Vuelve pagina web dice que todo se va a bloquear si no pago

Cerrado
jtres
Mensajes: 22
Registrado: 24 Mar 2007, 09:02
Ubicación: Paris

Vuelve pagina web dice que todo se va a bloquear si no pago

Mensaje por jtres » 10 Jul 2017, 00:16

Disculpenme por volver con el tema que habia sido dado por cerrado. Justo cuando venía a ver las respuestas de dicho tema en la pagina de ustedes, me volvió a aparecer el bloqueo de la pagina pero esta vez en el firefox, antes era en chrome que desinstalé. La página era mas virulenta pues bloqueaba todo, mouse incluido siendo imposible hacer captura de pantalla. La direccion que al principio era la misma de anteriormente se cambió ante mis ojosvarias veces hasta que se estabilizó en una direccion que empezaba con microsoft y luego terminaba con /ru-ru/eng; la página era igual y en francés tambien. Tuve que resetear; luego al abrir el firefox de nuevo ahí me estaba esperando de nuevo la misma pagina para al cabo de varios segundos dejarme la pantalla en completamente en azul, sin nada, pero no la clasica azul sino una azul verde que tambien dejaba como unica alternativa resetear. Es bien fastidioso y no se como puedo bloquear esta invasion. Despues del segundo reseteo en modo seguro pase el elistar el sprocess para ver si les da alguna pista. Gracias por su atencion.
(9-7-2017 15:07:35 (GMT))
EliStartPage v37.15 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 29 de Junio del 2017)
--------------------------------------------------
Sistema Operativo: Windows 10 Pro (6.3.14393) (64 bits)
Usuario: defaultuser0
ID de Usuario: S-1-5-21-4116706450-2675624388-2781689814-1000
Cadenas Víricas: 32427

Lista de Acciones (por Acción Directa):
Error de Acceso a las Rutas del Usuario.

(9-7-2017 15:07:39 (GMT))
EliStartPage v37.15 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 29 de Junio del 2017)
--------------------------------------------------
Sistema Operativo: Windows 10 Pro (6.3.14393) (64 bits)
Usuario: reddi
ID de Usuario: S-1-5-21-4116706450-2675624388-2781689814-1001
Cadenas Víricas: 32427

Lista de Acciones (por Acción Directa):
Detectado HOSTS no Standar.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE

(9-7-2017 15:07:44 (GMT))
EliStartPage v37.15 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 29 de Junio del 2017)
--------------------------------------------------
Sistema Operativo: Windows 10 Pro (6.3.14393) (64 bits)
Usuario: CaroL
ID de Usuario: S-1-5-21-4116706450-2675624388-2781689814-1002
Cadenas Víricas: 32427

Lista de Acciones (por Acción Directa):
Detectado HOSTS no Standar.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE

(9-7-2017 15:10:15 (GMT))
EliStartPage v37.15 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 29 de Junio del 2017)
--------------------------------------------------
Sistema Operativo: Windows 10 Pro (6.3.14393) (64 bits)
Usuario: CaroL
ID de Usuario: S-1-5-21-4116706450-2675624388-2781689814-1002
Cadenas Víricas: 32427

Lista de Acciones (por Exploración):
Explorando "C:\"

Nº Total de Directorios: 57546
Nº Total de Ficheros: 294228
Nº de Ficheros Analizados: 59213
Nº de Ficheros Infectados: 0
Nº de Ficheros Eliminados: 0

(9-7-2017 15:10:35 (GMT))
EliStartPage v37.15 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 29 de Junio del 2017)
--------------------------------------------------
Sistema Operativo: Windows 10 Pro (6.3.14393) (64 bits)
Usuario: CaroL
ID de Usuario: S-1-5-21-4116706450-2675624388-2781689814-1002
Cadenas Víricas: 32427

Lista de Acciones (por Cierre):
Detectados Programas Potecialmente No Deseados (PUPs).
Ejecute el EliPUPs para proceder con su Desinstalación.
"Opera Stable 46.0.2597.26314"
...
(9-7-2017 14:20:51 GMT)
SProces v9.1 (c)2017 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 10 Pro (v6.3.14393) (64 bits)
Internet Explorer: (v11.1358.14393.0) 0
Equipo: DESKTOP-EF42ODR
Usuario: CaroL
Sesión de Usuario: CaroL

47 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NVDISPLAY.CONTAINER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\CMDAGENT.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SASCORE64.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDFSSVC.EXE
C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NVTELEMETRY\NVTELEMETRYCONTAINER.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDUPDSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DASHOST.EXE
C:\WINDOWS\SYSTEM32\CAVWP.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\SYSTEM32\SIHOST.EXE
C:\WINDOWS\SYSTEM32\CISTRAY.EXE
C:\WINDOWS\SYSTEM32\TASKHOSTW.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\RUNTIMEBROKER.EXE
C:\WINDOWS\SYSTEM32\SHELLEXPERIENCEHOST.EXE
C:\WINDOWS\SYSTEM32\SEARCHUI.EXE
C:\WINDOWS\SYSTEM32\CCLEANER64.EXE
C:\WINDOWS\SYSTEM32\CIS.EXE
C:\WINDOWS\SYSTEM32\RTKNGUI64.EXE
C:\PROGRAM FILES (X86)\COPERNIC\DESKTOPSEARCH\COPERNIC.DESKTOPSEARCH.EXE
C:\WINDOWS\SYSTEM32\SUPERANTISPYWARE.EXE
C:\PROGRAM FILES (X86)\ELABORATE BYTES\VIRTUALCLONEDRIVE\VCDDAEMON.EXE
C:\USERS\CAROL\DESKTOP\SPROCES.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R0 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (User 'defaultuser0')
R0 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'reddi')
R0 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch (User 'reddi')
O1 - Hosts: 127.0.0.1 license.superantispyware.com
O1 - Hosts: 0.0.0.0 license.superantispyware.com
O1 - Hosts: 127.0.0.1 23.74.204.49
O1 - Hosts: 127.0.0.1 2.20.235.247
O1 - Hosts: 127.0.0.1 216.58.214.40
O1 - Hosts: 127.0.0.1 151.101.12.143
O1 - Hosts: 127.0.0.1 66.117.29.4
O1 - Hosts: 127.0.0.1 63.140.41.167
O1 - Hosts: 127.0.0.1 secure.flashfxp.com
O1 - Hosts: 127.0.0.1 promo.flashfxp.com
O1 - Hosts: 127.0.0.1 liveupdate.flashfxp.com
O1 - Hosts: 127.0.0.1 13.80.12.54
O1 - Hosts: 127.0.0.1 239.255.255.250
O1 - Hosts: 127.0.0.1 oo-software.com
O1 - Hosts: 127.0.0.1 corp.oo-software.com
O1 - Hosts: 127.0.0.1 update10.oo-software.com
O1 - Hosts: 127.0.0.2 apps.skype.com
O1 - Hosts: 0.0.0.0 live.rads.msn.com
O1 - Hosts: 0.0.0.0 ads1.msn.com
O1 - Hosts: 0.0.0.0 static.2mdn.net
...
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (MD5: 2ECBD0616A07D7B0DA79CA0BD8B9AFB6)
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (MD5: E2B4298571EB32D776D837AE4874E036)
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (MD5: AA277A5861B71D8FCAF3BABEF777D86F)
O2 - BHO (x86): (no name) - AutorunsDisabled - (no file)
O2 - BHO (x86): IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (MD5: FE82C6F8416FB9645B6DBAD037AC5479)
O2 - BHO (x86): RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (MD5: 64D6737BD97299D8C15470B99028BE63)
O2 - BHO (x86): Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (MD5: 50DCF1D53B994ABF23918AB3AAEAC989)
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (MD5: E2B4298571EB32D776D837AE4874E036)
O3 - Toolbar (x86): &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (MD5: 64D6737BD97299D8C15470B99028BE63)
O4 - HKCU\..\Run: [Copernic Desktop Search 5] "C:\Program Files (x86)\Copernic\DesktopSearch\Copernic.DesktopSearch.exe" /tray (MD5: 5874FC0684953E0A72A653E5A1524B44)
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun (MD5: 4EE3FE1CDAA8A64F55370048F4FD322D)
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (MD5: 720B1ED18B11D46569452A9555EA3AB8)
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (MD5: 333B21363F104AB3639099E5DC4B04A4)
O4 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1000\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'defaultuser0') (MD5: 1496120E3867FD75AE5D4EAD6E618E7A)
O4 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1001\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (User 'reddi') (MD5: C75F3BF8FAABBA3EED8FEE27256C6E46)
O4 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1001\..\Run: [Copernic Desktop Search 5] "C:\Program Files (x86)\Copernic\DesktopSearch\Copernic.DesktopSearch.exe" /tray (User 'reddi') (MD5: 5874FC0684953E0A72A653E5A1524B44)
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s (MD5: 6B89138EA6759DB1AB6F5C05CA97210D)
O4 - HKLM\..\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (MD5: 89086EDA74506044D4ACE27339340E6B)
O4 - HKLM\..\Wow6432Node\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s (MD5: 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C)
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Servicio Local') (MD5: 1496120E3867FD75AE5D4EAD6E618E7A)
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Servicio de red') (MD5: 1496120E3867FD75AE5D4EAD6E618E7A)
O8 - Extra context menu item: Descargar con IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Guardar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
O8 - Extra context menu item: Mostrar Barra de Herramientas - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
O8 - Extra context menu item: Personalizar Menú - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Rellenar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
O8 - Extra context menu item: Descargar con IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm (User 'reddi')
O8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm (User 'reddi')
O8 - Extra context menu item: Guardar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html (User 'reddi')
O8 - Extra context menu item: Mostrar Barra de Herramientas - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html (User 'reddi')
O8 - Extra context menu item: Personalizar Menú - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html (User 'reddi')
O8 - Extra context menu item: Rellenar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html (User 'reddi')
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKLM)
O9 - Extra button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (MD5: E2B4298571EB32D776D837AE4874E036) (HKLM)
O9 - Extra button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (MD5: E2B4298571EB32D776D837AE4874E036) (HKLM)
O9 - Extra button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (MD5: E2B4298571EB32D776D837AE4874E036) (HKLM)
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKLM x86)
O9 - Extra button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (MD5: 64D6737BD97299D8C15470B99028BE63) (HKLM x86)
O9 - Extra button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (MD5: 64D6737BD97299D8C15470B99028BE63) (HKLM x86)
O9 - Extra button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (MD5: 64D6737BD97299D8C15470B99028BE63) (HKLM x86)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (MD5: 7FC19DA1DC70C78D2FBD7A1D10942051) (HKLM x86)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics (x86)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6c4facbf-f579-41a3-ac96-cb56d45518ea}: NameServer = 156.154.71.1,156.154.70.1,192.168.0.254
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - (no file)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (MD5: 4C768278E413976BB689F17EBEAD1E9F)
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (MD5: 4C768278E413976BB689F17EBEAD1E9F)
O20 - Winlogon Notify: LBTWLGN - C:\PROGRAM FILES\COMMON FILES\LOGISHRD\BLUETOOTH\LBTWLGN.DLL (MD5: E3AE34B35E5F76B67D6B4683170C936F)
O20 - Winlogon Notify (x86): SDWINLOGON - SDWINLOGON.DLL (file missing)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
O21 - SSODL (x86): WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

Información Adicional:
----------------------
Acceso Rapido ('CaroL'): FlashFXP 5.lnk = C:\Program Files (x86)\FlashFXP 5\FlashFXP.exe (MD5: B267622233BD5962B42382354B7864CA)
Acceso Rapido ('CaroL'): Glary Utilities 5.lnk = C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (MD5: 686D619A21552885FED1A5BB40D7DA5A)
Acceso Rapido ('CaroL'): ImgBurn.lnk = C:\Program Files (x86)\ImgBurn\ImgBurn.exe (MD5: 4776C25E4FFDA40783DF8D31217ED085)
Acceso Rapido ('CaroL'): Revo Uninstaller Pro.lnk = C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (MD5: 261ACCF59B2E27B00DAC2CEBD88213C0)
Acceso Rapido ('CaroL'): Shows Desktop.lnk =
Acceso Rapido ('CaroL'): Winamp.lnk = C:\Program Files (x86)\Winamp\winamp.exe (MD5: C8E8F12B364C3A7BA45888FBBC474AAA)
Acceso Rapido ('CaroL'): Window Switcher.lnk =
Acceso Rapido ('CaroL'): Wondershare Video Converter Ultimate.lnk = C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe (MD5: 74CEA1D52264CFBC3A1C210CB4D1EB76)
Acceso Rapido ('CaroL'): Xilisoft Video Convertidor Ultimate.lnk = C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe (MD5: 594DBC7994867FEE9337B94B166F9C6C)
Acceso Rapido ('CaroL'): µTorrent.lnk = C:\Users\CaroL\AppData\Roaming\uTorrent\uTorrent.exe (MD5: 87B98E8837E450291E6B572D100DCF08)
Acceso Rapido ('reddi'): Revo Uninstaller Pro.lnk = C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (MD5: 261ACCF59B2E27B00DAC2CEBD88213C0)
Acceso Rapido ('reddi'): Shows Desktop.lnk =
Acceso Rapido ('reddi'): Window Switcher.lnk =
Tarea Programada: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
Tarea Programada: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 2f1e6b83-6429-439e-87b7-14d50b3766f1.job
Tarea Programada: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 88373351-c13a-465b-a5a0-19913ff6df89.job

Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (MD5: 98E06CAC2C508118450095E581202230)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (MD5: 5D6B8AF62DDD8F1AFE50B26D53D58B14)
O23 - Service: IDMWFP - Tonec Inc. - C:\WINDOWS\system32\DRIVERS\idmwfp.sys (MD5: 025868A34E359A5F49D2324C0B14D537)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - Unknown owner - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvC (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - Unknown owner - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (MD5: B4337BA6754438CD2699D8A17DD8A359)
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (MD5: 30696A220D11270F4FC65C2D74CEE4D1)

Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (MD5: BABA54B15338F60EC1C40D30E61214D9)
O23 - Service: ampa - Unknown owner - C:\Windows\system32\ampa.sys (MD5: 39B6FAE7DFE1B70034F253AB0BB96E2F)
O23 - Service: @oem61.inf,%asmthub3_ServiceDescription%;ASMedia USB3.1 Hub Service (asmthub3) - ASMedia Technology Inc - C:\WINDOWS\System32\drivers\asmthub3.sys (MD5: 7EDE010DF1A36BB32833D112EA609F60)
O23 - Service: @oem58.inf,%asmtxhci_ServiceDescription%;ASMedia XHCI Service (asmtxhci) - ASMedia Technology Inc - C:\WINDOWS\system32\DRIVERS\asmtxhci.sys (MD5: 2400ED65F4E0A521399027C9C7EF7012)
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper\ABService.exe (MD5: CD676444FEB9CAD3482E76AC597751D9)
O23 - Service: @bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service (bcmfn) - Windows (R) Win 7 DDK provider - C:\WINDOWS\System32\drivers\bcmfn.sys (MD5: 3F5523DCEFE42B385659C5CB46A6B810)
O23 - Service: @bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service (bcmfn2) - Windows (R) Win 7 DDK provider - C:\WINDOWS\System32\drivers\bcmfn2.sys (MD5: 0B750A6A6D847E73CA48ADD7A0F5A393)
O23 - Service: cht4iscsi - Chelsio Communications - C:\WINDOWS\SYSTEM32\drivers\cht4sx64.sys (MD5: 0AED948DA8D5F08B3D6F12E4E2089736)
O23 - Service: @cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver (cht4vbd) - Chelsio Communications - C:\WINDOWS\System32\drivers\cht4vx64.sys (MD5: 0002A0FDE087C1657AB31CE73077539C)
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (MD5: BAD660E618C27E60018949C01905D470)
O23 - Service: @oem44.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus (dtlitescsibus) - Disc Soft Ltd - C:\WINDOWS\System32\drivers\dtlitescsibus.sys (MD5: 679FF716052109392D870F6A6C4A3535)
O23 - Service: @oem45.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus (dtliteusbbus) - Disc Soft Ltd - C:\WINDOWS\System32\drivers\dtliteusbbus.sys (MD5: E23FDD696839A4790682CA66C48D3F2F)
O23 - Service: @iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver (iagpio) - Intel(R) Corporation - C:\WINDOWS\System32\drivers\iagpio.sys (MD5: C6B8743B213F06AA60943D8366FE968F)
*O23 - Service: @iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller (iai2c) - Intel(R) Corporation - C:\WINDOWS\System32\drivers\iai2c.sys (MD5: 9A2A2F3C69B9A30B6E78536F6D258BAD)
O23 - Service: @iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2 (iaLPSS2i_GPIO2) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys (MD5: 5A0E850F8CD17791A3E6A3CF81D0CA28)
O23 - Service: @iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2 (iaLPSS2i_I2C) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys (MD5: 7508F1096803385D6376BFD0BD473AC4)
O23 - Service: @ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver (iaLPSSi_GPIO) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (MD5: 16A10CCEDCF5AC4CAAE43DC9FC40392F)
O23 - Service: @ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver (iaLPSSi_I2C) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys (MD5: EB82A11613326691508D9ED9A4FE29E7)
O23 - Service: @mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver) (ibbus) - Mellanox - C:\WINDOWS\System32\drivers\ibbus.sys (MD5: 3BA03F7C7700DDF4C383DDE9252F5817)
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\drivers\RTKVHD64.sys (MD5: 00D0BAD638E321E12A0A1F0D0CFF96B6)
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe (MD5: B452921B85EEF6FD43C25DE373FF5C48)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe (MD5: 20EE2F2ADCF8DBD091E931593F5AC268)
O23 - Service: @oem15.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF USB Filter (LEqdUsb) - Logitech, Inc. - C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys (MD5: EAB70270BDDCFEF56FCC7425C2D9883D)
O23 - Service: @oem16.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF HID Filter (LHidEqd) - Logitech, Inc. - C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys (MD5: 5EBB7C1FC685D45A1D3D8B2B9A656E48)
O23 - Service: @oem18.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (MD5: AFDFA4A6B0F7B15AA38E494FD4595741)
O23 - Service: @oem21.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver (LMouFilt) - Logitech, Inc. - C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (MD5: C3E82B320F34C97F32B8026F4C249BEF)
O23 - Service: @oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface (MEIx64) - Intel Corporation - C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys (MD5: 8EC6459491D8508BBA5E3CEC5C930914)
O23 - Service: @mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator (mlx4_bus) - Mellanox - C:\WINDOWS\System32\drivers\mlx4_bus.sys (MD5: FD60818B66B2E8A5415EA840E99A9D8F)
O23 - Service: @oem22.inf,%mv91cons.SVCDESC%;Marvell 91xx Config Device Driver (mv91cons) - Marvell Semiconductor Inc. - C:\WINDOWS\System32\drivers\mv91cons.sys (MD5: BC1C7A9F289C2E119B8E1DB30C4C7393)
O23 - Service: @mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service (ndfltr) - Mellanox - C:\WINDOWS\System32\drivers\ndfltr.sys (MD5: 629CB21AC49C8867E0F29DF1C16DB7B4)
O23 - Service: Network Adapter Wdf Class Extension Library (NetAdapterCx) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\NetAdapterCx.sys (MD5: 6C76780A01FC2B885BD6E957B5C36B02)
O23 - Service: @oem60.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver (NVHDA) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvhda64v.sys (MD5: 4938CCA6E12A7FDA5324FFF0DF5DB8EC)
O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d81f3535ced17c6\nvlddmkm.sys (MD5: E39CA5C6B78F77982C368BED0D219841)
O23 - Service: @oem59.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM) (nvvad_WaveExtensible) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvvad64v.sys (MD5: 635E379EFEE0AADDCB2A5C00247D13A5)
O23 - Service: @oem61.inf,%ServiceDesc%;NVVHCI Enumerator Service (nvvhci) - NVIDIA Corporation - C:\WINDOWS\System32\drivers\nvvhci.sys (MD5: 842E1AB0A53CEDE011F71C4E4DCC9871)
O23 - Service: Revoflt - VS Revo Group - C:\WINDOWS\SYSTEM32\DRIVERS\revoflt.sys (MD5: 498C3D4D44382A96812A0E0FF28D575B)
O23 - Service: @oem64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver (rt640x64) - Realtek - C:\WINDOWS\System32\drivers\rt640x64.sys (MD5: 5E912FAEB14D16E345FBAB6B1966409D)
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (MD5: FDEF8DC6871B96BBBD39A648994F60D1)
O23 - Service: @oem43.inf,%Serial.SVCDESC%;Prolific Serial port WDF driver (Ser2pl) - Prolific Technology Inc. - C:\WINDOWS\system32\DRIVERS\ser2pl64.sys (MD5: 81C4472F297BABE08CEA3A5E3CB3E5B4)
O23 - Service: TeraCopy Service (TeraCopyService) - Code Sector - C:\Program Files\TeraCopy\TeraCopyService.exe (MD5: 522FEC52E6CB6C72AD2BD962201B9CB6)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (MD5: C390F6F13C90413ABB02F85714F35DF2)
O23 - Service: VClone - Elaborate Bytes AG - C:\WINDOWS\System32\drivers\VClone.sys (MD5: F257A2737280F0076EAE3AB489C06474)
O23 - Service: @mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service (WinMad) - Mellanox - C:\WINDOWS\System32\drivers\winmad.sys (MD5: F95DE20312ACCA7761446DE152BD1F7C)
O23 - Service: @mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service (WinVerbs) - Mellanox - C:\WINDOWS\System32\drivers\winverbs.sys (MD5: 8B9AFF5F08E66A6F1F1063DEC9457FB6)

Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: UnlockerDriver5 - Unknown owner - C:\Program Files\Unlocker\UnlockerDriver5.sys (MD5: 9DC07E73A4ABB9ACF692113B36A5009F)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe (MD5: 5B3148291D750B03CD812DB79BD666AF)

53 Servicios.
7 de Carga Automatica.
44 de Carga Manual.
2 Deshabilitados.

Listado de Programas Instalados:
--------------------------------
Paquete de controladores de Windows - DexCom, Inc. (usbser) Ports (05/24/2010 1.0.0.2) -> C:\PROGRA~1\DIFX\4A7292F75FEBBD3C\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\dexcomvcpdriver.inf_amd64_43509da393e98410\dexcomvcpdriver.inf
CCleaner -> "C:\Program Files\CCleaner\uninst.exe"
COMODO Firewall -> "C:\Program Files\COMODO\COMODO Internet Security\cmdinstall.exe" -type local -uninstall -theme lycia -log
Instalación de DivX -> C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
IrfanView 4.44 (64-bit) -> "C:\Program Files\IrfanView\iv_uninstall.exe"
Mozilla Firefox 52.0.2 (x64 es-ES) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Pale Moon 27.1.2 (x64 en-US) -> "C:\Program Files\Pale Moon\uninstall\helper.exe"
Logitech SetPoint 6.67 -> C:\Program Files\Common Files\LogiShrd\sp6_Uninstall\setup.exe
TeraCopy version 3.0.8 -> "C:\Program Files\TeraCopy\unins000.exe"
Unlocker 1.9.2 -> C:\Program Files\Unlocker\uninst.exe
Vulkan Run Time Libraries 1.0.42.1 -> C:\Program Files (x86)\VulkanRT\1.0.42.1\UninstallVulkanRT.exe
WinRAR 5.40 (64-bit) -> C:\Program Files\WinRAR\uninstall.exe
Canon MG5600 series MP Drivers -> "C:\Program Files\CanonBJ\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series\DELDRV64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series /L0x000a
Windows 10 Update and Privacy Settings -> MsiExec.exe /X{4DFCD818-036A-4229-A67D-CF17DC461D92}
diasend® Uploader version 2.4.0_BuildR2e02 -> "C:\Program Files\diasend(R) Uploader\unins000.exe"
Revo Uninstaller Pro 3.1.9 -> "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"
DriversCloud.com (64 bits) -> MsiExec.exe /X{900A0E96-0841-444C-A009-B1D214EFD3EF}
COMODO Firewall -> MsiExec.exe /I{A1E718A7-BB83-41B8-BA96-BC219C322B8E}
PDF-Viewer -> "C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
NVIDIA Controlador de gráficos 382.53 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Controlador de la controladora 3D Vision 369.04 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Software del sistema PhysX 9.17.0329 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Controlador de audio HD 1.3.34.27 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
SUPERAntiSpyware -> "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
calibre 64bit -> MsiExec.exe /I{D7D0A0C9-6728-4FA3-B611-04FFDB739F97}
Adobe Flash Player 25 NPAPI -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_Plugin.exe -maintain plugin
Adobe Flash Player 26 PPAPI -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe -maintain pepperplugin
RoboForm 7-9-27-7 (All Users) -> "C:\Program Files (x86)\Siber Systems\AI RoboForm\rfwipeout.exe"
AIDA64 Engineer v5.75 -> "C:\Program Files (x86)\FinalWire\AIDA64 Engineer\unins000.exe"
AOMEI Partition Assistant Server Edition 6.2.0 -> "C:\Program Files (x86)\AOMEI Partition Assistant Server Edition 6.2.0\unins000.exe"
Canon MG5600 series On-screen Manual -> C:\Program Files (x86)\Canon\IJ Manual\Canon MG5600 series\uninstall.exe
Canon My Printer -> "C:\Program Files\Canon\MyPrinter\uninst.exe" /UninstallRemove C:\Program Files\Canon\MyPrinter\uninst.ini
Canon Quick Menu -> "C:\Program Files (x86)\Canon\Quick Menu\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Quick Menu\uninst.ini
Canon IJ Scan Utility -> "C:\Program Files (x86)\Canon\IJ Scan Utility\MAINT.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Scan Utility\uninst.ini
Internet Security Essentials -> C:\ProgramData\COMODO\ISE\Installer\isestart.exe
Copernic Desktop Search 5 -> C:\Windows\SysWOW64\msiexec.exe /i {3BCBE675-244D-4330-B19F-F2E956F64A5A}
Canon Easy-WebPrint EX -> "C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.ini
EZ eMail Backup 2.0 -> "C:\Program Files (x86)\EZ eMail Backup\unins000.exe"
FileASSASSIN -> C:\Program Files (x86)\FileASSASSIN\uninst.exe
FlashFXP 5 -> "C:\ProgramData\{B6FEFB15-88F3-4275-9857-016151CA3F7F}\FlashFXP5_Setup.exe" REMOVE=TRUE MODIFY=FALSE
Glary Utilities PRO 5.79 -> C:\Program Files (x86)\Glary Utilities 5\uninst.exe
HD Tune Pro 5.60 -> "C:\Program Files (x86)\HD Tune Pro\unins000.exe"
herdProtect Anti-Malware Scanner -> "C:\Program Files\Reason\herdProtect\Scanner\uninstall.exe"
ImgBurn -> "C:\Program Files (x86)\ImgBurn\uninstall.exe"
Internet Download Manager -> C:\Program Files (x86)\Internet Download Manager\Uninstall.exe
Malwarebytes Anti-Malware versión 2.2.1.1043 -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
MKVToolNix 12.0.0 (64bit) -> C:\Program Files\MKVToolNix\uninst.exe
Mozilla Firefox 52.1.2 ESR (x86 es-ES) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Opera Stable 46.0.2597.26314 -> "C:\Program Files (x86)\Opera\Launcher.exe" /uninstall
Registro de usuario de Canon MG5600 series -> C:\Program Files (x86)\Canon\IJEREG\MG5600 series\UNINST.EXE
SeaTools for Windows 1.4.0.4 -> C:\Program Files (x86)\Seagate\SeaTools for Windows\uninst.exe
SpywareBlaster 5.5 -> "C:\Program Files (x86)\SpywareBlaster\unins000.exe"
UltraISO Premium V9.66 -> "C:\Program Files (x86)\UltraISO\unins000.exe"
VirtualCloneDrive -> "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive"
VLC media player -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Winamp -> "C:\Program Files (x86)\Winamp\UninstWA.exe"
Wondershare Video Converter Ultimate(Build 8.8.0.3) -> "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\unins000.exe" /WAF
Wondershare Video Editor(Build 5.1.2) -> "C:\Program Files (x86)\Wondershare\Video Editor\unins000.exe"
Xilisoft Video Convertidor Ultimate -> C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\Uninstall.exe
Microsoft XNA Framework Redistributable 4.0 -> MsiExec.exe /I{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
TomTom HOME -> MsiExec.exe /I{30E6FC43-C31F-4968-9A06-AA38E3C3CF73}
adsl TV -> "C:\Program Files (x86)\adslTV\Uninstall.exe" "C:\Program Files (x86)\adslTV\Uninstall.log" -u
WPTx64 -> MsiExec.exe /I{3F61608E-AB68-04B1-82FF-95799F5D01CA}
Spybot Anti-Beacon -> "C:\Program Files (x86)\Spybot Anti-Beacon\unins000.exe"
GetDataBack for NTFS -> "C:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\Uninstall.exe" "C:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\install.log" -u
WPT Redistributables -> MsiExec.exe /I{6704BD92-2F42-FE2F-AF4E-5C9D6666C75E}
Lyrics Plugin for Winamp -> MsiExec.exe /I{75E9A522-65D2-4200-A95F-C3EF89703263}
Kits Configuration Installer -> MsiExec.exe /I{76825BA0-C536-C284-BAA1-9DB7A2D30D54}
VC80CRTRedist - 8.0.50727.6195 -> MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
Windows SDK EULA -> MsiExec.exe /I{962DFBFC-9157-9726-25D8-A2668B066F47}
Google Earth -> MsiExec.exe /I{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}
AOMEI Backupper Technician Plus -> "C:\Program Files (x86)\AOMEI Backupper\unins000.exe"
Spybot - Search & Destroy -> "C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe"
Asmedia ASM106x SATA Host Controller Driver -> MsiExec.exe /X{DF6C3726-7E53-4772-9763-E9F147769F51}
Asmedia USB Host Controller Driver -> MsiExec.exe /X{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
Realtek High Definition Audio Driver -> "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -runfromtemp -removeonly
Windows Software Development Kit - Windows 10.0.14393.33 -> "C:\ProgramData\Package Cache\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}\sdksetup.exe" /uninstall
HDD Guardian 0.7.1 -> "C:\Program Files (x86)\HDD Guardian\Uninstall.exe"
Registry Help Pro -> C:\Users\CaroL\AppData\Local\Registry Help Pro\uninstall.exe
µTorrent -> "C:\Users\CaroL\AppData\Roaming\uTorrent\uTorrent.exe" /UNINSTALL

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Vuelve pagina web dice que todo se va a bloquear si no pago

Mensaje por msc hotline sat » 10 Jul 2017, 08:41

Pues vemos que aun tienes instalado el I.E. :

Internet Explorer: (v11.1358.14393.0) 0

Es lo primero que cabe pensar, alguna vulnerabilidad del navegador por la que se colara el ataque en cuestion...


Aparte, vemos esta aplicación que tambien resulta sospechosa:

C:\WINDOWS\SYSTEM32\NVDISPLAY.CONTAINER.EXE

Añade .vir a la extension de la misma, y mira si al reiniciar ya no persiste el problema, y nos cuentas el resultado, aparte de enviarnos dicho fichero para analizar

Saludos

ms, 10-7-2017

jtres
Mensajes: 22
Registrado: 24 Mar 2007, 09:02
Ubicación: Paris

Re: Vuelve pagina web dice que todo se va a bloquear si no pago

Mensaje por jtres » 12 Jul 2017, 20:11

Hola, un saludo. Pues yo tenía el IE deshabilitado, y cuando en buscar pongo IE o internet explorer, no me da respuesta; me propone el Edge. Fui a activar/desactivar características de windows y efectivamente estaba marcado como activado el internet explorer 11; supongo que la reciente actualizacion de windows lo reinstalò. Lo he vuelto ha desinstalar de nuevo, aunque supongo que lo que hize fue deshabilitarlo pues en archivos de programas sigue estando ahí. En cuanto al NVDISPLAY.CONTAINER.EXE, no lo encuentro por ninguna parte. Bueno, en la carpeta nvidia si hay un programa con ese nombre, pero no en la carpeta Windows. Os incluyo otro analisis de elistara en su ultima version y del Sprocess. La página de bloqueo no me ha vuelto a salir aunque yo tambien me he restringido internet. En los resultados de los analisis siguen estando el NVDISPLAY.CONTAINER.EXE y el internet explorer. Tengo mostrar archivos ocultos y de sistema activado, por lo que no entiendo porque el nvidia aparece en System32 en el sprocess. Saludos
(12-7-2017 17:52:20 (GMT))
EliStartPage v37.23 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 11 de Julio del 2017)
--------------------------------------------------
Sistema Operativo: Windows 10 Pro (6.3.14393) (64 bits)
Usuario: defaultuser0
ID de Usuario: S-1-5-21-4116706450-2675624388-2781689814-1000
Cadenas Víricas: 32590

Lista de Acciones (por Acción Directa):
Error de Acceso a las Rutas del Usuario.

(12-7-2017 17:52:33 (GMT))
EliStartPage v37.23 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 11 de Julio del 2017)
--------------------------------------------------
Sistema Operativo: Windows 10 Pro (6.3.14393) (64 bits)
Usuario: reddi
ID de Usuario: S-1-5-21-4116706450-2675624388-2781689814-1001
Cadenas Víricas: 32590

Lista de Acciones (por Acción Directa):
Detectado HOSTS no Standar.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE

(12-7-2017 17:52:42 (GMT))
EliStartPage v37.23 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 11 de Julio del 2017)
--------------------------------------------------
Sistema Operativo: Windows 10 Pro (6.3.14393) (64 bits)
Usuario: CaroL
ID de Usuario: S-1-5-21-4116706450-2675624388-2781689814-1002
Cadenas Víricas: 32590

Lista de Acciones (por Acción Directa):
Detectado HOSTS no Standar.
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE

(12-7-2017 17:59:12 (GMT))
EliStartPage v37.23 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 11 de Julio del 2017)
--------------------------------------------------
Sistema Operativo: Windows 10 Pro (6.3.14393) (64 bits)
Usuario: CaroL
ID de Usuario: S-1-5-21-4116706450-2675624388-2781689814-1002
Cadenas Víricas: 32590

Lista de Acciones (por Exploración):
Explorando "C:\"

Nº Total de Directorios: 62044
Nº Total de Ficheros: 335678
Nº de Ficheros Analizados: 67960
Nº de Ficheros Infectados: 0
Nº de Ficheros Eliminados: 0

-----------
(12-7-2017 18:02:56 GMT)
SProces v9.1 (c)2017 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 10 Pro (v6.3.14393) (64 bits)
Internet Explorer: (v11.1480.14393.0) 0
Equipo: DESKTOP-EF42ODR
Usuario: CaroL
Sesión de Usuario: CaroL

60 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NVDISPLAY.CONTAINER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\WUDFHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\CMDAGENT.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SASCORE64.EXE
C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NVTELEMETRY\NVTELEMETRYCONTAINER.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDUPDSVC.EXE
C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDFSSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\CAVWP.EXE
C:\WINDOWS\SYSTEM32\DASHOST.EXE
C:\WINDOWS\SYSTEM32\SIHOST.EXE
C:\WINDOWS\SYSTEM32\CISTRAY.EXE
C:\WINDOWS\SYSTEM32\TASKHOSTW.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\RUNTIMEBROKER.EXE
C:\WINDOWS\SYSTEM32\SHELLEXPERIENCEHOST.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\WINDOWS\SYSTEM32\SEARCHUI.EXE
C:\WINDOWS\SYSTEM32\RTKNGUI64.EXE
C:\PROGRAM FILES (X86)\COPERNIC\DESKTOPSEARCH\COPERNIC.DESKTOPSEARCH.EXE
C:\WINDOWS\SYSTEM32\CIS.EXE
C:\WINDOWS\SYSTEM32\SUPERANTISPYWARE.EXE
C:\PROGRAM FILES (X86)\ELABORATE BYTES\VIRTUALCLONEDRIVE\VCDDAEMON.EXE
C:\WINDOWS\SYSTEM32\INSTALLAGENT.EXE
C:\WINDOWS\SYSTEM32\INSTALLAGENTUSERBROKER.EXE
C:\PROGRAM FILES (X86)\INTERNET DOWNLOAD MANAGER\IDMAN.EXE
C:\PROGRAM FILES (X86)\INTERNET DOWNLOAD MANAGER\IEMONITOR.EXE
C:\WINDOWS\SYSTEM32\APPLICATIONFRAMEHOST.EXE
C:\WINDOWS\SYSTEM32\WIMSERV.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\PROGRAM FILES (X86)\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE
C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE
C:\WINDOWS\SYSTEM32\FONTDRVHOST.EXE
C:\WINDOWS\SYSTEM32\SPLWOW64.EXE
C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE
C:\WINDOWS\SYSTEM32\NOTEPAD.EXE
C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE
C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE
C:\WINDOWS\SYSTEM32\AUDIODG.EXE
C:\USERS\CAROL\DESKTOP\SPROCES.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R0 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (User 'defaultuser0')
R0 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'reddi')
R0 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch (User 'reddi')
O1 - Hosts: 127.0.0.1 license.superantispyware.com
O1 - Hosts: 0.0.0.0 license.superantispyware.com
O1 - Hosts: 127.0.0.1 23.74.204.49
O1 - Hosts: 127.0.0.1 2.20.235.247
O1 - Hosts: 127.0.0.1 216.58.214.40
O1 - Hosts: 127.0.0.1 151.101.12.143
O1 - Hosts: 127.0.0.1 66.117.29.4
O1 - Hosts: 127.0.0.1 63.140.41.167
O1 - Hosts: 127.0.0.1 secure.flashfxp.com
O1 - Hosts: 127.0.0.1 promo.flashfxp.com
O1 - Hosts: 127.0.0.1 liveupdate.flashfxp.com
O1 - Hosts: 127.0.0.1 13.80.12.54
O1 - Hosts: 127.0.0.1 239.255.255.250
O1 - Hosts: 127.0.0.1 oo-software.com
O1 - Hosts: 127.0.0.1 corp.oo-software.com
O1 - Hosts: 127.0.0.1 update10.oo-software.com
O1 - Hosts: 127.0.0.2 apps.skype.com
O1 - Hosts: 0.0.0.0 live.rads.msn.com
O1 - Hosts: 0.0.0.0 ads1.msn.com
O1 - Hosts: 0.0.0.0 static.2mdn.net
...
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (MD5: 2ECBD0616A07D7B0DA79CA0BD8B9AFB6)
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (MD5: E2B4298571EB32D776D837AE4874E036)
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (MD5: AA277A5861B71D8FCAF3BABEF777D86F)
O2 - BHO (x86): (no name) - AutorunsDisabled - (no file)
O2 - BHO (x86): IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (MD5: FE82C6F8416FB9645B6DBAD037AC5479)
O2 - BHO (x86): RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (MD5: 64D6737BD97299D8C15470B99028BE63)
O2 - BHO (x86): Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (MD5: 50DCF1D53B994ABF23918AB3AAEAC989)
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (MD5: E2B4298571EB32D776D837AE4874E036)
O3 - Toolbar (x86): &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (MD5: 64D6737BD97299D8C15470B99028BE63)
O4 - HKCU\..\Run: [Copernic Desktop Search 5] "C:\Program Files (x86)\Copernic\DesktopSearch\Copernic.DesktopSearch.exe" /tray (MD5: 5874FC0684953E0A72A653E5A1524B44)
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun (MD5: 4EE3FE1CDAA8A64F55370048F4FD322D)
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (MD5: 720B1ED18B11D46569452A9555EA3AB8)
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (MD5: 333B21363F104AB3639099E5DC4B04A4)
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (MD5: C75F3BF8FAABBA3EED8FEE27256C6E46)
O4 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1000\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'defaultuser0') (MD5: 1496120E3867FD75AE5D4EAD6E618E7A)
O4 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1001\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (User 'reddi') (MD5: C75F3BF8FAABBA3EED8FEE27256C6E46)
O4 - HKUS\S-1-5-21-4116706450-2675624388-2781689814-1001\..\Run: [Copernic Desktop Search 5] "C:\Program Files (x86)\Copernic\DesktopSearch\Copernic.DesktopSearch.exe" /tray (User 'reddi') (MD5: 5874FC0684953E0A72A653E5A1524B44)
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s (MD5: 6B89138EA6759DB1AB6F5C05CA97210D)
O4 - HKLM\..\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (MD5: 89086EDA74506044D4ACE27339340E6B)
O4 - HKLM\..\Wow6432Node\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s (MD5: 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C)
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Servicio Local') (MD5: 1496120E3867FD75AE5D4EAD6E618E7A)
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Servicio de red') (MD5: 1496120E3867FD75AE5D4EAD6E618E7A)
O8 - Extra context menu item: Descargar con IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Guardar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
O8 - Extra context menu item: Mostrar Barra de Herramientas - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
O8 - Extra context menu item: Personalizar Menú - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Rellenar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
O8 - Extra context menu item: Descargar con IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm (User 'reddi')
O8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm (User 'reddi')
O8 - Extra context menu item: Guardar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html (User 'reddi')
O8 - Extra context menu item: Mostrar Barra de Herramientas - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html (User 'reddi')
O8 - Extra context menu item: Personalizar Menú - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html (User 'reddi')
O8 - Extra context menu item: Rellenar Formularios - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html (User 'reddi')
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKLM)
O9 - Extra button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (MD5: E2B4298571EB32D776D837AE4874E036) (HKLM)
O9 - Extra button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (MD5: E2B4298571EB32D776D837AE4874E036) (HKLM)
O9 - Extra button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (MD5: E2B4298571EB32D776D837AE4874E036) (HKLM)
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKLM x86)
O9 - Extra button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (MD5: 64D6737BD97299D8C15470B99028BE63) (HKLM x86)
O9 - Extra button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (MD5: 64D6737BD97299D8C15470B99028BE63) (HKLM x86)
O9 - Extra button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (MD5: 64D6737BD97299D8C15470B99028BE63) (HKLM x86)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (MD5: 7FC19DA1DC70C78D2FBD7A1D10942051) (HKLM x86)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics (x86)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6c4facbf-f579-41a3-ac96-cb56d45518ea}: NameServer = 156.154.71.1,156.154.70.1,192.168.0.254
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - (no file)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (MD5: 4C768278E413976BB689F17EBEAD1E9F)
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (MD5: 4C768278E413976BB689F17EBEAD1E9F)
O20 - Winlogon Notify: LBTWLGN - C:\PROGRAM FILES\COMMON FILES\LOGISHRD\BLUETOOTH\LBTWLGN.DLL (MD5: E3AE34B35E5F76B67D6B4683170C936F)
O20 - Winlogon Notify (x86): SDWINLOGON - SDWINLOGON.DLL (file missing)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
O21 - SSODL (x86): WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

Información Adicional:
----------------------
Acceso Rapido ('CaroL'): FlashFXP 5.lnk = C:\Program Files (x86)\FlashFXP 5\FlashFXP.exe (MD5: B267622233BD5962B42382354B7864CA)
Acceso Rapido ('CaroL'): Glary Utilities 5.lnk = C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (MD5: 686D619A21552885FED1A5BB40D7DA5A)
Acceso Rapido ('CaroL'): ImgBurn.lnk = C:\Program Files (x86)\ImgBurn\ImgBurn.exe (MD5: 4776C25E4FFDA40783DF8D31217ED085)
Acceso Rapido ('CaroL'): Opera developer.lnk = C:\Program Files (x86)\Opera developer\launcher.exe
Acceso Rapido ('CaroL'): Revo Uninstaller Pro.lnk = C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (MD5: 261ACCF59B2E27B00DAC2CEBD88213C0)
Acceso Rapido ('CaroL'): Shows Desktop.lnk =
Acceso Rapido ('CaroL'): Winamp.lnk = C:\Program Files (x86)\Winamp\winamp.exe (MD5: C8E8F12B364C3A7BA45888FBBC474AAA)
Acceso Rapido ('CaroL'): Window Switcher.lnk =
Acceso Rapido ('CaroL'): Wondershare Video Converter Ultimate.lnk = C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe (MD5: 74CEA1D52264CFBC3A1C210CB4D1EB76)
Acceso Rapido ('CaroL'): Xilisoft Video Convertidor Ultimate.lnk = C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe (MD5: 594DBC7994867FEE9337B94B166F9C6C)
Acceso Rapido ('CaroL'): µTorrent.lnk = C:\Users\CaroL\AppData\Roaming\uTorrent\uTorrent.exe (MD5: 87B98E8837E450291E6B572D100DCF08)
Acceso Rapido ('reddi'): Revo Uninstaller Pro.lnk = C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (MD5: 261ACCF59B2E27B00DAC2CEBD88213C0)
Acceso Rapido ('reddi'): Shows Desktop.lnk =
Acceso Rapido ('reddi'): Window Switcher.lnk =
Tarea Programada: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
Tarea Programada: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 2f1e6b83-6429-439e-87b7-14d50b3766f1.job
Tarea Programada: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 88373351-c13a-465b-a5a0-19913ff6df89.job

Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (MD5: 98E06CAC2C508118450095E581202230)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (MD5: 5D6B8AF62DDD8F1AFE50B26D53D58B14)
O23 - Service: IDMWFP - Tonec Inc. - C:\WINDOWS\system32\DRIVERS\idmwfp.sys (MD5: 025868A34E359A5F49D2324C0B14D537)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - Unknown owner - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvC (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - Unknown owner - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (MD5: B4337BA6754438CD2699D8A17DD8A359)
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (MD5: 30696A220D11270F4FC65C2D74CEE4D1)

Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (MD5: BABA54B15338F60EC1C40D30E61214D9)
O23 - Service: ampa - Unknown owner - C:\Windows\system32\ampa.sys (MD5: 39B6FAE7DFE1B70034F253AB0BB96E2F)
O23 - Service: @oem61.inf,%asmthub3_ServiceDescription%;ASMedia USB3.1 Hub Service (asmthub3) - ASMedia Technology Inc - C:\WINDOWS\System32\drivers\asmthub3.sys (MD5: 7EDE010DF1A36BB32833D112EA609F60)
O23 - Service: @oem58.inf,%asmtxhci_ServiceDescription%;ASMedia XHCI Service (asmtxhci) - ASMedia Technology Inc - C:\WINDOWS\system32\DRIVERS\asmtxhci.sys (MD5: 2400ED65F4E0A521399027C9C7EF7012)
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper\ABService.exe (MD5: CD676444FEB9CAD3482E76AC597751D9)
O23 - Service: @bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service (bcmfn) - Windows (R) Win 7 DDK provider - C:\WINDOWS\System32\drivers\bcmfn.sys (MD5: 3F5523DCEFE42B385659C5CB46A6B810)
O23 - Service: @bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service (bcmfn2) - Windows (R) Win 7 DDK provider - C:\WINDOWS\System32\drivers\bcmfn2.sys (MD5: 0B750A6A6D847E73CA48ADD7A0F5A393)
O23 - Service: cht4iscsi - Chelsio Communications - C:\WINDOWS\SYSTEM32\drivers\cht4sx64.sys (MD5: 0AED948DA8D5F08B3D6F12E4E2089736)
O23 - Service: @cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver (cht4vbd) - Chelsio Communications - C:\WINDOWS\System32\drivers\cht4vx64.sys (MD5: 0002A0FDE087C1657AB31CE73077539C)
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (MD5: BAD660E618C27E60018949C01905D470)
O23 - Service: @oem44.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus (dtlitescsibus) - Disc Soft Ltd - C:\WINDOWS\System32\drivers\dtlitescsibus.sys (MD5: 679FF716052109392D870F6A6C4A3535)
O23 - Service: @oem45.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus (dtliteusbbus) - Disc Soft Ltd - C:\WINDOWS\System32\drivers\dtliteusbbus.sys (MD5: E23FDD696839A4790682CA66C48D3F2F)
O23 - Service: @iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver (iagpio) - Intel(R) Corporation - C:\WINDOWS\System32\drivers\iagpio.sys (MD5: C6B8743B213F06AA60943D8366FE968F)
*O23 - Service: @iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller (iai2c) - Intel(R) Corporation - C:\WINDOWS\System32\drivers\iai2c.sys (MD5: 9A2A2F3C69B9A30B6E78536F6D258BAD)
O23 - Service: @iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2 (iaLPSS2i_GPIO2) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys (MD5: 5A0E850F8CD17791A3E6A3CF81D0CA28)
O23 - Service: @iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2 (iaLPSS2i_I2C) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys (MD5: 7508F1096803385D6376BFD0BD473AC4)
O23 - Service: @ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver (iaLPSSi_GPIO) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (MD5: 16A10CCEDCF5AC4CAAE43DC9FC40392F)
O23 - Service: @ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver (iaLPSSi_I2C) - Intel Corporation - C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys (MD5: EB82A11613326691508D9ED9A4FE29E7)
O23 - Service: @mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver) (ibbus) - Mellanox - C:\WINDOWS\System32\drivers\ibbus.sys (MD5: 3BA03F7C7700DDF4C383DDE9252F5817)
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\system32\drivers\RTKVHD64.sys (MD5: 00D0BAD638E321E12A0A1F0D0CFF96B6)
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe (MD5: B452921B85EEF6FD43C25DE373FF5C48)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe (MD5: 20EE2F2ADCF8DBD091E931593F5AC268)
O23 - Service: @oem15.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF USB Filter (LEqdUsb) - Logitech, Inc. - C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys (MD5: EAB70270BDDCFEF56FCC7425C2D9883D)
O23 - Service: @oem16.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF HID Filter (LHidEqd) - Logitech, Inc. - C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys (MD5: 5EBB7C1FC685D45A1D3D8B2B9A656E48)
O23 - Service: @oem18.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver (LHidFilt) - Logitech, Inc. - C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (MD5: AFDFA4A6B0F7B15AA38E494FD4595741)
O23 - Service: @oem21.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver (LMouFilt) - Logitech, Inc. - C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (MD5: C3E82B320F34C97F32B8026F4C249BEF)
O23 - Service: @oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface (MEIx64) - Intel Corporation - C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys (MD5: 8EC6459491D8508BBA5E3CEC5C930914)
O23 - Service: @mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator (mlx4_bus) - Mellanox - C:\WINDOWS\System32\drivers\mlx4_bus.sys (MD5: FD60818B66B2E8A5415EA840E99A9D8F)
O23 - Service: @oem22.inf,%mv91cons.SVCDESC%;Marvell 91xx Config Device Driver (mv91cons) - Marvell Semiconductor Inc. - C:\WINDOWS\System32\drivers\mv91cons.sys (MD5: BC1C7A9F289C2E119B8E1DB30C4C7393)
O23 - Service: @mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service (ndfltr) - Mellanox - C:\WINDOWS\System32\drivers\ndfltr.sys (MD5: 629CB21AC49C8867E0F29DF1C16DB7B4)
O23 - Service: Network Adapter Wdf Class Extension Library (NetAdapterCx) - Unknown owner - C:\WINDOWS\SYSTEM32\drivers\NetAdapterCx.sys (MD5: 6C76780A01FC2B885BD6E957B5C36B02)
O23 - Service: @oem60.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver (NVHDA) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvhda64v.sys (MD5: 4938CCA6E12A7FDA5324FFF0DF5DB8EC)
O23 - Service: nvlddmkm - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d81f3535ced17c6\nvlddmkm.sys (MD5: E39CA5C6B78F77982C368BED0D219841)
O23 - Service: @oem59.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM) (nvvad_WaveExtensible) - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvvad64v.sys (MD5: 635E379EFEE0AADDCB2A5C00247D13A5)
O23 - Service: @oem61.inf,%ServiceDesc%;NVVHCI Enumerator Service (nvvhci) - NVIDIA Corporation - C:\WINDOWS\System32\drivers\nvvhci.sys (MD5: 842E1AB0A53CEDE011F71C4E4DCC9871)
O23 - Service: Revoflt - VS Revo Group - C:\WINDOWS\SYSTEM32\DRIVERS\revoflt.sys (MD5: 498C3D4D44382A96812A0E0FF28D575B)
O23 - Service: @oem64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver (rt640x64) - Realtek - C:\WINDOWS\System32\drivers\rt640x64.sys (MD5: 5E912FAEB14D16E345FBAB6B1966409D)
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (MD5: FDEF8DC6871B96BBBD39A648994F60D1)
O23 - Service: @oem43.inf,%Serial.SVCDESC%;Prolific Serial port WDF driver (Ser2pl) - Prolific Technology Inc. - C:\WINDOWS\system32\DRIVERS\ser2pl64.sys (MD5: 81C4472F297BABE08CEA3A5E3CB3E5B4)
O23 - Service: TeraCopy Service (TeraCopyService) - Code Sector - C:\Program Files\TeraCopy\TeraCopyService.exe (MD5: 522FEC52E6CB6C72AD2BD962201B9CB6)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (MD5: C390F6F13C90413ABB02F85714F35DF2)
O23 - Service: VClone - Elaborate Bytes AG - C:\WINDOWS\System32\drivers\VClone.sys (MD5: F257A2737280F0076EAE3AB489C06474)
O23 - Service: @mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service (WinMad) - Mellanox - C:\WINDOWS\System32\drivers\winmad.sys (MD5: F95DE20312ACCA7761446DE152BD1F7C)
O23 - Service: @mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service (WinVerbs) - Mellanox - C:\WINDOWS\System32\drivers\winverbs.sys (MD5: 8B9AFF5F08E66A6F1F1063DEC9457FB6)

Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: UnlockerDriver5 - Unknown owner - C:\Program Files\Unlocker\UnlockerDriver5.sys (MD5: 9DC07E73A4ABB9ACF692113B36A5009F)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe (MD5: 5B3148291D750B03CD812DB79BD666AF)

53 Servicios.
7 de Carga Automatica.
44 de Carga Manual.
2 Deshabilitados.

Listado de Programas Instalados:
--------------------------------
Paquete de controladores de Windows - DexCom, Inc. (usbser) Ports (05/24/2010 1.0.0.2) -> C:\PROGRA~1\DIFX\4A7292F75FEBBD3C\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\dexcomvcpdriver.inf_amd64_43509da393e98410\dexcomvcpdriver.inf
CCleaner -> "C:\Program Files\CCleaner\uninst.exe"
COMODO Firewall -> "C:\Program Files\COMODO\COMODO Internet Security\cmdinstall.exe" -type local -uninstall -theme lycia -log
Instalación de DivX -> C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
IrfanView 4.44 (64-bit) -> "C:\Program Files\IrfanView\iv_uninstall.exe"
Mozilla Firefox 52.0.2 (x64 es-ES) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Pale Moon 27.1.2 (x64 en-US) -> "C:\Program Files\Pale Moon\uninstall\helper.exe"
Logitech SetPoint 6.67 -> C:\Program Files\Common Files\LogiShrd\sp6_Uninstall\setup.exe
TeraCopy version 3.0.8 -> "C:\Program Files\TeraCopy\unins000.exe"
Unlocker 1.9.2 -> C:\Program Files\Unlocker\uninst.exe
Vulkan Run Time Libraries 1.0.42.1 -> C:\Program Files (x86)\VulkanRT\1.0.42.1\UninstallVulkanRT.exe
WinRAR 5.40 (64-bit) -> C:\Program Files\WinRAR\uninstall.exe
Canon MG5600 series MP Drivers -> "C:\Program Files\CanonBJ\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series\DELDRV64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series /L0x000a
Windows 10 Update and Privacy Settings -> MsiExec.exe /X{4DFCD818-036A-4229-A67D-CF17DC461D92}
diasend® Uploader version 2.4.0_BuildR2e02 -> "C:\Program Files\diasend(R) Uploader\unins000.exe"
Revo Uninstaller Pro 3.1.9 -> "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"
DriversCloud.com (64 bits) -> MsiExec.exe /X{900A0E96-0841-444C-A009-B1D214EFD3EF}
COMODO Firewall -> MsiExec.exe /I{A1E718A7-BB83-41B8-BA96-BC219C322B8E}
PDF-Viewer -> "C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
NVIDIA Controlador de gráficos 382.53 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Controlador de la controladora 3D Vision 369.04 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Software del sistema PhysX 9.17.0329 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Controlador de audio HD 1.3.34.27 -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
SUPERAntiSpyware -> "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
calibre 64bit -> MsiExec.exe /I{D7D0A0C9-6728-4FA3-B611-04FFDB739F97}
Adobe Flash Player 25 NPAPI -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_Plugin.exe -maintain plugin
Adobe Flash Player 26 PPAPI -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe -maintain pepperplugin
RoboForm 7-9-27-7 (All Users) -> "C:\Program Files (x86)\Siber Systems\AI RoboForm\rfwipeout.exe"
AIDA64 Engineer v5.75 -> "C:\Program Files (x86)\FinalWire\AIDA64 Engineer\unins000.exe"
AOMEI Partition Assistant Server Edition 6.2.0 -> "C:\Program Files (x86)\AOMEI Partition Assistant Server Edition 6.2.0\unins000.exe"
Canon MG5600 series On-screen Manual -> C:\Program Files (x86)\Canon\IJ Manual\Canon MG5600 series\uninstall.exe
Canon My Printer -> "C:\Program Files\Canon\MyPrinter\uninst.exe" /UninstallRemove C:\Program Files\Canon\MyPrinter\uninst.ini
Canon Quick Menu -> "C:\Program Files (x86)\Canon\Quick Menu\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Quick Menu\uninst.ini
Canon IJ Scan Utility -> "C:\Program Files (x86)\Canon\IJ Scan Utility\MAINT.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Scan Utility\uninst.ini
Internet Security Essentials -> C:\ProgramData\COMODO\ISE\Installer\isestart.exe
Copernic Desktop Search 5 -> C:\Windows\SysWOW64\msiexec.exe /i {3BCBE675-244D-4330-B19F-F2E956F64A5A}
Canon Easy-WebPrint EX -> "C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.ini
EZ eMail Backup 2.0 -> "C:\Program Files (x86)\EZ eMail Backup\unins000.exe"
FileASSASSIN -> C:\Program Files (x86)\FileASSASSIN\uninst.exe
FlashFXP 5 -> "C:\ProgramData\{B6FEFB15-88F3-4275-9857-016151CA3F7F}\FlashFXP5_Setup.exe" REMOVE=TRUE MODIFY=FALSE
Glary Utilities PRO 5.79 -> C:\Program Files (x86)\Glary Utilities 5\uninst.exe
HD Tune Pro 5.60 -> "C:\Program Files (x86)\HD Tune Pro\unins000.exe"
herdProtect Anti-Malware Scanner -> "C:\Program Files\Reason\herdProtect\Scanner\uninstall.exe"
ImgBurn -> "C:\Program Files (x86)\ImgBurn\uninstall.exe"
Internet Download Manager -> C:\Program Files (x86)\Internet Download Manager\Uninstall.exe
Malwarebytes Anti-Malware versión 2.2.1.1043 -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
MKVToolNix 12.0.0 (64bit) -> C:\Program Files\MKVToolNix\uninst.exe
Mozilla Firefox 52.1.2 ESR (x86 es-ES) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Opera 12.16 -> "C:\Program Files (x86)\Opera\Opera.exe" /uninstall
Opera developer 48.0.2643.0 -> "C:\Program Files\Opera developer\Launcher.exe" /uninstall
Registro de usuario de Canon MG5600 series -> C:\Program Files (x86)\Canon\IJEREG\MG5600 series\UNINST.EXE
SeaTools for Windows 1.4.0.4 -> C:\Program Files (x86)\Seagate\SeaTools for Windows\uninst.exe
SpywareBlaster 5.5 -> "C:\Program Files (x86)\SpywareBlaster\unins000.exe"
UltraISO Premium V9.66 -> "C:\Program Files (x86)\UltraISO\unins000.exe"
VirtualCloneDrive -> "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive"
VLC media player -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Winamp -> "C:\Program Files (x86)\Winamp\UninstWA.exe"
Wondershare Video Converter Ultimate(Build 8.8.0.3) -> "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\unins000.exe" /WAF
Wondershare Video Editor(Build 5.1.2) -> "C:\Program Files (x86)\Wondershare\Video Editor\unins000.exe"
Xilisoft Video Convertidor Ultimate -> C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\Uninstall.exe
Microsoft XNA Framework Redistributable 4.0 -> MsiExec.exe /I{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
TomTom HOME -> MsiExec.exe /I{30E6FC43-C31F-4968-9A06-AA38E3C3CF73}
adsl TV -> "C:\Program Files (x86)\adslTV\Uninstall.exe" "C:\Program Files (x86)\adslTV\Uninstall.log" -u
WPTx64 -> MsiExec.exe /I{3F61608E-AB68-04B1-82FF-95799F5D01CA}
Spybot Anti-Beacon -> "C:\Program Files (x86)\Spybot Anti-Beacon\unins000.exe"
GetDataBack for NTFS -> "C:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\Uninstall.exe" "C:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\install.log" -u
WPT Redistributables -> MsiExec.exe /I{6704BD92-2F42-FE2F-AF4E-5C9D6666C75E}
Lyrics Plugin for Winamp -> MsiExec.exe /I{75E9A522-65D2-4200-A95F-C3EF89703263}
Kits Configuration Installer -> MsiExec.exe /I{76825BA0-C536-C284-BAA1-9DB7A2D30D54}
VC80CRTRedist - 8.0.50727.6195 -> MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
Windows SDK EULA -> MsiExec.exe /I{962DFBFC-9157-9726-25D8-A2668B066F47}
Google Earth -> MsiExec.exe /I{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}
AOMEI Backupper Technician Plus -> "C:\Program Files (x86)\AOMEI Backupper\unins000.exe"
Spybot - Search & Destroy -> "C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe"
Asmedia ASM106x SATA Host Controller Driver -> MsiExec.exe /X{DF6C3726-7E53-4772-9763-E9F147769F51}
Asmedia USB Host Controller Driver -> MsiExec.exe /X{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
Realtek High Definition Audio Driver -> "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -runfromtemp -removeonly
Windows Software Development Kit - Windows 10.0.14393.33 -> "C:\ProgramData\Package Cache\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}\sdksetup.exe" /uninstall
HDD Guardian 0.7.1 -> "C:\Program Files (x86)\HDD Guardian\Uninstall.exe"
Registry Help Pro -> C:\Users\CaroL\AppData\Local\Registry Help Pro\uninstall.exe
µTorrent -> "C:\Users\CaroL\AppData\Roaming\uTorrent\uTorrent.exe" /UNINSTALL
Adjuntos
nvidia.display.png
(51.21 KiB) Descargado 1132 veces

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Vuelve pagina web dice que todo se va a bloquear si no pago

Mensaje por msc hotline sat » 13 Jul 2017, 09:09

Pues el fichero en cuestión lo tienes en uso:

C:\WINDOWS\SYSTEM32\NVDISPLAY.CONTAINER.EXE

si tras aparcarlo ya no sale la dichosa pantalla, mejor que mejor.

Si tienes novedades, dinoslas.

saludos

ms, 13-7-2017

jtres
Mensajes: 22
Registrado: 24 Mar 2007, 09:02
Ubicación: Paris

Re: Vuelve pagina web dice que todo se va a bloquear si no pago

Mensaje por jtres » 14 Jul 2017, 03:06

Hola saludos; pues nada, ahí sigo con la dichosa pagina de marras. Mientras salia dicha pagina hize un netstat y esto fue lo que dio:
c) 2016 Microsoft Corporation. Todos los derechos reservados.
C:\Windows\system32>netstat
Conexiones activas
Proto Dirección local Dirección remota Estado
TCP 127.0.0.1:50019 license:50020 ESTABLISHED
TCP 127.0.0.1:50020 license:50019 ESTABLISHED
TCP 192.168.0.6:5357 192.168.0.2:57421 TIME_WAIT
TCP 192.168.0.6:5357 192.168.0.2:57423 TIME_WAIT
TCP 192.168.0.6:50030 download:https TIME_WAIT
TCP 192.168.0.6:50032 104.16.60.31:https TIME_WAIT
TCP 192.168.0.6:50034 download:https TIME_WAIT
TCP 192.168.0.6:50035 62.115.249.139:http ESTABLISHED
TCP 192.168.0.6:50036 static:https TIME_WAIT
TCP 192.168.0.6:50038 wo-in-f102:http ESTABLISHED
TCP 192.168.0.6:50039 wo-in-f102:http ESTABLISHED
TCP 192.168.0.6:50040 wo-in-f102:http TIME_WAIT
TCP 192.168.0.6:50041 wo-in-f102:http TIME_WAIT
TCP 192.168.0.6:50042 104.27.142.161:https ESTABLISHED
TCP 192.168.0.6:50049 ec2-54-69-227-52:https TIME_WAIT
TCP 192.168.0.6:50053 93.184.220.29:http ESTABLISHED
TCP 192.168.0.6:50054 server-54-230-128-40:https TIME_WAIT
Algunas direcciones apuntan a servidores de amazonas y hata ahí llegué. ¿No hay manera de bloquear una página web indeseable?
Una vez deshabilitada la conexion internet y vuelta a conectar la misma página sale varias veces activa incluso sin conexion hasta que se convierte en una pagina no existente. Adjunto lo que me da:
Primero da esto:
1webfake.jpg
y finalmente se queda en esto teniendo conexion internet;
2webfake.jpg
(47.17 KiB) Descargado 1562 veces
Saludos y Buenas noches

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Vuelve pagina web dice que todo se va a bloquear si no pago

Mensaje por msc hotline sat » 15 Jul 2017, 09:46

Si quieres impedir el acceso a una pagina web, edita el HOSTS y escribe una linea indicando primero el LOCAL HOST (127.0.0.1) y tras ello el nombre o dirección de la pagina que quieras impedir el acceso.

Saludos

ms, 15-7-2017

jtres
Mensajes: 22
Registrado: 24 Mar 2007, 09:02
Ubicación: Paris

Re: Vuelve pagina web dice que todo se va a bloquear si no pago

Mensaje por jtres » 19 Jul 2017, 19:34

Hola, un saludo; mirando y buscando me di cuenta que casi todos los antivirus, por lo menos los de pago, tienen su anti ramsomware. Yo tenía una licencia de avira que no usaba porque no me gustó los cambios que hicieron, aunque me parece que algo ha cambiado, aunque aún sigue quitándote todo lo que no le gusta sin preguntarte si estás de acuerdo o no, estilo el defender. Total que lo instalé; tambien puse en el hosts la direccion de la maldita pagina web y ya sea por uno u otro o, ambos, lo cierto es que no me ha vuelto a salir cuando antes era varias veces al día. Toco madera y si os parece bien cerramos el tema. M Gracias

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Vuelve pagina web dice que todo se va a bloquear si no pago

Mensaje por msc hotline sat » 19 Jul 2017, 21:50

Pues felicidades !

Sea por el antivirus o por su buena idea de bloquear el acceso a la pagina maldita, la cuestión es que ha logrado evitar el acceso a la misma y asi evitar el desagradable pantallazo ...

En consecuencia damos por solucionado el Tema y procedemos a cerrarlo

Saludos

ms, 19-7-2017

Cerrado

Volver a “Foro Virus - Cuentanos tu problema”