Ayuda con Malware no identificado

Cerrado
chlp<
Mensajes: 4
Registrado: 15 Dic 2017, 14:59

Ayuda con Malware no identificado

Mensaje por chlp< » 15 Dic 2017, 15:10

Hola! en mi laptop con Win 7 Home 64 bits y antivirus AVG free, he detectado lo que creo que es un malware cuyo sintomas mas evidentes son:
- Windows Update ha dejado de funcionar y no se puede correr manualmente (Mensaje de error: El servicio Update no esta corriendo)- El cuadro de error luce algo raro pues deriva a una fuente de software gratuito no identificada(???)

- En Panel de control - Administrador de credenciales, aparece una credencial para: virtualapp/didlogic (Normalmente asociada a productos Windows Live QUE NO TENGO).
- Al instalar, con la PC booteada en modo seguro y desde Pendrive, un Malwarebytes 3.3 bajado en otra maquina, no se activan los servicos de protección y al activarlos manualmente instantaneamente se deshabilitan.

Tareas hechas:

1. Borrar credencial desconocida (que reaparece en cada reinicio)
2. Desde modo seguro:
- Correr Rkill
- Correr Malwarebytes (no detecta nada significativo)
- Usar ESET ONLINE y PANDA ONLINE (detectaron programas potencialmente no deseados, pero nada mas)

3. Correr la Herramienta de eliminacion de software malintencionado de Windows. No detecta nada
4. En modo seguro y desde CMD como Administrador: Usar sfc/scanfile - C:\windows\system32\services.exe para tratar de recuperar el servicio update- Resultado: No se registran incoherencias (o parecido!)-


Ya no se que hacer, el update no funciona, la credencial falsa sigue apareciendo y buscando en la web hay comentarios sobre que seria un "keylogger". AGRADECERE CUALQUIER AYUDA. Gracias

Avatar de Usuario
flacoroo
Mensajes: 6289
Registrado: 09 Mar 2004, 20:32
Ubicación: Paso del Macho,Ver.México

Re: Ayuda con Malware no identificado

Mensaje por flacoroo » 15 Dic 2017, 16:35

Elistara
Entra al siguiente link, baja el programa, reinicia a modo seguro y lo ejecutas y pegas el resultado creado en C:infosat.txt

ElistarA

Sproces
Y en caso de que sigas con tu problema, baja este programa, lo ejecutas y nos pegas el resultado de log que se crea en C:

Sproces

Adwcleaner
Al igual bájate esta herramienta adwcleaner ,
reinicias en modo seguro tu computadora, lo ejecutas, escaneas y después le das limpiar, después nos pegas su log.
Como lo ejecutarás en windows 7 ó 8.1 dale click derecho del mouse para que lo instales como Administrador.


nos envias los resultados
:lol: :lol: La vida es hermosa....para que complicarnosla :lol: :lol:

chlp<
Mensajes: 4
Registrado: 15 Dic 2017, 14:59

Re: Ayuda con Malware no identificado

Mensaje por chlp< » 15 Dic 2017, 18:07

Muchas gracias. voy con ello.
ahora: El SProces dice que es para Win XP. ¿Funcionaa en Win 7 64 bits?

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda con Malware no identificado

Mensaje por msc hotline sat » 15 Dic 2017, 19:37

Sí, claro.

Ejecutalo y pulsa en SALIR (abajo a la izquierda)

Tras ello te dirá que crea un informe en C:\sproclog.txt

Abre dicho fichero y con un Copiar y Pegar posteanoslo como respuesta de este Tema

Tras analizarlo te informaremos al respecto

saludos

ms, 15-12-2017

chlp<
Mensajes: 4
Registrado: 15 Dic 2017, 14:59

Re: Ayuda con Malware no identificado

Mensaje por chlp< » 15 Dic 2017, 21:48

Hola! Adjunto los reportes:
(15-12-2017 18:18:42 (GMT))
EliStartPage v38.05 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 14 de Diciembre del 2017)
--------------------------------------------------
Sistema Operativo: Windows 7 Home Premium (6.1.0) (64 bits)
Usuario: Lopez
ID de Usuario: S-1-5-21-1620811930-282272521-4057767181-1001
Cadenas Víricas: 34024

Lista de Acciones (por Acción Directa):
Entrada Eliminada [HKLM\...\Run] "IGFXTRAY"="C:\Windows\system32\igfxtray.exe"
Eliminada Carpeta "C:\WINDOWS\SysWOW64\Adobe"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE

(15-12-2017 18:18:46 (GMT))
EliStartPage v38.05 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 14 de Diciembre del 2017)
--------------------------------------------------
Sistema Operativo: Windows 7 Home Premium (6.1.0) (64 bits)
Usuario: TEMP.CHLPZ.001
ID de Usuario: S-1-5-21-1620811930-282272521-4057767181-1001.bak
Cadenas Víricas: 34024

Lista de Acciones (por Acción Directa):
Error de Acceso a las Rutas del Usuario.

(15-12-2017 18:18:48 (GMT))
EliStartPage v38.05 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 14 de Diciembre del 2017)
--------------------------------------------------
Sistema Operativo: Windows 7 Home Premium (6.1.0) (64 bits)
Usuario: HomeGroupUser$
ID de Usuario: S-1-5-21-1620811930-282272521-4057767181-1002
Cadenas Víricas: 34024

Lista de Acciones (por Acción Directa):
Error de Acceso a las Rutas del Usuario.

(15-12-2017 18:18:50 (GMT))
EliStartPage v38.05 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 14 de Diciembre del 2017)
--------------------------------------------------
Sistema Operativo: Windows 7 Home Premium (6.1.0) (64 bits)
Usuario: prueba
ID de Usuario: S-1-5-21-1620811930-282272521-4057767181-1003.bak
Cadenas Víricas: 34024

Lista de Acciones (por Acción Directa):
Error de Acceso a las Rutas del Usuario.

(15-12-2017 18:19:02 (GMT))
EliStartPage v38.05 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 14 de Diciembre del 2017)
--------------------------------------------------
Sistema Operativo: Windows 7 Home Premium (6.1.0) (64 bits)
Usuario: chlpz
ID de Usuario: S-1-5-21-1620811930-282272521-4057767181-1004
Cadenas Víricas: 34024

Lista de Acciones (por Acción Directa):
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE

(15-12-2017 18:52:52 (GMT))
EliStartPage v38.05 (c)2017 S.G.H. / Satinfo S.L. (Actualizado el 14 de Diciembre del 2017)
--------------------------------------------------
Sistema Operativo: Windows 7 Home Premium (6.1.0) (64 bits)
Usuario: chlpz
ID de Usuario: S-1-5-21-1620811930-282272521-4057767181-1004
Cadenas Víricas: 34024

Lista de Acciones (por Exploración):
Explorando "C:\"
C:\Users\Lopez\Downloads\ANTIMALWARE\AT-DESTROYER.EXE --> Eliminado, Autoit.QZ
C:\Windows\winsxs\x86_netfx-vb_compiler_b03f5f7f11d50a3a_6.1.7601.17514_none_144b6bd462e4a41b\VBC.EXE --> Eliminado, Keylogger.Fynloski
C:\_AT-Destroyer\PROGRAM.EXE --> Eliminado, Autoit.QZ

Nº Total de Directorios: 53704
Nº Total de Ficheros: 303163
Nº de Ficheros Analizados: 65881
Nº de Ficheros Infectados: 3
Nº de Ficheros Eliminados: 3



(15-12-2017 20:26:49 GMT)
SProces v9.1 (c)2017 S.G.H. / Satinfo S.L.
-------------------------------------------
Sistema Operativo: Windows 7 Home Premium (v6.1) (64 bits)
Internet Explorer: (v11.0.9600.18860) 0
Equipo: CHLPZ
Usuario: Lopez
Sesión de Usuario: Lopez

24 Procesos Activos:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WININIT.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\MBAMSERVICE.EXE
C:\WINDOWS\SYSTEM32\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\CTFMON.EXE
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMTRAY.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\WINDOWS\SYSTEM32\FIREFOX.EXE
C:\WINDOWS\SYSTEM32\NOTEPAD.EXE
C:\USERS\LOPEZ\DOWNLOADS\ANTIMALWARE\SPROCES.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R0 - HKUS\S-1-5-21-1620811930-282272521-4057767181-1001.bak\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/10 (User 'TEMP.CHLPZ.001')
R0 - HKUS\S-1-5-21-1620811930-282272521-4057767181-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/10 (User 'HomeGroupUser$')
R0 - HKUS\S-1-5-21-1620811930-282272521-4057767181-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank (User 'chlpz')
R0 - HKUS\S-1-5-21-1620811930-282272521-4057767181-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch (User 'chlpz')
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080 (0)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (MD5: 64B319C7EE41A810AE0B9F99D245054E)
O2 - BHO (x86): Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (MD5: BCE68A54F32B325CD447BA0CD02913D4)
O2 - BHO (x86): AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll (MD5: C0B0D0D3B0A8E8B72F5D6BF6AD66AC52)
O2 - BHO (x86): Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (MD5: C27EA8739BB803CC431273C4AA707310)
O2 - BHO (x86): HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (MD5: DA6508624E8D18F6289534224DB1FF94)
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Lopez\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart (MD5: B0907585E33BD7F50C45834B4BBEAFF5)
O4 - HKUS\S-1-5-21-1620811930-282272521-4057767181-1001.bak\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'TEMP.CHLPZ.001')
O4 - HKUS\S-1-5-21-1620811930-282272521-4057767181-1001.bak\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'TEMP.CHLPZ.001') (MD5: 0FA760BF380B08D0B67B5507CD8B32AA)
O4 - HKUS\S-1-5-21-1620811930-282272521-4057767181-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'HomeGroupUser$')
O4 - HKUS\S-1-5-21-1620811930-282272521-4057767181-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'HomeGroupUser$') (MD5: 0FA760BF380B08D0B67B5507CD8B32AA)
O4 - HKUS\S-1-5-21-1620811930-282272521-4057767181-1004\..\Run: [Spotify Web Helper] "C:\Users\chlpz\AppData\Roaming\Spotify\SpotifyWebHelper.exe" (User 'chlpz') (MD5: 243F49E6B1AA97E01876020E17BDB4A9)
O4 - HKUS\S-1-5-21-1620811930-282272521-4057767181-1004\..\Run: [Spotify] "C:\Users\chlpz\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized (User 'chlpz') (MD5: 5AC56F5BEBC027169A1588142A8F125A)
O4 - HKUS\S-1-5-21-1620811930-282272521-4057767181-1004\..\Run: [GoogleChromeAutoLaunch_AD0883B39227612780DCA1B1E825CCDB] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 (User 'chlpz') (MD5: F5142340EB8F0808B2956D60AFD4667B)
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (MD5: A2199C8FBBE252614815E5AD62350B17)
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (MD5: 1732B524EBD91399F59B435F1DE7380C)
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe (MD5: 2C5417BB6416714C2A755A6304AC3115)
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw (MD5: 797C37AF88F2D57BC3D9ABE3272B3978)
O4 - HKLM\..\Run: [AVGUI.exe] "C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe" /gui (MD5: 007EF6D77513948A086E401890030638)
O4 - HKLM\..\Wow6432Node\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw (MD5: 797C37AF88F2D57BC3D9ABE3272B3978)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio Local')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local') (MD5: 0FA760BF380B08D0B67B5507CD8B32AA)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red') (MD5: 0FA760BF380B08D0B67B5507CD8B32AA)
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 (User 'chlpz')
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (MD5: E3EE3DAC4C2E7CADBCF00F640996C88B) (HKLM)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (MD5: E3EE3DAC4C2E7CADBCF00F640996C88B) (HKLM x86)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (MD5: FAA2C245179D345FD0CDB9127B926BE2) (HKLM x86)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics (x86)
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - (no file)
O20 - Winlogon Notify: IGFXCUI - IGFXDEV.DLL (MD5: D13AB914796ACA19D55F5A966190834F)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)
O21 - SSODL (x86): WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)

Información Adicional:
----------------------
Acceso Rapido ('Lopez'): Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (MD5: F5142340EB8F0808B2956D60AFD4667B)
Acceso Rapido ('Lopez'): Launch Internet Explorer Browser.lnk = C:\Program Files (x86)\Internet Explorer\iexplore.exe (MD5: 9CA63C9D164E8095AB2E77D7320F1141)
Acceso Rapido ('Lopez'): Microsoft Office Outlook.lnk = C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle
Acceso Rapido ('Lopez'): Mp3tag.lnk = C:\Program Files (x86)\Mp3tag\Mp3tag.exe (MD5: B5EED5E000DDA3610A341EFB422A2B17)
Acceso Rapido ('Lopez'): Shows Desktop.lnk =
Acceso Rapido ('Lopez'): Window Switcher.lnk =
Acceso Rapido ('Lopez'): µTorrent.lnk = C:\Users\Lopez\AppData\Roaming\uTorrent\uTorrent.exe (MD5: F05727A4CFC11DA23E5BC1C4C87C66A6)
Acceso Rapido ('chlpz'): Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (MD5: F5142340EB8F0808B2956D60AFD4667B)
Acceso Rapido ('chlpz'): Microsoft Office Outlook.lnk = C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle
Acceso Rapido ('chlpz'): Shows Desktop.lnk =
Acceso Rapido ('chlpz'): Window Switcher.lnk =
Ext.Google Chrome. ('Lopez') Id: bdlhpbalhdjobabgbacbgclpjjelainj
Ext.Google Chrome. ('Lopez') Id: fdecnmmdccnkogcidionikojplkjfgie
Ext.Google Chrome. ('Lopez') Id: gkojfkhlekighikafcpjkiklfbnlmeio
Ext.Google Chrome. ('Lopez') Id: lifbcibllhkdhoafpjfnlhfpfgnpldfl
Ext.Google Chrome. ('Lopez') Id: nmmhkkegccagdldgiimedpiccmgmieda
Ext.Google Chrome. ('Lopez') Id: pkedcjkdefgpdelpbcmbmeomcjbeemfm
Ext.Google Chrome. ('chlpz') Id: aapocclcgogkmnckokdopfmhonfmgoek
Ext.Google Chrome. ('chlpz') Id: aohghmighlieiainnegkcijnfilokake
Ext.Google Chrome. ('chlpz') Id: apdfllckaahabafndbhieahigkjlhalf
Ext.Google Chrome. ('chlpz') Id: bdlhpbalhdjobabgbacbgclpjjelainj
Ext.Google Chrome. ('chlpz') Id: blpcfgokakmgnkcojhhkbfbldkacnbeo
Ext.Google Chrome. ('chlpz') Id: felcaaldnbdncclmgdcncolpebgiejap
Ext.Google Chrome. ('chlpz') Id: ghbmnnjooekpmoecnnnilnnbdlolhkhi
Ext.Google Chrome. ('chlpz') Id: lifbcibllhkdhoafpjfnlhfpfgnpldfl
Ext.Google Chrome. ('chlpz') Id: nmmhkkegccagdldgiimedpiccmgmieda
Ext.Google Chrome. ('chlpz') Id: pjkljhegncpnkpknbcohdijeoejaedia
Ext.Google Chrome. ('chlpz') Id: pkedcjkdefgpdelpbcmbmeomcjbeemfm
Ext.Google Chrome. ('chlpz') Id: Temp
DataBases Google Chrome. ('chlpz'): Databases.db
DataBases Google Chrome. ('chlpz'): Databases.db-journal
Tarea Programada: C:\WINDOWS\Tasks\0715avUpdateInfo.job
Tarea Programada: C:\WINDOWS\Tasks\HPCeeScheduleForLopez.job

Listado de Servicios (Carga Automatica):
----------------------------------------
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (MD5: 38622FFE9369D3EC01C0097235BD9279)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (MD5: 1FCD1609AD64BA15414E427DDF0E8839)
O23 - Service: avgMonFlt - AVG Technologies CZ, s.r.o. - C:\WINDOWS\SYSTEM32\drivers\avgMonFlt.sys (MD5: FBEA3F858E0560F4A42532C3C9A718E2)
O23 - Service: avgStm - AVG Technologies CZ, s.r.o. - C:\WINDOWS\SYSTEM32\drivers\avgStm.sys (MD5: 928FEC21B44E74DF9D0E6E33A28C4939)
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (MD5: 736A86A433FBDCAE512366F06E853321)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\System32\ezSharedSvcHost.exe (file missing)
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (MD5: DD7423ABBE2913E70D50E9318AD57EE4)
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (MD5: 6A181452D4E240B8ECC7614B9A19BDE9)
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (MD5: 0E0E87820BB4431B176A00FB95B5503F)
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (MD5: 514455F6586473791C5C6B25BA4E1BAB)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (MD5: 7E32BB97B5A18FD522D587540DA730B1)
O23 - Service: HP Touchpoint Analytics (HPTouchpointAnalyticsService) - HP Inc. - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe (MD5: A518BED1AD3F1D777AB5E29417C7A851)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (MD5: 2BEC76BDCD1BC080210325E7B5094834)
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (MD5: E548929868BDFD3FC13B46D99605B764)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (MD5: E79A8E33BD136D14BAE1FA20EB2EF124)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (MD5: D3090576412EC63E0C6271D8B0974D73)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (MD5: D75C4B4A8FE6D7FD74A7EECDBAEC729F)
**O23 - Service: MBAMChameleon - Malwarebytes - C:\WINDOWS\System32\Drivers\MbamChameleon.sys (MD5: 5C3083CDE45F25797F6B4310BF916394)
**O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe (MD5: 734B435E1693386213EEFD4D17A70DEB)
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (MD5: 2FA536882DDAB801A9440EB208725770)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (MD5: FDC3192A7C459D79F89EA6D00C382D5F)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (MD5: 3CAE2BBC86FCF7F94C9696994AF30386)
O23 - Service: PST Service - Motorola - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (MD5: EA735BF6DF13A857A83C99BF27A422AD)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe (MD5: 52F7E8603E888E3DB0A8B3D1804098E9)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe (MD5: 7BF818B11C1FEDC3E76D233124470A30)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (MD5: 758C2CE427C343F780A205E28555C98D)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (MD5: E20FC4FC2F02A37CCE9ACC2ACB9BA668)
O23 - Service: Servicio Xperia Companion (XperiaCompanionService) - Sony - C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe (MD5: 10D841A2E72C01D3B125C934C1D0D2A6)

Listado de Servicios (Carga Manual):
------------------------------------
O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adp94xx.sys (MD5: 2F6B34B83843F0C5118B63AC634F5BF4)
O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpahci.sys (MD5: 597F78224EE9224EA1A13D6350CED962)
O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\drivers\adpu320.sys (MD5: E109549C90F62FB570B9540C4B148E54)
O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\drivers\aliide.sys (MD5: 5812713A477A3AD7363C7438CA2EE038)
O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\drivers\amdsata.sys (MD5: D4121AE6D0C0E7E13AA221AA57EF2D49)
O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\drivers\amdsbs.sys (MD5: F67F933E79241ED32FF46A4F29B5120B)
O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arc.sys (MD5: C484F8CEB1717C540242531DB7845C4E)
O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\drivers\arcsas.sys (MD5: 019AF6924AEFE7839F61C830227FE79C)
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe (MD5: 34E15C2D00C9F55E2A7523006D56AB58)
O23 - Service: avgHwid - AVG Technologies CZ, s.r.o. - C:\WINDOWS\SYSTEM32\drivers\avgHwid.sys (MD5: 73D5C4FD223B0C7B08D6C35B659E7243)
O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\drivers\bxvbda.sys (MD5: 3E5B191307609F7514148C6832BB0842)
O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60a) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60a.sys (MD5: B5ACE6968304A3900EEB1EBFD9622DF2)
O23 - Service: Broadcom 802.11 Network Adapter Driver (BCM43XX) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\bcmwl664.sys (MD5: 9E84A931DBEE0292E38ED672F6293A99)
O23 - Service: Controlador de filtro inferior de almacenamiento USB Brother (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\BrFiltLo.sys (MD5: F09EEE9EDC320B5E1501F749FDE686C8)
O23 - Service: Controlador de filtro superior de almacenamiento USB Brother (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\drivers\BrFiltUp.sys (MD5: B114D3098E9BDB8BEA8B053685831BE6)
O23 - Service: Controlador de interfaz de puerto serie Brother MFC (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys (MD5: 43BEA8D483BF1870F018E2D02E06A5BD)
O23 - Service: Controlador serie WDM de Brother (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys (MD5: A6ECA2151B08A09CACECA35C07F05B42)
O23 - Service: Módem Brother MFC USB sólo Fax (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys (MD5: B79968002C277E869CF38BD22CD61524)
O23 - Service: Controlador WDM de serie USB Brother MFC (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys (MD5: A87528880231C54E75EA7A44943B38BF)
O23 - Service: Perfil AVRCP Bluetooth (BthAvrcp) - CSR, plc - C:\WINDOWS\SYSTEM32\DRIVERS\BthAvrcp.sys (MD5: 832B121E4532919CC49F2438F1DCAA21)
O23 - Service: CyberLink WebCam Virtual Driver (clwvd) - CyberLink Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\clwvd.sys (MD5: A4DC4C58F4B8D798E5F5D59099ADCF8A)
O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\drivers\cmdide.sys (MD5: E19D3F095812725D88F9001985B94EDD)
O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\drivers\evbda.sys (MD5: DC5D737F51BE844D8C82C695EB17372F)
O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\drivers\elxstor.sys (MD5: 0E5DA5369A0FCAEA12456DD852545184)
O23 - Service: USB Device Enhanced Function Driver (gHidPnp) - Unknown owner - C:\WINDOWS\SYSTEM32\Drivers\gHidPnp.Sys (file missing)
O23 - Service: USB Mouse Device Drv (gMouUsb) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\gMouUsb.sys (file missing)
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (MD5: DD7423ABBE2913E70D50E9318AD57EE4)
O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys (MD5: F2523EF6460FC42405B12248338AB2F0)
O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\drivers\HpSAMD.sys (MD5: 39D2ABCD392F3D8A6DCE7B60AE7B8EFC)
O23 - Service: HTC NDIS Protocol Driver (htcnprot) - Windows (R) Win 7 DDK provider - C:\WINDOWS\SYSTEM32\DRIVERS\htcnprot.sys (MD5: B8B1B284362E1D8135112573395D5DA5)
O23 - Service: iaStorV - Intel Corporation - C:\WINDOWS\system32\drivers\iaStorV.sys (MD5: AAAF44DB3BD0B9D1FB6969B23ECC8366)
O23 - Service: igfx - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd64.sys (MD5: 0089B53F1BEFD34B7D8CA4AB021335FA)
O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\drivers\iirsp.sys (MD5: 5C18831C61933628F5BB0EA2675B9D21)
O23 - Service: Sonido Intel(R) para pantallas (IntcDAud) - Intel(R) Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\IntcDAud.sys (MD5: AE594CC17C33AC146739494615E14851)
O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_fc.sys (MD5: 1A93E54EB0ECE102495A51266DCDB6A6)
O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_sas.sys (MD5: 1047184A9FDC8BDBFF857175875EE810)
O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_sas2.sys (MD5: 30F5C0DE1EE8B5BC9306C1F0E4A75F93)
O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\drivers\lsi_scsi.sys (MD5: 0504EACAFF0D3C8AED161C4B0D369D4A)
O23 - Service: MBAMFarflt - Malwarebytes - C:\WINDOWS\SYSTEM32\DRIVERS\farflt.sys (MD5: 20046A5DB1466EBD0DCAEB84D00C5432)
O23 - Service: MBAMProtection - Malwarebytes - C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys (MD5: 29BD0BB2CD7E37B8C248CFA933FBD1F4)
**O23 - Service: MBAMSwissArmy - Malwarebytes - C:\WINDOWS\System32\Drivers\mbamswissarmy.sys (MD5: B047B9CE5A0D800E6D713B43D0405221)
O23 - Service: MBAMWebProtection - Malwarebytes - C:\WINDOWS\SYSTEM32\DRIVERS\mwac.sys (MD5: 8135271183EA7C59BD865873C972159D)
O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\drivers\megasas.sys (MD5: A55805F747C6EDB6A9080D7C633BD0F4)
O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\drivers\MegaSR.sys (MD5: BAF74CE0072480C3B6B7C13B2A94D6B3)
O23 - Service: Intel(R) Management Engine Interface (MEIx64) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\HECIx64.sys (MD5: A6518DCC42F7A6E999BB3BEA8FD87567)
O23 - Service: Mot ADB Interface Driver (motandroidusb) - Motorola - C:\WINDOWS\SYSTEM32\Drivers\motoandroid.sys (MD5: 4BD239A90FAFC80CA91AF2DD644D719A)
O23 - Service: Motorola USB Composite Device Driver (motccgp) - Motorola Mobility Inc - C:\WINDOWS\SYSTEM32\DRIVERS\motccgp.sys (MD5: 12588483F1A69AB2970D36D96B07F71B)
O23 - Service: MotCcgpFlService (motccgpfl) - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\motccgpfl.sys (file missing)
O23 - Service: MotoSwitch Service (MotoSwitchService) - Motorola - C:\WINDOWS\SYSTEM32\DRIVERS\motswch.sys (MD5: 19BC2161C3FCCED802F1BCD9B78C3466)
O23 - Service: Ralink 802.11n Extensible Wireless Driver (netr28x) - MediaTek Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\netr28x.sys (MD5: 8B5CCD0323FFD5E6A472A5FF30A14799)
O23 - Service: RT73 USB Extensible Wireless LAN Card Driver (netr7364) - Ralink Technology, Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\netr7364.sys (MD5: F3A1D8B7317939813568992D1BFDDE37)
O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\drivers\nfrd960.sys (MD5: 77889813BE4D166CDAB78DDBA990DA92)
O23 - Service: NVIDIA nForce Networking Controller Driver (NVENETFD) - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\nvm62x64.sys (MD5: A85B4F2EF3A7304A5399EF0526423040)
O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvraid.sys (MD5: 0A92CB65770442ED0DC44834632F66AD)
O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\drivers\nvstor.sys (MD5: DAB0E87525C10052BF65F06152F37E4A)
O23 - Service: PSKMAD - Panda Security, S.L. - C:\WINDOWS\SYSTEM32\DRIVERS\PSKMAD.sys (MD5: D271C14EE0EEEA27359CD9E14E49F0DE)
O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\drivers\ql2300.sys (MD5: A53A15A11EBFD21077463EE2C7AFEEF0)
O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\drivers\ql40xx.sys (MD5: 4F6D12B51DE1AAEFF7DC58C4D75423C8)
O23 - Service: Realtek PCIE CardReader Driver (RSPCIESTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\RtsPStor.sys (MD5: 6E5C3D18C3BCC72AA527DBC5FA61AB8F)
O23 - Service: Realtek 8167 NT Driver (RTL8167) - Realtek - C:\WINDOWS\SYSTEM32\DRIVERS\Rt64win7.sys (MD5: 9140DB0911DE035FED0A9A77A2D156EA)
O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\drivers\SiSRaid2.sys (MD5: 843CAF1E5FDE1FFD5FF768F23A51E2E1)
O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\drivers\sisraid4.sys (MD5: 6A6C106D42E9FFFF8B9FCB4F754F6DA4)
O23 - Service: SIWIO - Unknown owner - C:\Windows\TEMP\SiwIo.sys (file missing)
O23 - Service: SrvHsfHDA - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTAZL6.SYS (MD5: 0C4540311E11664B245A263E1154CEF8)
O23 - Service: SrvHsfV92 - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTDPV6.SYS (MD5: 02071D207A9858FBE3A48CBFD59C4A04)
O23 - Service: SrvHsfWinac - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\VSTCNXT6.SYS (MD5: 18E40C245DBFAF36FD0134A7EF2DF396)
O23 - Service: SAMSUNG Mobile USB Device 1.0 driver (WDM) (ss_bus) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ss_bus.sys (MD5: D21FF3592DAEE244EE8376830A672B52)
O23 - Service: SAMSUNG Mobile USB Modem 1.0 Filter (ss_mdfl) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ss_mdfl.sys (MD5: 451DB3D10E6112E06B4506D4A7BECEC1)
O23 - Service: SAMSUNG Mobile USB Modem 1.0 Drivers (ss_mdm) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\ss_mdm.sys (MD5: EF40C8A268A5263A0EF48FED8E57CBED)
O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\drivers\stexstor.sys (MD5: F3817967ED533D08327DC73BC4D5542A)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10314 (STHDA) - IDT, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\stwrt64.sys (MD5: EBC1A5E076A9BE314D3D9E8ED19ABB0A)
O23 - Service: SWDUMon - SlimWare Utilities, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\SWDUMon.sys (MD5: 4C2D24EB13F611AC742809A2AAA25BE1)
O23 - Service: Synaptics TouchPad Driver (SynTP) - Synaptics Incorporated - C:\WINDOWS\SYSTEM32\DRIVERS\SynTP.sys (MD5: AC3CC98B1BDB6540021D3FFB105AC2B9)
O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\drivers\viaide.sys (MD5: E5689D93FFE4E5D66C0178761240DD54)
O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\drivers\vsmraid.sys (MD5: 5E2016EA6EBACA03C04FEAC5F330D997)

Listado de Servicios (Deshabilitados):
--------------------------------------
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (MD5: 5D0A6467159A017D3F2222CAE67031B3)
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe (MD5: E07F8E78D08D9269E3365C2A4F637191)
O23 - Service: KingoSoftService - Unknown owner - C:\Users\Lopez\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe "C:\Users\Lopez\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe (file missing)
O23 - Service: vToolbarUpdater40.3.6 - AVG Secure Search - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe (MD5: 8A46AEE1438647F7288106EC11832508)

107 Servicios.
28 de Carga Automatica.
75 de Carga Manual.
4 Deshabilitados.

Listado de Programas Instalados:
--------------------------------
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) -> rundll32.exe C:\PROGRA~1\DIFX\048B92BA3327CEF8\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\grmnusb.inf_amd64_neutral_d77b1dda68556870\grmnusb.inf
CCleaner -> "C:\Program Files\CCleaner\uninst.exe"
doPDF 7.3 printer -> "C:\Program Files\doPDF 7\unins000.exe"
Mozilla Firefox 55.0.3 (x64 es-ES) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Recuva -> "C:\Program Files\Recuva\uninst.exe"
Synaptics TouchPad Driver -> rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Motorola Mobile Drivers Installation 6.4.0 -> MsiExec.exe /X{27986EDD-C9EC-4B52-B92F-06D073F0AA52}
ConvertHelper 3.2 -> "C:\Program Files\ConvertHelper3\unins000.exe"
HP Client Services -> MsiExec.exe /I{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
Malwarebytes versión 3.3.1.2183 -> "C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe" /LOG
calibre 64bit -> MsiExec.exe /I{35E6D951-3B09-4FF3-BE67-EAEC919ADCCF}
FMW 1 -> MsiExec.exe /I{36133E9F-B129-4206-9FB4-13F707787542}
HP Security Assistant -> MsiExec.exe /I{562608FE-2051-4488-BF22-8CE4C03046AC}
HP Launch Box -> MsiExec.exe /I{5A847522-375C-4D05-BD3D-88C450CC047F}
Servicio Xperia Companion -> MsiExec.exe /I{941E0B86-5EC0-43BC-9DA9-9BC596150B4B}
HP Auto -> MsiExec.exe /I{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
HP Touchpoint Analytics Client -> C:\Program Files\HP\HP Touchpoint Analytics Client\TAInstaller.exe --uninstall --ignore-deployers --show-ui
AVG -> MsiExec.exe /I{E61E6143-4937-43FC-8C12-06B8A987484D}
Adobe Flash Player 27 ActiveX -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_159_ActiveX.exe -maintain activex
Adobe Flash Player 27 NPAPI -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_Plugin.exe -maintain plugin
Adobe Shockwave Player 12.2 -> "C:\Windows\SysWOW64\Adobe\Shockwave 12\uninstaller.exe"
Advanced PDF Repair v2.0 -> C:\PROGRA~2\APDFR\UNWISE.EXE C:\PROGRA~2\APDFR\INSTALL.LOG
Any Audio Converter 3.5.6 -> "C:\Program Files (x86)\Any Audio Converter\unins000.exe"
Any Video Converter 5.8.1 -> C:\Program Files (x86)\Anvsoft\Any Video Converter\uninst.exe
Any Video Converter 5 5.0.3 -> "C:\Program Files (x86)\Any Video Converter\unins001.exe"
Any Video Converter 3.5.7 -> "C:\Program Files (x86)\Any Video Converter\unins000.exe"
AVG AntiVirus FREE -> C:\Program Files (x86)\AVG\Setup\avgsetupx.exe /mode=offline /uninstall=bav
AVG Web TuneUp -> C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.exe /PROMPT /UNINSTALL
CDex - Open Source Digital Audio CD Extractor -> C:\Program Files (x86)\CDex\uninstall.exe
EasyBCD 2.2 -> C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\uninstall.exe
PANDA-glGo -> "C:\Program Files (x86)\glGo\uninstall.exe"
Google Chrome -> "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\Installer\setup.exe" --uninstall --system-level --verbose-logging
HiSuite -> C:\Program Files (x86)\HiSuite\uninst.exe
CyberLink YouCam -> "C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall
MozBackup 1.5.1 -> C:\Program Files (x86)\MozBackup\Uninstall.exe
Mozilla Firefox 53.0.2 (x86 es-ES) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mp3tag v2.49 -> C:\Program Files (x86)\Mp3tag\Mp3tagUninstall.EXE
Revo Uninstaller 1.95 -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
S.I.Ap. -> C:\Windows\ST5UNST.EXE -n "C:\Program Files (x86)\S.I.Ap\AFIPST5UNST.LOG"
GPFBP V1400 - R1 -> C:\Windows\ST5UNST.EXE -n "C:\Program Files (x86)\S.I.Ap\AFIP\gpfbpST5UNST.LOG"
GPFBP V1600 - R0 -> C:\Windows\ST5UNST.EXE -n "C:\Program Files (x86)\S.I.Ap\AFIP\gpfbpST5UNST.000"
GPFBP V1800 - R0 -> C:\Windows\ST5UNST.EXE -n "C:\Program Files (x86)\S.I.Ap\AFIP\gpfbpST5UNST.001"
VobSub v2.23 (Remove Only) -> "C:\Program Files (x86)\VobSub\uninstall.exe"
VSFilter 2.41.35 (d08a416) Nightly -> "C:\Program Files (x86)\VSFilter\unins000.exe"
HP Games -> "C:\Program Files (x86)\HP Games\Uninstall.exe"
Virtual Villagers 4 - The Tree of Life -> "C:\Program Files (x86)\HP Games\Virtual Villagers 4 - The Tree of Life\uninstall\uninstaller.exe"
Jewel Quest Solitaire 2 -> "C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\uninstall\uninstaller.exe"
Farmscapes -> "C:\Program Files (x86)\HP Games\Farmscapes\uninstall\uninstaller.exe"
Zuma's Revenge -> "C:\Program Files (x86)\HP Games\Zumas Revenge\uninstall\uninstaller.exe"
Insaniquarium Deluxe -> "C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\uninstall\uninstaller.exe"
Chuzzle Deluxe -> "C:\Program Files (x86)\HP Games\Chuzzle Deluxe\uninstall\uninstaller.exe"
Wedding Dash -> "C:\Program Files (x86)\HP Games\Wedding Dash\uninstall\uninstaller.exe"
Fishdom (TM) 2 -> "C:\Program Files (x86)\HP Games\Fishdom (TM) 2\uninstall\uninstaller.exe"
Final Drive Fury -> "C:\Program Files (x86)\HP Games\Final Drive Fury\uninstall\uninstaller.exe"
Jewel Quest II -> "C:\Program Files (x86)\HP Games\Jewel Quest II\uninstall\uninstaller.exe"
Mahjongg Artifacts -> "C:\Program Files (x86)\HP Games\Mahjongg Artifacts\uninstall\uninstaller.exe"
Bejeweled 3 -> "C:\Program Files (x86)\HP Games\Bejeweled 3\uninstall\uninstaller.exe"
Virtual Families -> "C:\Program Files (x86)\HP Games\Virtual Families\uninstall\uninstaller.exe"
Mystery of Mortlake Mansion -> "C:\Program Files (x86)\HP Games\Mystery of Mortlake Mansion\uninstall\uninstaller.exe"
Plants vs. Zombies - Game of the Year -> "C:\Program Files (x86)\HP Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe"
FATE -> "C:\Program Files (x86)\HP Games\FATE\uninstall\uninstaller.exe"
Torchlight -> "C:\Program Files (x86)\HP Games\Torchlight\uninstall\uninstaller.exe"
Cradle of Rome 2 -> "C:\Program Files (x86)\HP Games\Cradle of Rome 2\uninstall\uninstaller.exe"
Ranch Rush 2 - Premium Edition -> "C:\Program Files (x86)\HP Games\Ranch Rush 2 - Premium Edition\uninstall\uninstaller.exe"
Jewel Match 3 -> "C:\Program Files (x86)\HP Games\Jewel Match 3\uninstall\uninstaller.exe"
Polar Bowler -> "C:\Program Files (x86)\HP Games\Polar Bowler\uninstall\uninstaller.exe"
Cake Mania -> "C:\Program Files (x86)\HP Games\Cake Mania\uninstall\uninstaller.exe"
Farm Frenzy -> "C:\Program Files (x86)\HP Games\Farm Frenzy\uninstall\uninstaller.exe"
Zonas Peligrosas -> C:\Program Files (x86)\ZonasPeligrosas\uninstall.exe
CyberLink YouCam -> "C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall
MinervaNetworksBrowserPlugin -> MsiExec.exe /I{07E8F866-4D6A-4C17-BFC7-1E7D5F95A132}
HP Customer Experience Enhancements -> MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
IPTInstaller -> MsiExec.exe /I{08208143-777D-4A06-BB54-71BF0AD1BB70}
MSXML 4.0 SP3 Parser -> MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
MSXML 4.0 SP3 Parser (KB2758694) -> MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
Facebook Video Calling 3.1.0.521 -> MsiExec.exe /X{2091F234-EB58-4B80-8C96-8EB78C808CF7}
Java 8 Update 45 -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218045F0}
Minimal ADB and Fastboot version 1.3.1 -> "C:\Program Files (x86)\Minimal ADB and Fastboot\unins000.exe"
Xperia Companion -> "C:\ProgramData\Package Cache\{27b15812-304d-4fc2-80b7-55a920f30a28}\XperiaCompanionBundle.exe" /uninstall
Motorola Device Manager -> "C:\Program Files (x86)\InstallShield Installation Information\{28DB8373-C1BB-444F-A427-A55585A12ED7}\setup.exe" -runfromtemp -l0x040a -removeonly
opensource -> MsiExec.exe /I{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}
RSDLite_MTK_Patch -> MsiExec.exe /I{3C1D537E-A247-47E1-A0B2-1379BBA8C923}
HP Documentation -> MsiExec.exe /X{3D5C7E0E-AEC0-40EB-99D3-C40469738040}
Garmin USB Drivers -> MsiExec.exe /X{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}
Intel(R) Rapid Storage Technology -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
HTC Driver Installer -> MsiExec.exe /X{4CEEE5D0-F905-4688-B9F9-ECC710507796}
HP Quick Launch -> MsiExec.exe /I{53B17A98-5BF0-40BC-AAFF-850A357975AC}
Media Go Network Downloader -> MsiExec.exe /X{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}
HP Support Assistant -> "C:\Program Files (x86)\InstallShield Installation Information\{56D27851-B9A6-430F-875A-E2D7A3802C7B}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Software Framework -> MsiExec.exe /X{5877C85D-8CA5-4153-A366-C232ECFE7A2B}
Garmin POI Loader -> MsiExec.exe /X{5CA74EDC-CFC3-4FA0-AED7-1415CA19F250}
Garmin MapInstall -> MsiExec.exe /X{5ED7CD44-1A33-4B36-BA09-0B55FE82AF95}
Google Update Helper -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
swMSM -> MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
HP Customer Experience Enhancements -> MsiExec.exe /X{64228DFB-7450-49B7-935C-B97342CB6659}
Intel(R) Management Engine Components -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Skype™ 7.12 -> MsiExec.exe /X{6A0549A9-1B96-498C-ACBC-3943001FEB19}
Hewlett-Packard ACLM.NET v1.2.1.1 -> MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
Media Go Video Playback Engine 2.4.129.12060 -> MsiExec.exe /X{7C5AEEE1-6D7C-8922-4548-7BF9096077EC}
Garmin Training Center -> MsiExec.exe /X{7D542452-84EB-47C0-97BA-735C523AB555}
Skype Click to Call -> MsiExec.exe /I{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}
Realtek Ethernet Controller Driver -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
Motorola Device Software Update -> MsiExec.exe /I{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}
RSDLite -> MsiExec.exe /I{8F4A334E-D1B5-45D1-9C1A-3D1B97327E49}
Ralink RT5390 802.11b/g/n WiFi Adapter -> C:\Program Files (x86)\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\setup.exe -runfromtemp -l0x000a -removeonly
Panda Cloud Cleaner -> "C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\unins000.exe"
Xperia Companion -> MsiExec.exe /X{9D56F227-FC8D-419D-ADEB-41E5734025BD}
Adobe Refresh Manager -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824245926}
Adobe Acrobat Reader DC - Español -> MsiExec.exe /I{AC76BA86-7AD7-1034-7B44-AC0F074E4100}
Kingo ROOT version 1.4.3.2539 -> "C:\Program Files (x86)\Kingo ROOT\unins000.exe"
HP Setup Manager -> MsiExec.exe /I{AE856388-AFAD-4753-81DF-D96B19D0A17C}
Garmin MapSource -> MsiExec.exe /X{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}
HP Connection Manager -> MsiExec.exe /X{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}
HP Support Solutions Framework -> MsiExec.exe /X{B8F4B278-5070-47AD-8287-483EB9B3F099}
Medieval CUE Splitter -> MsiExec.exe /I{B96D2269-568B-4CBF-9332-12FAE8B158F7}
HP QuickWeb -> MsiExec.exe /X{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}
Realtek PCIE Card Reader -> "C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly
PlayReady PC Runtime x86 -> MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}
POISelector -> MsiExec.exe /I{CEEAA2C6-011D-4ECA-B83D-21D829E68E8D}
Mapear V10.3 versión 10.3 -> "C:\Program Files (x86)\Mapear V10.3\unins000.exe"
Asistente para actualización a Windows 10 -> "C:\Windows10Upgrade\Windows10UpgraderApp.exe" /Uninstall
DriverToolkit version 8.4.0.0 -> "C:\Program Files (x86)\DriverToolkit\unins000.exe"
Universal Adb Driver -> MsiExec.exe /I{D9C4202E-6D51-4B06-A8F1-22316E654BCA}
HP Recovery Manager -> MsiExec.exe /I{DBCD5E64-7379-4648-9444-8A6558DCB614}
IDT Audio -> "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
HP Power Manager -> MsiExec.exe /I{E44578C7-4667-4124-8BC2-1161BCA54978}
ESU for Microsoft Windows 7 SP1 -> MsiExec.exe /I{E96CAA2A-0244-4A2A-8403-0C3C9534778B}
HP On Screen Display -> MsiExec.exe /I{ED1BD69A-07E3-418C-91F1-D856582581BF}
Intel(R) Processor Graphics -> C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Garmin BaseCamp -> MsiExec.exe /X{F487FEEC-AE9F-4E68-82F2-300F49A8C435}
HP Setup -> MsiExec.exe /I{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}
Media Go -> MsiExec.exe /X{F66C4A41-C3A8-4523-AB6C-BAA1DB38305C}
Mapear V14.3-Mapas Electronicos Argentinos versión 14.3 -> "C:\Program Files (x86)\Mapear V14.3-Mapas Electronicos Argentinos\unins000.exe"
Intel(R) Control Center -> C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Infinite HD™ App -> "C:\Users\Lopez\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -uninstall -launchrunonce:false
Spotify -> "C:\Users\Lopez\AppData\Roaming\Spotify\Spotify.exe" /uninstall
µTorrent -> "C:\Users\Lopez\AppData\Roaming\uTorrent\uTorrent.exe" /UNINSTALL
WinSetupFromUSB -> C:\Program Files (x86)\WinsetupFromUsb\Uninstall.exe
Acrylic Wi-Fi Home v3.1 -> "C:\Program Files\Acrylic Wi-Fi Home\unins000.exe"


# AdwCleaner 7.0.5.0 - Logfile created on Fri Dec 15 20:31:34 2017
# Updated on 2017/29/11 by Malwarebytes
# Database: 12-13-2017.2
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

PUP.Optional.Legacy, WtuSystemSupport
PUP.Adware.Heuristic, vToolbarUpdater40.3.6


***** [ Folders ] *****

PUP.Optional.Legacy, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
PUP.Optional.Legacy, C:\Program Files (x86)\DriverToolkit
PUP.Optional.Legacy, C:\Users\Lopez\AppData\Local\DriverToolkit
PUP.Optional.Legacy, C:\Program Files\Common Files\AVG Secure Search
PUP.Optional.Legacy, C:\Program Files (x86)\Common Files\AVG Secure Search
PUP.Optional.Legacy, C:\ProgramData\AVG Security Toolbar
PUP.Optional.Legacy, C:\ProgramData\Application Data\AVG Security Toolbar
PUP.Optional.Legacy, C:\Users\All Users\AVG Security Toolbar
PUP.Optional.Legacy, C:\ProgramData\avg web tuneup
PUP.Optional.Legacy, C:\ProgramData\Application Data\avg web tuneup
PUP.Optional.Legacy, C:\Program Files (x86)\avg web tuneup
PUP.Optional.Legacy, C:\Users\All Users\avg web tuneup
PUP.Optional.Legacy, C:\Users\chlpz\AppData\Local\avg web tuneup
PUP.Optional.Legacy, C:\Users\Lopez\AppData\Local\avg web tuneup
PUP.Optional.Legacy, C:\Users\All Users\Documents\Downloaded Installers
PUP.Optional.Legacy, C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.SlimCleanerPlus, C:\Users\Lopez\AppData\Local\slimware utilities inc
PUP.Optional.SlimCleanerPlus, C:\Users\Lopez\AppData\Local\SlimWare Utilities Inc
PUP.Adware.Heuristic, C:\ProgramData\Avg_Update_0715av


***** [ Files ] *****

PUP.Optional.Legacy, C:\Windows\SysNative\drivers\swdumon.sys
PUP.Optional.Legacy, C:\Users\Lopez\AppData\Roaming\Mozilla\Firefox\Profiles\dsgi0chc.default-1399216171537\searchplugins\avg-secure-search.xml


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Adware.Heuristic, 0715avUpdateInfo
PUP.Adware.Heuristic, 0715avUpdateInfo


***** [ Registry ] *****

Adware.Elex, [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER | ENABLESHELLEXECUTEHOOKS
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\claro.com.ar
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\miclaro.claro.com.ar
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.claro.com.ar
PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | IconCache [7gmv9us]
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1620811930-282272521-4057767181-1001\Software\DriverToolkit
PUP.Optional.Legacy, [Key] - HKCU\Software\DriverToolkit
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\AVG Nation toolbar
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1620811930-282272521-4057767181-1001\Software\AVG Nation toolbar
PUP.Optional.Legacy, [Key] - HKCU\Software\AVG Nation toolbar
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\AVG Secure Search
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\AVG Security Toolbar
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\AVG Tuneup
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {58124A0B-DC32-4180-9BFF-E0E21AE34026}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\MozillaPlugins\@avg.com\AVG SiteSafety plugin,version=11.0.0.1,application\x-avg-sitesafety-plugin
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
PUP.Optional.SofTonicAssistant, [Key] - HKU\S-1-5-21-1620811930-282272521-4057767181-1001\Software\Softonic
PUP.Optional.SofTonicAssistant, [Key] - HKCU\Software\Softonic
PUP.Optional.Iminent, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {977AE9CC-AF83-45E8-9E03-E2798216E2D5}
PUP.Optional.SlimCleanerPlus, [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus, [Key] - HKU\S-1-5-21-1620811930-282272521-4057767181-1001\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\SlimWare Utilities Inc


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########




Veo que el EliStar ha eleiminado parte de una herramienta antimalware que tenia en la Pc (AT-Destroyer) y un compilador Microsoft de visual basic , el vbc. exe

En cuanto al ADWCleaner, la mayoria de lo que detecta son (o deberian ser!!) componentes de mi antivirus normal el AVG . Por ello no lo he eliminado hasta tener vuestra opinión, pues me resulta llamativo

Nuevamente gracias por el soporte. Quedo a la espera de vuestro asesoramiento. :D

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda con Malware no identificado

Mensaje por msc hotline sat » 16 Dic 2017, 07:42

Vemos algunos PUP (Potential unwanted programs) que pueden estar afectando, como :

PUP.Optional.Iminent, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {977AE9CC-AF83-45E8-9E03-E2798216E2D5}

PUP.Optional.SlimCleanerPlus, [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc

PUP.Optional.SlimCleanerPlus, [Key] - HKU\S-1-5-21-1620811930-282272521-4057767181-1001\Software\SlimWare Utilities Inc

PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\SlimWare Utilities Inc


Descarga el ELIPUPS y pruebalo, a ver si detecta y elimina los causantes del problema.

Y sobre las detecciones de otros AV por las utilidades antivirus, es normal, dadas las cadenas que contienen para el control de los mismos.

Ya nos contaras el resultado, gracias

ms, 16-12-2017

chlp<
Mensajes: 4
Registrado: 15 Dic 2017, 14:59

Re: Ayuda con Malware no identificado

Mensaje por chlp< » 16 Dic 2017, 12:03

Hola nuevamente.
He corrido el ELIPups.
El reporte en su sección de Pup`s dice:

Lista de PUPs conocidos.
Descripción -> Cadena de Desinstalación.
----------------------------------------
Torchlight -> "C:\Program Files (x86)\HP Games\Torchlight\uninstall\uninstaller.exe"


Pero no lo desinstala pues da el error que muestro en archivo adjunto (captura de pantalla). De todos modos, es un juego que viene pre-instalado en las HP Pavillion y si bien no lo uso está desde siempre. Creo que lo puedo desinstalar desde "Programas y caracteristicas" y no debe ser la causa de los problemas.
Captura.JPG
(25.51 KiB) Descargado 1703 veces

Yo he seguido trabajando en la PC y actualmente el problema del Windows Update parece estar controlado mediante:

1- Restauración del sistema a una fecha de un mes atras.
2- Eliminación de un modulo "Control active X for Live Mesh" que debe haber quedado de una vieja instalación (eso eliminó la credencial virtualapp/dilogic!).
3- El Malwarebytes parece que no activa las protecciones en modo seguro, pero en arranque normal si lo hace (Ese comportamiento parece razonable, aunque no se me habia ocurrido antes. quizas por el panico que me produjo la combinación de sintomas).

Si tu opinión experta no sugiere lo contrario yo propondria cerrar el tema y si, eventualmente, ocurre otro evento/sintoma abriré uno nuevo).

Desde ya muchas gracias por la atención y el esfuerzo. cordiales saludos

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Ayuda con Malware no identificado

Mensaje por msc hotline sat » 16 Dic 2017, 16:51

Pues muy buena idea el restaurar sistema a un mes antes, y habiendo quedado solucionado el problema, señal que la anomalia estaba en las entradas del ultimo mes.

Pues felicidades, y que pases unas Felices Fiestas.

Si nos necesitas de nuevo, ya sabes donde estamos

Damos por solucionado el Tema y procedemos a cerarlo

Saludos

ms, 16-12-2017

Cerrado

Volver a “Foro Virus - Cuentanos tu problema”