiExec.exe /X{90160000-0051-0000-1000-0000000FF1CE}
Security Update for Microsoft Outlook 2016 (KB4032235) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0051-0000-1000-0000000FF1CE}" "{85A8FCC5-D8E7-4887-8726-2631FC20D45E}" "3082" "0"
Update for Microsoft Visio 2016 (KB4018325) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0051-0000-1000-0000000FF1CE}" "{C8CF9E33-97E3-4DC1-AB0A-751A2D7E7B75}" "3082" "0"
Microsoft Visio MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-0054-0C0A-1000-0000000FF1CE}
Update for Microsoft Visio 2016 (KB4018325) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0054-0C0A-1000-0000000FF1CE}" "{C8CF9E33-97E3-4DC1-AB0A-751A2D7E7B75}" "3082" "0"
Microsoft DCF MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-0090-0C0A-1000-0000000FF1CE}
Microsoft OneNote MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-00A1-0C0A-1000-0000000FF1CE}
Update for Microsoft OneNote 2016 (KB4022216) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00A1-0C0A-1000-0000000FF1CE}" "{B5C5D453-90A7-4688-8C57-1D5AAFF77EC1}" "3082" "0"
Microsoft Project MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-00B4-0C0A-1000-0000000FF1CE}
Update for Microsoft Project 2016 (KB4032238) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00B4-0C0A-1000-0000000FF1CE}" "{855D9958-8BF8-42A1-92A4-74856FDAD17E}" "3082" "0"
Microsoft Groove MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-00BA-0C0A-1000-0000000FF1CE}
Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00BA-0C0A-1000-0000000FF1CE}" "{BEE8A3FB-432A-4F06-8A38-F12ADB043344}" "3082" "0"
Update for Skype for Business 2016 (KB4032255) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{053B38B6-9400-4CCD-BD0C-95E28A4D5BC4}" "3082" "0"
Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{1B72EE00-315A-45E8-8404-3BE4C8357DBB}" "3082" "0"
Update for Microsoft PowerPoint 2016 (KB4018368) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{47F9558C-2432-44FB-81CD-D95AD18E7905}" "3082" "0"
Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{5B86EC47-F260-4C8C-A420-1AEF13AA16D4}" "3082" "0"
Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{62DCDA3D-AC97-476A-8814-FA7EC60EC943}" "3082" "0"
Update for Microsoft Project 2016 (KB4032238) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{855D9958-8BF8-42A1-92A4-74856FDAD17E}" "3082" "0"
Update for Microsoft OneNote 2016 (KB4022216) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{B5C5D453-90A7-4688-8C57-1D5AAFF77EC1}" "3082" "0"
Update for Microsoft Publisher 2016 (KB3178696) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{B65ED2DA-5B85-4CD8-8A15-821E8D7E78AB}" "3082" "0"
Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{BEE8A3FB-432A-4F06-8A38-F12ADB043344}" "3082" "0"
Update for Microsoft Visio 2016 (KB4018325) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{C8CF9E33-97E3-4DC1-AB0A-751A2D7E7B75}" "3082" "0"
Update for Skype for Business 2016 (KB4032255) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{053B38B6-9400-4CCD-BD0C-95E28A4D5BC4}" "3082" "0"
Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{1B72EE00-315A-45E8-8404-3BE4C8357DBB}" "3082" "0"
Update for Microsoft PowerPoint 2016 (KB4018368) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{47F9558C-2432-44FB-81CD-D95AD18E7905}" "3082" "0"
Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{5B86EC47-F260-4C8C-A420-1AEF13AA16D4}" "3082" "0"
Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{62DCDA3D-AC97-476A-8814-FA7EC60EC943}" "3082" "0"
Update for Microsoft Project 2016 (KB4032238) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{855D9958-8BF8-42A1-92A4-74856FDAD17E}" "3082" "0"
Update for Microsoft OneNote 2016 (KB4022216) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{B5C5D453-90A7-4688-8C57-1D5AAFF77EC1}" "3082" "0"
Update for Microsoft Publisher 2016 (KB3178696) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{B65ED2DA-5B85-4CD8-8A15-821E8D7E78AB}" "3082" "0"
Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{BEE8A3FB-432A-4F06-8A38-F12ADB043344}" "3082" "0"
Update for Microsoft Visio 2016 (KB4018325) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{C8CF9E33-97E3-4DC1-AB0A-751A2D7E7B75}" "3082" "0"
Update for Skype for Business 2016 (KB4032255) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{053B38B6-9400-4CCD-BD0C-95E28A4D5BC4}" "3082" "0"
Security Update for Microsoft Excel 2016 (KB4032229) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{1B72EE00-315A-45E8-8404-3BE4C8357DBB}" "3082" "0"
Update for Microsoft PowerPoint 2016 (KB4018368) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{47F9558C-2432-44FB-81CD-D95AD18E7905}" "3082" "0"
Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{5B86EC47-F260-4C8C-A420-1AEF13AA16D4}" "3082" "0"
Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{62DCDA3D-AC97-476A-8814-FA7EC60EC943}" "3082" "0"
Update for Microsoft Project 2016 (KB4032238) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{855D9958-8BF8-42A1-92A4-74856FDAD17E}" "3082" "0"
Update for Microsoft OneNote 2016 (KB4022216) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{B5C5D453-90A7-4688-8C57-1D5AAFF77EC1}" "3082" "0"
Update for Microsoft Publisher 2016 (KB3178696) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{B65ED2DA-5B85-4CD8-8A15-821E8D7E78AB}" "3082" "0"
Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{BEE8A3FB-432A-4F06-8A38-F12ADB043344}" "3082" "0"
Update for Microsoft Visio 2016 (KB4018325) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{C8CF9E33-97E3-4DC1-AB0A-751A2D7E7B75}" "3082" "0"
Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0C0A-1000-0000000FF1CE}" "{BEE8A3FB-432A-4F06-8A38-F12ADB043344}" "3082" "0"
Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0C0A-1000-0000000FF1CE}" "{BEE8A3FB-432A-4F06-8A38-F12ADB043344}" "3082" "0"
Update for Microsoft OneDrive for Business (KB4022219) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0C0A-1000-0000000FF1CE}" "{BEE8A3FB-432A-4F06-8A38-F12ADB043344}" "3082" "0"
Microsoft Skype for Business MUI (Spanish) 2016 -> MsiExec.exe /X{90160000-012B-0C0A-1000-0000000FF1CE}
Update for Skype for Business 2016 (KB4032255) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-012B-0C0A-1000-0000000FF1CE}" "{053B38B6-9400-4CCD-BD0C-95E28A4D5BC4}" "3082" "0"
Update for Microsoft Word 2016 (KB4032258) 64-Bit Edition -> "C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-012B-0C0A-1000-0000000FF1CE}" "{5B86EC47-F260-4C8C-A420-1AEF13AA16D4}" "3082" "0"
TOSHIBA PC Health Monitor -> MsiExec.exe /X{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}
Apple Mobile Device Support -> MsiExec.exe /I{9E005AAA-81A3-478E-8944-532D350952EE}
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 -> C:\Program Files (x86)\HP\Digital Imaging\{A00C9114-40E6-4C70-A619-7DF264B23485}\setup\hpzscr40.exe -datfile hposcr28.dat -onestop -forcereboot
Nokia Connectivity Cable Driver -> RUNDLL32.EXE ccdcmbwux64.dll,WuUninstall
PlayReady PC Runtime amd64 -> MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
TOSHIBA eco Utility -> MsiExec.exe /X{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}
TOSHIBA HDD/SSD Alert -> MsiExec.exe /X{D4322448-B6AF-4316-B859-D8A0E84DCB38}
Folder Size for Windows (64-bit) -> MsiExec.exe /I{F24FF688-7138-4CCF-A83F-71E9FB01170E}
Google Earth Pro -> MsiExec.exe /I{F914BC59-918A-498F-B2E3-B274C9CB48A8}
64 Bit HP CIO Components Installer -> MsiExec.exe /I{FF21C3E6-97FD-474F-9518-8DCBE94C2854}
Adobe Flash Player 30 NPAPI -> C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe -maintain plugin
Any Video Converter Professional 3.5.8 -> "C:\Program Files (x86)\AnvSoft\Any Video Converter Professional\unins000.exe"
Ares 2.1.8 -> "C:\Program Files (x86)\Ares\uninstall.exe"
AVG Web TuneUp -> C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.exe /PROMPT /UNINSTALL
Bandicam -> "C:\Program Files (x86)\Bandicam\uninstall.exe"
Bandisoft MPEG-1 Decoder -> "C:\Program Files (x86)\BandiMPEG1\uninstall.exe"
BlackBerry Desktop Software 7.1 -> C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\InstallerUtils\InstallerUtils.exe /UninstallDesktop
Doxillion, convertidor de documentos -> "C:\Program Files (x86)\NCH Software\Doxillion\doxillion.exe" -uninstall
Dropbox -> "C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe" /InstallType:MACHINE
DVD Shrink 3.2 -> "C:\Program Files (x86)\DVD Shrink\unins000.exe"
Escritorio movistar Latam -> "C:\Program Files (x86)\Movistar\Escritorio movistar Latam\Uninstall.exe"
FormatFactory 3.5.0.0 -> C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
Google Chrome -> "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\setup.exe" --uninstall --system-level --verbose-logging
HUAWEI DataCard Driver 2.96 -> C:\Program Files (x86)\HUAWEI Modem Driver\uninst.exe
TOSHIBA Value Added Package -> C:\Program Files\TOSHIBA\TVAP\Setup.exe
TOSHIBA Bulletin Board -> "C:\Program Files (x86)\InstallShield Installation Information\{1C8C049A-145F-4A6E-8290-B5C245EBE39D}\setup.exe" -runfromtemp -l0x0409 -removeonly
TOSHIBA ReelTime -> "C:\Program Files (x86)\InstallShield Installation Information\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe" -runfromtemp -l0x0409 -removeonly
TOSHIBA Web Camera Application -> "C:\Program Files (x86)\InstallShield Installation Information\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}\setup.exe" -runfromtemp -l0x0409 -removeonly
TOSHIBA Hardware Setup -> C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriver.exe /M{C4FFA951-9678-4D51-84B4-AFD15D3C45AD} /l1033
TOSHIBA Supervisor Password -> C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriver.exe /M{CBD6B23D-41D5-4A46-8019-6208516C9712} /l1033
JAP -> C:\Program Files (x86)\JAP\uninstall.exe
PIXresizer 2.0.4 -> "C:\Program Files (x86)\PIXresizer\unins000.exe"
Trusteer Seguridad Terminal -> msiexec /x{1DD81E7D-0D28-4ceb-87B2-C041A4FCB215} /lvx+ "C:\ProgramData\Trusteer\Rapport\logs\uninstall.log"
Samsung Universal Print Driver 2 -> "C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\SEInstall\Setup.exe" /R
Express Scribe -> "C:\Program Files (x86)\NCH Software\Scribe\scribe.exe" -uninstall
SumatraPDF -> "C:\Program Files (x86)\SumatraPDF\uninstall.exe"
Youtube Downloader HD v. 2.9.9.27 -> "C:\Program Files (x86)\Youtube Downloader HD\unins000.exe"
Dropbox Update Helper -> MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94}
HP Customer Experience Enhancements -> MsiExec.exe /X{0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70}
Rapport -> MsiExec.exe /X{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}
Java 8 Update 171 -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180171F0}
PIPESIM 2008.1 -> MsiExec.exe /I{303A394E-7FD4-4D1A-BBC5-0F62FDBE0E6C}
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver -> "C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly
Skype™ 7.40 -> MsiExec.exe /X{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}
Eclipse Software 2009.1 -> "C:\Program Files (x86)\InstallShield Installation Information\{49FC4FCD-3752-44DF-90FD-BAFF38A234E3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Computer Modelling Group Software 2007-10-19 -> "C:\Program Files (x86)\InstallShield Installation Information\{51A28850-77D0-4D65-BF5F-4701DD513478}\setup.exe" -runfromtemp -l0x0009 -removeonly
Cisco LEAP Module -> MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Apple Application Support (32 bits) -> MsiExec.exe /I{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}
TOSHIBA Battery Check Utility -> MsiExec.exe /X{5468E297-7EF8-4CB3-A091-F8714147793F}
neroxml -> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
TOSHIBARegistration -> RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5AF550B4-BB67-4E7E-82F1-2C4300279050}\setup.exe" -l0x9 -removeonly
TOSHIBA Wireless LAN Indicator -> MsiExec.exe /X{5B01BCB7-A5D3-476F-AF11-E515BA206591}
Google Update Helper -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
swMSM -> MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Realtek USB 2.0 Reader Driver -> "C:\Program Files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe" -runfromtemp -removeonly
Cisco EAP-FAST Module -> MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Intel(R) Management Engine Components -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
TOSHIBA Sleep Utility -> C:\Program Files (x86)\InstallShield Installation Information\{654F7484-88C5-46DC-AB32-C66BCB0E2102}\Setup.exe -runfromtemp -removeonly
Image Resizer for Windows -> "C:\ProgramData\Package Cache\{69d72156-6582-4556-8637-06f40aa7f85b}\ImageResizerSetup.exe" /uninstall
TOSHIBA Resolution+ Plug-in for Windows Media Player -> "C:\Program Files (x86)\InstallShield Installation Information\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}\setup.exe" -runfromtemp -l0x0409 -removeonly
TOSHIBA Web Camera Application -> MsiExec.exe /I{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
Netwaiting -> MsiExec.exe /I{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}
TunnelBear -> "C:\ProgramData\Package Cache\{7a044b17-54bf-4aee-bc85-a51f0e74dd02}\TunnelBear-Installer.exe" /uninstall
TweetDeck -> MsiExec.exe /X{85D70219-700E-4728-A80D-C394DEF6247E}
MSXML 4.0 SP2 (KB954430) -> MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
HP Support Solutions Framework -> MsiExec.exe /X{8EF98706-3C4B-4C5B-B035-01187E17D0E6}
TunnelBear -> MsiExec.exe /I{8F917593-13EF-4C3F-9AB4-AB16D97F888F}
HP Update -> MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2}
Realtek WLAN Driver -> C:\Program Files (x86)\InstallShield Installation Information\{9D3D8C60-A55F-4fed-B2B9-173001290E16}\Install.exe -uninst -l0x9
Apple Software Update -> MsiExec.exe /I{A30EA700-5515-48F0-88B0-9E99DC356B88}
Google Drive -> MsiExec.exe /X{A8DC81F2-D365-4248-892A-FA3B5951F731}
TOSHIBA Service Station -> C:\Program Files (x86)\InstallShield Installation Information\{AC6569FA-6919-442A-8552-073BE69E247A}\setup.exe -runfromtemp -l0x0009 -removeonly
Wondershare Dr.Fone(Build 2.0.1.3) -> "C:\Program Files (x86)\Wondershare\Dr.Fone\unins000.exe"
HPDiagnosticAlert -> MsiExec.exe /I{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}
TOSHIBA Recovery Media Creator -> C:\Program Files (x86)\InstallShield Installation Information\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}\Setup.exe -runfromtemp -removeonly
vs2015_redist x86 -> MsiExec.exe /I{BD46163A-0331-4A61-B65A-7B66D7C93F8E}
BlackBerry Desktop Software 7.1 -> MsiExec.exe /I{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}
TOSHIBA Assist -> C:\Program Files (x86)\InstallShield Installation Information\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}\setup.exe -runfromtemp -removeonly
Toshiba Online Backup -> MsiExec.exe /X{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}
TOSHIBA Media Controller -> C:\Program Files (x86)\InstallShield Installation Information\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}\setup.exe -runfromtemp -removeonly
BlackBerry Device Software v5.0.0 para el smartphone BlackBerry 8530 -> MsiExec.exe /X{C981C4A5-E0B9-41DE-97F3-75E914F9ADAC}
PlayReady PC Runtime x86 -> MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}
TOSHIBA Quality Application -> RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E69992ED-A7F6-406C-9280-1C156417BC49}\setup.exe" -l0x9 -removeonly
Petrel 2009.1 -> MsiExec.exe /I{E74EFDC6-2423-4CBB-A107-7A6D1538D990}
BB Boss version 2.2 -> "C:\Program Files (x86)\BB Boss\unins000.exe"
Cisco PEAP Module -> MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
Intel(R) Processor Graphics -> C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
TOSHIBA Media Controller Plug-in -> MsiExec.exe /X{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}
MSXML 4.0 SP2 (KB973688) -> MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Wondershare Data Recovery(Build 4.7.0.5) -> "C:\Program Files (x86)\Wondershare\Data Recovery\unins000.exe"
QuickTime 7 -> MsiExec.exe /I{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}
Cisco WebEx Meetings -> C:\ProgramData\WebEx\atcliun.exe
Advanced Archive Password Recovery -> C:\Program Files (x86)\ElcomSoft\Advanced Archive Password Recovery\uninstall.exe
Amazon Kindle -> C:\Users\Jesús Saavedra\AppData\Local\Amazon\Kindle\application\uninstall.exe
Microsoft OneDrive -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\OneDriveSetup.exe /uninstall
µTorrent -> "C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe" /UNINSTALL
WhatsApp -> "C:\Users\Jesús Saavedra\AppData\Local\WhatsApp\Update.exe" --uninstall
Zoom -> C:\Users\Jesús Saavedra\AppData\Roaming\Zoom\uninstall\Installer.exe /uninstall
Telegram Desktop version 1.3.14 -> "C:\Users\Jesús Saavedra\AppData\Roaming\Telegram Desktop\unins000.exe"


Nuevamente, gracias por leer

jisaav
Asiduo al foro
Asiduo al foro
Mensajes: 60
Registrado: 24 Sep 2007, 01:41

Re: aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por jisaav » 11 Sep 2018, 10:24

Por cierto, sigue apareciendo la bentana con el mensaje del fichero faltante, y la ventana del cmd con el mismo mensaje. Cuando están por aparecer, se notaque el rendimiento se ralentiza, alguna acción que esté haciendo se detiene, es como que se congela la pantalla por varios segundos antes de aparecer la ventana del mensaje y el cmd. sigo sin saber que hacer.

slds,

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 90654
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por msc hotline sat » 12 Sep 2018, 09:41

Pues tras ver que el ELISTARA había detectado y eliminado u n Kasidet, esperabamos que se hubiera solucionado el problema, pero vista su última comunicación, señal de que alguna aplicación quiere lanzar el fichero de marras, que no encuentra, con el consecuente aviso de la falta del mismo.

Si bien al no encontrarlo ya no hará nada indebido, trataremos de buscar alguna aplicación "atipica" que pueda lanzarlo, y le informaremos al respecto


saludos

ms, 12-9-2018

Avatar de Usuario
msc hotline sat
Administrador
Administrador
Mensajes: 90654
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: aparece con frecuencia mensaje de archivo faltante C:/Users/NombreDeUsuario/.../wesbuagu/ucfigftf.exe

Mensaje por msc hotline sat » 12 Sep 2018, 09:59

Son bastantes los ficheros que pudieran ser los causantes,segun nos indican, a saber:

[c:\windows\system32\drivers\ialpss2i_gpio2.sys >>> ] ialpss2i_gpio2.sys Although unknown ialpss2i_gpio2.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\ssudserd.sys >>> ] ssudserd.sys Although unknown ssudserd.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\swdumon.sys >>> ] swdumon.sys Although unknown swdumon.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[rtsuvstor.sys >>> c:\windows\system32\drivers\rtsuvstor.sys >>> ] rtsuvstor.sys Although unknown rtsuvstor.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\qiomem.sys >>> ] qiomem.sys Although unknown qiomem.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\winmad.sys >>> ] winmad.sys Although unknown winmad.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\ialpss2i_gpio2_bxt_p.sys >>> ] ialpss2i_gpio2_bxt_p... Although unknown ialpss2i_gpio2_bxt_p.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\tap-tb-0901.sys >>> ] tap-tb-0901.sys Although unknown tap-tb-0901.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\dbxsvc.exe >>> ] dbxsvc.exe Although unknown dbxsvc.exe is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\qcusbser.sys >>> ] qcusbser.sys Although unknown qcusbser.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\usbaapl64.sys >>> ] usbaapl64.sys Although unknown usbaapl64.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\pgeffect.sys >>> ] pgeffect.sys Although unknown pgeffect.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\rtwlane_13.sys >>> ] rtwlane_13.sys Although unknown rtwlane_13.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\smb_driver_intel.sys >>> ] smb_driver_intel.sys Although unknown smb_driver_intel.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\cht4vx64.sys >>> ] cht4vx64.sys Although unknown cht4vx64.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\rtsustor.sys >>> ] rtsustor.sys Although unknown rtsustor.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\syswow64\secupdutilsvc.exe >>> ] secupdutilsvc.exe Although unknown secupdutilsvc.exe is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\tdcmdpst.sys >>> ] tdcmdpst.sys Although unknown tdcmdpst.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\tbauth.dll >>> ] tbauth.dll Although unknown tbauth.dll is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\rtl8192ce.sys >>> ] rtl8192ce.sys Although unknown rtl8192ce.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\revoflt.sys >>> ] revoflt.sys Although unknown revoflt.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\ialpssi_i2c.sys >>> ] ialpssi_i2c.sys Although unknown ialpssi_i2c.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\hpzipm12.dll >>> ] hpzipm12.dll Although unknown hpzipm12.dll is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\l1c63x64.sys >>> ] l1c63x64.sys Although unknown l1c63x64.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\intcdaud.sys >>> ] intcdaud.sys Although unknown intcdaud.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\rimusb_amd64.sys >>> ] rimusb_amd64.sys Although unknown rimusb_amd64.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\thotkey.sys >>> ] thotkey.sys Although unknown thotkey.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\hpzinw12.dll >>> ] hpzinw12.dll Although unknown hpzinw12.dll is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\tvalzfl.sys >>> ] tvalzfl.sys Although unknown tvalzfl.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\ialpss2i_i2c.sys >>> ] ialpss2i_i2c.sys Although unknown ialpss2i_i2c.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\dgivecp.sys >>> ] dgivecp.sys Although unknown dgivecp.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\ibbus.sys >>> ] ibbus.sys Although unknown ibbus.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\bcmfn2.sys >>> ] bcmfn2.sys Although unknown bcmfn2.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\iagpio.sys >>> ] iagpio.sys Although unknown iagpio.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\winverbs.sys >>> ] winverbs.sys Although unknown winverbs.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\mlx4_bus.sys >>> ] mlx4_bus.sys Although unknown mlx4_bus.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\iai2c.sys >>> ] iai2c.sys Although unknown iai2c.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\ialpssi_gpio.sys >>> ] ialpssi_gpio.sys Although unknown ialpssi_gpio.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\ialpss2i_i2c_bxt_p.sys >>> ] ialpss2i_i2c_bxt_p.s... Although unknown ialpss2i_i2c_bxt_p.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\syswow64\onedrivesetup.exe >>> ] onedrivesetup.exe Although unknown onedrivesetup.exe is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\ssudbus.sys >>> ] ssudbus.sys Although unknown ssudbus.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\netaapl64.sys >>> ] netaapl64.sys Although unknown netaapl64.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\ndfltr.sys >>> ] ndfltr.sys Although unknown ndfltr.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\openssh\ssh-agent.exe >>> ] ssh-agent.exe Although unknown ssh-agent.exe is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\ssudmdm.sys >>> ] ssudmdm.sys Although unknown ssudmdm.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file. Unknown
Yes

Maybe
[c:\windows\system32\drivers\rimserial_amd64.sys >>> ] rimserial_amd64.sys Although unknown rimserial_amd64.sys is suspicious since many legitimate unknown files do not run from the windows path. Click here to open Google search for this file.


Pero al revisar el informe del Elistara vemos que si bien ha detectado el Kasidet, indica que no lo ha eliminado:

Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Users\Jesús Saavedra\Downloads\4.6.0.0TSHRE_I.C.ARE.PHONE.ZIP -> iPhoneCareProtrial503.exe -> Detectado Worm.Kasidet.E

Nº Total de Directorios: 70565
Nº Total de Ficheros: 635079
Nº de Ficheros Analizados: 252337
Nº de Ficheros Infectados: 1
Nº de Ficheros Eliminados: 0


Empiece por indicar al Elistara que lo elimine, y tras reiniciar, vea si ya no sale el dichoso aviso

De todas formas, por nuestra parte damos por terminado el Tema ya que lo que está dicho todo lo que podríamos sugerir

Sin otro particular, reciba saludos

ms, 12-9-2018

Responder

Volver a “Foro Virus - Cuentanos tu problema”