Al escribir el cursor vuelve siempre al principio

mariela

Miembro
Miembro
Pense seria un problema de configuracion pero luego un analisis online eon Eset y luego he tomado un log de hijackthis,funciona de nuevo, aunque a veces vuelve a suceder pero no tanto, ahora la apague mañana cuando la encienda pasare mi reporte.
ESET ONLINE
Insertar CODE, HTML o PHP:
04/02/2019 17:38:09 p.m.
Archivos explorados: 115109
Archivos infectados: 87
Amenazas eliminadas: 87
Tiempo total de exploración 02:23:03
Estado de la exploración: Finalizado
Insertar CODE, HTML o PHP:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 05:49:24 p.m., on 04/02/2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19236)


Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\user\Downloads\HijackThis.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = delta-homes
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Año Nuevo Lunar 2019{searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Año Nuevo Lunar 2019{searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Outlook, noticias, famosos y horóscopo de hoy en MSN España
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = delta-homes
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Año Nuevo Lunar 2019{searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Año Nuevo Lunar 2019{searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Outlook, noticias, famosos y horóscopo de hoy en MSN España
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - (no file)
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: 
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\72.0.3626.81\elevation_service.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: Update Fortunitas - Unknown owner - C:\Program Files\Fortunitas\updateFortunitas.exe (file missing)
O23 - Service: Update Lampy Lighty - Unknown owner - C:\Program Files\Lampy Lighty\updateLampyLighty.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Util Lampy Lighty - Unknown owner - C:\Program Files\Lampy Lighty\bin\utilLampyLighty.exe (file missing)
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 20305 bytes
 

mariela

Miembro
Miembro
Aqui los dejo los log de las tareas realizadas, el malwares antimalware dejo todo en cuarentena, no permitio eliminar y no pude pasar anti-rootkit pues mi amiga se tenia que llevar la note, le instale un antivirus pues no tenia y me di cuenta que dejo de saltar el cursor pero lo hace cada vez que pongo arroba,sale disparado para adelante.
Insertar CODE, HTML o PHP:
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-02-06.2 (Cloud)
# Support:  Customer Support & Help Center
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    02-06-2019
# Duration: 00:00:14
# OS:       Windows 7 Home Premium
# Scanned:  31844
# Detected: 155


* [ Services ] *

No malicious services found.

* [ Folders ] *

PUP.Adware.Heuristic            C:\ProgramData\1A49EDEC23B45956
PUP.Multiplug.Heuristic         C:\ProgramData\TOPADEAL
PUP.Multiplug.Heuristic         C:\Program Files\TOPADEAL
PUP.Optional.BrowseFox          C:\Program Files\Lampy Lighty
PUP.Optional.BuenoSearch        C:\Users\user\AppData\LocalLow\buenosearch LTD
PUP.Optional.CouponMarvel       C:\Users\user\AppData\Local\lollipop
PUP.Optional.IEPluginService    C:\ProgramData\IePluginService
PUP.Optional.Legacy             C:\Users\user\AppData\Local\genienext
PUP.Optional.Legacy             C:\Users\user\AppData\Roaming\Activeris
PUP.Optional.Legacy             C:\ProgramData\EmailNotifier
PUP.Optional.Legacy             C:\Users\user\AppData\Local\Mobogenie
PUP.Optional.Legacy             C:\Users\user\AppData\Local\MySearchs
PUP.Optional.Legacy             C:\Program Files\predm
PUP.Optional.MyStartTB.ShrtCln  C:\Program Files\mystarttb
PUP.Optional.MyStartTB.ShrtCln  C:\Users\user\AppData\LocalLow\mystarttb
PUP.Optional.NextLive           C:\Users\user\AppData\Roaming\newnext.me
PUP.Optional.PCPerformer        C:\Program Files\PC Performer
PUP.Optional.PCPerformer        C:\Users\user\AppData\Roaming\Performersoft
PUP.Optional.PayByAds           C:\Users\user\AppData\Local\Pay-By-Ads
PUP.Optional.SimilarSites       C:\Program Files\SimilarSites
PUP.Optional.SimilarSites       C:\Users\user\AppData\Roaming\SimilarSites
PUP.Optional.SupTab             C:\Program Files\SupTab
PUP.Optional.TotalSystemCare    C:\Program Files\TotalSystemCare
PUP.Optional.VOPackage          C:\Users\user\AppData\Roaming\VOPackage
PUP.Optional.VOPackage          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
PUP.Optional.iRobinHood         C:\Program Files\iRobinHood
PUP.Optional.iRobinHood         C:\Users\user\AppData\LocalLow\iRobinHood

* [ Files ] *

PUP.Optional.Legacy             C:\Windows\System32\roboot.exe
PUP.Optional.Legacy             C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
PUP.Optional.Legacy             C:\Users\user\daemonprocess.txt
PUP.Optional.QuickStart         C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx

* [ DLL ] *

No malicious DLLs found.

* [ WMI ] *

No malicious WMI found.

* [ Shortcuts ] *

PUP.Optional.Legacy             C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk

* [ Tasks ] *

PUP.Optional.Legacy             C:\Windows\System32\Tasks\LaunchApp

* [ Registry ] *

PUP.Optional.AppEnable.A        HKLM\Software\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
PUP.Optional.AppEnable.A        HKLM\Software\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
PUP.Optional.AppEnable.A        HKLM\Software\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
PUP.Optional.AppEnable.A        HKLM\Software\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
PUP.Optional.CouponMarvel       HKCU\Software\lollipop
PUP.Optional.Delta.ShrtCln      HKLM\Software\delta-homesSoftware
PUP.Optional.FreeSoftToday      HKCU\Software\FreeSoftToday
PUP.Optional.FreeSoftToday      HKLM\Software\FreeSoftToday
PUP.Optional.IEPluginService    HKLM\System\CurrentControlSet\Services\EventLog\Application\IePluginService
PUP.Optional.InstallCore        HKCU\Software\InstallCore
PUP.Optional.KeepMySearch       HKCU\Software\Classes\keepmysearch
PUP.Optional.Legacy             HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon
PUP.Optional.Legacy             HKLM\Software\MaxPower
PUP.Optional.Legacy             HKLM\Software\Wpm
PUP.Optional.Legacy             HKLM\Software\Uniblue
PUP.Optional.Legacy             HKCU\Software\performersoft llc
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3048746173-3851794057-4034872646-1000\Software\Free Games 111
PUP.Optional.Legacy             HKLM\Software\Email Notifier
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
PUP.Optional.Legacy             HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
PUP.Optional.Legacy             HKLM\Software\MediaViewV1
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\AppID\OKitSpace.DLL
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0D4A4BC-F7CD-436E-B1FA-25637BA0F5BE}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{B69509B5-4A90-4433-A2DE-BE439F6581F2}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{90A52F08-64AC-4DC6-9D7D-4516670275D3}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Toolbar|{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{607B689F-7600-45E4-B8E5-887F72DAB15C}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{FE69C007-C452-4D3E-86D2-1730DF8BC871}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1C094CE7-0610-4BCE-A7EA-E4E7D40AFD0B}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5422BDDE-A805-4F00-85DD-3BD7D921FB65}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{87C1E23A-B822-488F-8FC1-C0254BEF6A06}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{449C629F-7B0D-4269-9239-5863BDAA0591}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5097D0E0-AC81-4E54-BE08-C66CA5B2E5D3}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D0AABB9D-E2BD-428A-A7E1-D593C0C8C615}
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CDEA2A53-9C2A-4366-8F03-A583B616FEF2}
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDEA2A53-9C2A-4366-8F03-A583B616FEF2}
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchApp
PUP.Optional.Legacy             HKLM\System\CurrentControlSet\Services\EventLog\Application\Wpm
PUP.Optional.Legacy             HKLM\System\CurrentControlSet\Services\EventLog\Application\SrvUpdater
PUP.Optional.Legacy             HKLM\System\CurrentControlSet\Services\EventLog\Application\srvPlgProtect
PUP.Optional.Legacy             HKLM\System\CurrentControlSet\Services\EventLog\Application\srvBrowserProtect
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.portaldosites.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\portaldosites.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\en.eazel.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\eazel.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{71A55A3A-A70A-42D9-A883-1B5665EAA2E0}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5A859063-0FDA-468F-96C7-82ED1DE5EAA5}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{275BEEA4-8444-46D4-BF6F-5195125E55AD}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Search Page
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
PUP.Optional.MySearchs.ShrtCln  HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchs
PUP.Optional.MyStart            HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2159D33-3CE2-401B-8967-1B270628A311}
PUP.Optional.MyStartTB.ShrtCln  HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mystarttb
PUP.Optional.MyStartTB.ShrtCln  HKCU\Software\AppDataLow\Software\mystarttb
PUP.Optional.MyStartTB.ShrtCln  HKLM\Software\mystarttb
PUP.Optional.OKitSpace          HKLM\Software\OKitSpace
PUP.Optional.OKitSpace          HKLM\Software\Classes\OKitSpace
PUP.Optional.OpenSoftware.Updater HKLM\Software\SoftwareUpdater
PUP.Optional.SofTonicAssistant  HKCU\Software\Softonic
PUP.Optional.SupTab             HKLM\Software\supWPM
PUP.Optional.SupTab             HKLM\Software\SupTab
PUP.Optional.SupTab             HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
PUP.Optional.SupTab             HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
PUP.Optional.SupTab             HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
PUP.Optional.SuperOptimizer     HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
PUP.Optional.SuperOptimizer     HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
PUP.Optional.SuperOptimizer     HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
PUP.Optional.SuperOptimizer     HKU\S-1-5-20\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
PUP.Optional.SuperOptimizer     HKU\S-1-5-19\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
PUP.Optional.SuperOptimizer     HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
PUP.Optional.SuperOptimizer     HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
PUP.Optional.SweetPage.ShrtCln  HKLM\Software\sweet-pageSoftware
PUP.Optional.SweetPage.ShrtCln  HKLM\Software\Microsoft\Internet Explorer\Main|Search Page
PUP.Optional.SweetPage.ShrtCln  HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL
PUP.Optional.Tuto4PC            HKCU\Software\TutoTag
PUP.Optional.Tuto4PC            HKLM\Software\Tutorials
PUP.Optional.Uniblue            HKLM\Software\Classes\SpeedUpMyPC
PUP.Optional.VOPackage          HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
PUP.Optional.Vittalia           HKLM\Software\Vittalia

* [ Chromium (and derivatives) ] *

PUP.Optional.Legacy             New Tab Search
PUP.Optional.NewTab             Lightning speedDial
PUP.Optional.VNMToolBar         New Tab Search

* [ Chromium URLs ] *

PUP.Optional.Legacy             Eazel

* [ Firefox (and derivatives) ] *

No malicious Firefox entries found.

* [ Firefox URLs ] *

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Insertar CODE, HTML o PHP:
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 6/2/19
Hora del análisis: 17:41
Archivo de registro: 9d5de72c-2a4f-11e9-86fe-0003253bd71d.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9146
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: user-PC\user

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 161569
Amenazas detectadas: 144
Amenazas en cuarentena: 0
Tiempo transcurrido: 10 min, 13 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 20
PUP.Optional.VNMToolBar, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dghncoeocefmhkhiphdgikkamjeglbfh, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.MediaPlayerAlpha, HKLM\SOFTWARE\MediaPlayerV1alpha1102, Sin acciones por parte del usuario, [113], [240217],1.0.9146
PUP.Optional.MediaViewer, HKLM\SOFTWARE\MediaViewerV1alpha217, Sin acciones por parte del usuario, [114], [240269],1.0.9146
PUP.Optional.MediaView, HKLM\SOFTWARE\MediaViewV1alpha1839, Sin acciones por parte del usuario, [115], [240266],1.0.9146
PUP.Optional.MediaWatch, HKLM\SOFTWARE\MediaWatchV1home9851, Sin acciones por parte del usuario, [116], [240272],1.0.9146
PUP.Optional.MyStartToolbar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${ieUtilsLightElevationPolicyID}, Sin acciones por parte del usuario, [6951], [186512],1.0.9146
PUP.Optional.MyStartToolbar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{62155D33-3CE2-401E-8967-5A270628A3D5}, Sin acciones por parte del usuario, [6951], [186512],1.0.9146
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update Lampy Lighty, Sin acciones por parte del usuario, [33], [254005],1.0.9146
PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Sin acciones por parte del usuario, [33], [-1],0.0.0
PUP.Optional.RobinHood, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\iidmoehhpbghchkaogkhmcckhlhebekn, Sin acciones por parte del usuario, [2414], [242369],1.0.9146
PUP.Optional.NewTab, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pkndmigholgfjlniaohblojbhgjbkakn, Sin acciones por parte del usuario, [2268], [241208],1.0.9146
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util Lampy Lighty, Sin acciones por parte del usuario, [33], [254005],1.0.9146
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Sin acciones por parte del usuario, [7161], [252393],1.0.9146
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.BackgroundHostObject.1, Sin acciones por parte del usuario, [173], [243396],1.0.9146
PUP.Optional.SpeedTest, HKLM\SOFTWARE\CLASSES\Speed Test 127.BackgroundHostObject, Sin acciones por parte del usuario, [173], [243396],1.0.9146
PUP.Optional.Fortunitas, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Fortunitas, Sin acciones por parte del usuario, [550], [238452],1.0.9146
PUP.Optional.LampyLighty, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Lampy Lighty, Sin acciones por parte del usuario, [3083], [239815],1.0.9146
PUP.Optional.LampyLighty, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Lampy Lighty, Sin acciones por parte del usuario, [3083], [239815],1.0.9146
PUP.Optional.EazelBar, HKU\S-1-5-21-3048746173-3851794057-4034872646-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}, Sin acciones por parte del usuario, [2948], [167935],1.0.9146
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Sin acciones por parte del usuario, [66], [169264],1.0.9146

Valor del registro: 12
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Sin acciones por parte del usuario, [1460], [-1],0.0.0
PUP.Optional.BestOffers, HKU\S-1-5-21-3048746173-3851794057-4034872646-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|SPEEDTEST4354@BESTOFFERS, Sin acciones por parte del usuario, [1221], [235754],1.0.9146
PUP.Optional.BestOffers, HKU\S-1-5-21-3048746173-3851794057-4034872646-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|FREEGAMES4357@BESTOFFERS, Sin acciones por parte del usuario, [1221], [235754],1.0.9146
PUP.Optional.MyStartToolbar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${ieUtilsLightElevationPolicyID}|APPPATH, Sin acciones por parte del usuario, [6951], [186512],1.0.9146
PUP.Optional.MyStartToolbar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{62155D33-3CE2-401E-8967-5A270628A3D5}|APPPATH, Sin acciones por parte del usuario, [6951], [186512],1.0.9146
PUP.Optional.FirstSeenToday, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|FST_AR_21, Sin acciones por parte del usuario, [7055], [238391],1.0.9146
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, Sin acciones por parte del usuario, [7161], [252393],1.0.9146
PUP.Optional.OKitSpace.Generic, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|OKITSPACE@OKITSPACE.ES, Sin acciones por parte del usuario, [7146], [412189],1.0.9146
PUP.Optional.MediaPlayerAlpha, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|EXT@MEDIAPLAYERV1ALPHA1102.NET, Sin acciones por parte del usuario, [113], [240218],1.0.9146
PUP.Optional.MediaViewer, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|EXT@MEDIAVIEWERV1ALPHA217.NET, Sin acciones por parte del usuario, [114], [240270],1.0.9146
PUP.Optional.MediaView, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|EXT@MEDIAVIEWV1ALPHA1839.NET, Sin acciones por parte del usuario, [115], [240267],1.0.9146
PUP.Optional.MediaWatch, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|EXT@MEDIAWATCHV1HOME9851.NET, Sin acciones por parte del usuario, [116], [240274],1.0.9146

Datos del registro: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Sin acciones por parte del usuario, [5366], [292819],1.0.9146

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 19
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\USERS\USER\APPDATA\ROAMING\MOZILLA\EXTENSIONS\freegames4357@BestOffers, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\skin, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\USERS\USER\APPDATA\ROAMING\MOZILLA\EXTENSIONS\speedtest4354@BestOffers, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.FastPlayer, C:\Users\user\AppData\Local\com\FastPlayer.exe_Url_ciccyb0pt404zejkup1z3zavmfgzkecl\1.0.0.1, Sin acciones por parte del usuario, [764], [177098],1.0.9146
PUP.Optional.FastPlayer, C:\Users\user\AppData\Local\com\FastPlayer.exe_Url_ciccyb0pt404zejkup1z3zavmfgzkecl\1.0.0.2, Sin acciones por parte del usuario, [764], [177098],1.0.9146
PUP.Optional.FastPlayer, C:\USERS\USER\APPDATA\LOCAL\COM\FastPlayer.exe_Url_ciccyb0pt404zejkup1z3zavmfgzkecl, Sin acciones por parte del usuario, [764], [177098],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\CVS\Base, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\CVS, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\CVS, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\DGHNCOEOCEFMHKHIPHDGIKKAMJEGLBFH, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.SearchProtect.AppFlsh, C:\Users\user\AppData\Local\SearchProtect\Logs, Sin acciones por parte del usuario, [1460], [181457],1.0.9146
PUP.Optional.SearchProtect.AppFlsh, C:\USERS\USER\APPDATA\LOCAL\SEARCHPROTECT, Sin acciones por parte del usuario, [1460], [181457],1.0.9146

Archivo: 92
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\background.html, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\button.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\button.xml, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\config.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\content.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.xul, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon128.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon128.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon16.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon16.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon18.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon18.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon24.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon24.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon32.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon32.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon48.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon48.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\jquery-1.9.1.min.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\options.xul, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\rjs.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\settings.json, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\subscriptloader.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin\framework.css, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome.manifest, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\icon.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\install.rdf, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\background.html, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\button.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\button.xml, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\config.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\content.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.xul, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.ico, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\jquery-1.9.1.min.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\options.xul, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\rjs.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\settings.json, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\subscriptloader.js, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\skin\framework.css, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome.manifest, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\icon.png, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\install.rdf, Sin acciones por parte del usuario, [1221], [175599],1.0.9146
PUP.Optional.WidgetContext, C:\USERS\USER\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\{140A2D0E-85CC-4ED3-9BA5-8FA35DA7FABA}.XPI, Sin acciones por parte del usuario, [2505], [244970],1.0.9146
PUP.Optional.FastPlayer, C:\Users\user\AppData\Local\com\FastPlayer.exe_Url_ciccyb0pt404zejkup1z3zavmfgzkecl\1.0.0.1\user.config, Sin acciones por parte del usuario, [764], [177098],1.0.9146
PUP.Optional.FastPlayer, C:\Users\user\AppData\Local\com\FastPlayer.exe_Url_ciccyb0pt404zejkup1z3zavmfgzkecl\1.0.0.2\user.config, Sin acciones por parte del usuario, [764], [177098],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\CVS\Base\blank.js, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\CVS\Baserev, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\CVS\Entries, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\CVS\Repository, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\CVS\Root, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\CVS\Tag, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\CVS\Template, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\CVS\Entries, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\CVS\Repository, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\CVS\Root, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\CVS\Tag, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\CVS\Template, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\arrow-grey.png, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\h-line.gif, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\search-blue-over.png, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\search-blue.png, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\search-over.png, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\img\search.png, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\blank.html, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\blank.js, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\icon_128.png, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\manifest.json, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\suggest.js, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.VNMToolBar, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh\0.10_1\utils.js, Sin acciones por parte del usuario, [2311], [180317],1.0.9146
PUP.Optional.Yontoo, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, Sin acciones por parte del usuario, [33], [-1],0.0.0
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, Sin acciones por parte del usuario, [33], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Sin acciones por parte del usuario, [33], [-1],0.0.0
PUP.Optional.SkyTech, C:\$RECYCLE.BIN\S-1-5-21-3048746173-3851794057-4034872646-1000\$R8BEB7P\PACKAGE1.ZIP, Sin acciones por parte del usuario, [10505], [77227],1.0.9146
PUP.Optional.MyPCBackup, C:\WINDOWS\TEMP\TMP819B.TMP, Sin acciones por parte del usuario, [590], [15289],1.0.9146

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
Insertar CODE, HTML o PHP:
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x32 Windows 7 (Home Premium), 6.1.7601.24334, Service Pack: 1
Time:      06.02.2019 - 23:01 (UTC-03:00)
Language:  OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0x2C0A)
Elevated:  Yes
Ran by:    user    (group: Administrator) on USER-PC, FirstRun: yes

Chrome:  72.0.3626.96
Internet Explorer: 11.0.9600.19236
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
  11  C:\Program Files\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\Google\Update\1.3.33.23\GoogleCrashHandler.exe
   1  C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   1  C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
   1  C:\Program Files\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files\Windows Defender\MpCmdRun.exe
   1  C:\Program Files\Windows Media Player\wmpnetwk.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dwm.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\lsm.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  14  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhost.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\explorer.exe
   1  E:\limpieza estela\HiJackThis_test\HiJackThis.exe

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] = C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window
O4 - HKCU\..\Run: [LightScribe Control Panel] = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (file missing)
O4 - HKLM\..\Session Manager: [BootExecute] = C:\Windows\system32\lsdelete.exe
O4 - HKU\.DEFAULT\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
O4 - MSConfig\startupreg: HKCU [command] = C:\Users\user\AppData\Roaming\fault\reinstall.exe (HKCU) (2014/04/08) (file missing)
O4 - MSConfig\startupreg: ares [command] = C:\Program Files\Ares\Ares.exe -h (HKCU) (2014/04/08) (file missing)
O17 - DHCP DNS 1: 200.115.192.29
O17 - DHCP DNS 2: 200.115.192.90
O17 - DHCP DNS 3: 200.115.192.28
O22 - Task (.job): AdwCleaner_onReboot.job - C:\Users\user\Desktop\adwcleaner_7.2.7.0.exe /r
O23 - Service R2: Ad-Aware 2007 Service - (aawservice) - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service R2: TeamViewer 12 - (TeamViewer) - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service S2: Google Update Servicio (gupdate) - (gupdate) - C:\Program Files\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\72.0.3626.96\elevation_service.exe
O23 - Service S3: Google Update Servicio (gupdatem) - (gupdatem) - C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Microsoft Office Diagnostics Service - (odserv) - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Service S3: ServiceLayer - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - Time spent: 37,7 sec. - 7928 bytes, CRC32: FFFFFFFF. Sign: 绺ꤷ
 

jbex

El que peca y reza empata
Administrador
Envia reinstall.exe a Virustotal https://www.virustotal.com/#/home/upload a ver si te da limpia.
O4 - MSConfig\startupreg: HKCU [command] = C:\Users\user\AppData\Roaming\fault\reinstall.exe (HKCU) (2014/04/08) (file missing)
Un saludo
 

jbex

El que peca y reza empata
Administrador
Cuando estes en la web le das al botón choose file, se te abre una ventana para que busques la ruta del archivo en tu caso C:\Users\user\AppData\Roaming\fault\ y cuando estés en esa carpeta marca reinstall.exe Abrir y el cargara se ejecutable y lo escaneara.
Un saludo
 

mariela

Miembro
Miembro
en esa ruta no existe archivo con ese nombre la carpeta fault esta vacía.aun mostrando archivos ocultos .
 

jbex

El que peca y reza empata
Administrador
Entonces con el HijackThis marca la casilla: O4 - MSConfig\startupreg: HKCU [command] = C:\Users\user\AppData\Roaming\fault\reinstall.exe (HKCU) (2014/04/08) (file missing) y la eliminas.
Un saludo
 

jbex

El que peca y reza empata
Administrador
Por cierto el Malwarebytes dale a que elimine lo encontrado, que se me paso comentartelo.
Un saludo
 
Arriba Pie