Solucionado Mi log de hijack. Como lo veis?

Estado
Cerrado para nuevas respuestas

Garci_67

Miembro
Miembro
Buenos días. Hoy al encender el pc mi antivirus me ha detectado que el programa bitcomet,que lleva instalado mucho tiempo,contiene adware y me lo ha desinstalado. He arrancando en modo seguro para hacer un análisis y he sacado un log del hijackthis. Me podríais echar una ojeada y decirme como lo veis? Gracias.

Logfile of HiJackThis Fork (Beta) by Alex Dragokas v.2.8.0.4
Insertar CODE, HTML o PHP:
Platform:  x64 Windows 10 (Home), 10.0.17134.376 (ReleaseId: 1803), Service Pack: 0

Time:      04.11.2018 - 12:02 (UTC+01:00)

Language:  OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0xC0A)

Elevated:  Yes

Ran by:    Javier (group: Administrator) on JAVIER-PC, FirstRun: no

Chrome:  70.0.3538.77

Edge:    11.0.17134.376

Internet Explorer: 11.0.17134.1

Default: "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)

Boot mode: Safe mode with network support

Running processes:

Number | Path

   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe

   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe

   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

   1  C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe

   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe

   1  C:\Users\garci\Desktop\Nueva carpeta\HijackThisPortable\App\HijackThis\HijackThis.exe

   1  C:\Users\garci\Desktop\Nueva carpeta\HijackThisPortable\App\HijackThis\Registry

   1  C:\Users\garci\Desktop\Nueva carpeta\HijackThisPortable\HijackThisPortable.exe

   1  C:\Windows\HelpPane.exe

   2  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

   1  C:\Windows\System32\ApplicationFrameHost.exe

   3  C:\Windows\System32\RuntimeBroker.exe

   2  C:\Windows\System32\csrss.exe

   1  C:\Windows\System32\ctfmon.exe

   2  C:\Windows\System32\dllhost.exe

   1  C:\Windows\System32\dwm.exe

   2  C:\Windows\System32\fontdrvhost.exe

   1  C:\Windows\System32\lsass.exe

   1  C:\Windows\System32\services.exe

   1  C:\Windows\System32\sihost.exe

   1  C:\Windows\System32\smartscreen.exe

   1  C:\Windows\System32\smss.exe

  26  C:\Windows\System32\svchost.exe

   1  C:\Windows\System32\wininit.exe

   1  C:\Windows\System32\winlogon.exe

   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

   1  C:\Windows\explorer.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local

R1 - HKU\S-1-5-21-3802059208-1213918699-4048744714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300932\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local

R3 - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300339: Default URLSearchHook is missing

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [SuggestionsURL] = https://api.bing.com/qsml.aspx?query={searchTerms}&market={language}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IESS02&pc=UE04 - Bing

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} = Bing{searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 - Bing R4 - SearchScopes: HKU\S-1-5-21-3802059208-1213918699-4048744714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300932\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} [SuggestionsURL] = https://api.bing.com/qsml.aspx?query={searchTerms}&market={language}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IESS02&pc=UE04 - Bing R4 - SearchScopes: HKU\S-1-5-21-3802059208-1213918699-4048744714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300932\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}  = https://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 - Bing O2 - HKLM\..\BHO: ScriptInjectionPluginBrowserHelperObject - {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll O2-32 - HKLM\..\BHO: ScriptInjectionPluginBrowserHelperObject - {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll O3 - HKLM\..\Toolbar: Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll O3-32 - HKLM\..\Toolbar: Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll O4 - HKCU\..\StartupApproved\Run: [TomTomHOME.exe] (2017/07/23) = C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe O4 - HKLM\..\StartupApproved\Run32: [BrHelp] (2018/03/28) = C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] (2017/07/25) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O4 - HKLM\..\StartupApproved\Run: [Logitech Download Assistant] (2018/03/28) = C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] (1601/01/01) = C:\Program Files\Windows Defender\MSASCuiL.exe O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] (2017/07/23) = C:\Program Files\iTunes\iTunesHelper.exe O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300462\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'unknown') O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300656\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'unknown') O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade O4 - HKU\S-1-5-21-3802059208-1213918699-4048744714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300932\..\Run: [TomTomHOME.exe] = C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (User 'unknown') O4 - HKU\S-1-5-21-3802059208-1213918699-4048744714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300932\..\StartupApproved\Run: [TomTomHOME.exe] (2017/07/23) = C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (User 'unknown') O4 - Startup other users: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BrStMonW.exe -> (PE EXE) O4 - User Startup: C:\Users\garci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BrStMonW.exe -> (PE EXE) O4-32 - HKLM\..\Run: [ControlCenter4] = C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm O8 - Context menu item: HKU\S-1-5-21-3802059208-1213918699-4048744714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300932\..\Internet Explorer\MenuExt: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm O15 - ProtocolDefaults: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300462 - [@ivt] protocol is in Unknown Zone, should be Intranet Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300462 - [file] protocol is in Unknown Zone, should be Internet Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300462 - [ftp] protocol is in Unknown Zone, should be Internet Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300462 - [http] protocol is in Unknown Zone, should be Internet Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300462 - [https] protocol is in Unknown Zone, should be Internet Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300462 - [knownfolder] protocol is in Unknown Zone, should be My Computer Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300462 - [shell] protocol is in Unknown Zone, should be My Computer Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300656 - [@ivt] protocol is in Unknown Zone, should be Intranet Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300656 - [file] protocol is in Unknown Zone, should be Internet Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300656 - [ftp] protocol is in Unknown Zone, should be Internet Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300656 - [http] protocol is in Unknown Zone, should be Internet Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300656 - [https] protocol is in Unknown Zone, should be Internet Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300656 - [knownfolder] protocol is in Unknown Zone, should be My Computer Zone(User: 'unknown') O15 - ProtocolDefaults: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11042018112300656 - [shell] protocol is in Unknown Zone, should be My Computer Zone(User: 'unknown') O17 - DHCP DNS 1: 80.58.61.254 O17 - DHCP DNS 2: 80.58.61.250 O22 - Task (Job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK O22 - Task (Job): Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\HelloFace\FODCleanupTask - C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndContinueUpdates - {0DC331EE-8438-49D5-A721-E10B937CE459} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndScanForUpdates - {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft) O22 - Task: (disabled) \S-1-5-21-3802059208-1213918699-4048744714-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe O22 - Task: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft) O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload mininterval:2880 (Microsoft) O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload (Microsoft) O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O22 - Task: Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe -check pepperplugin O22 - Task: Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0) O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler O22 - Task: OneDrive Standalone Update Task-S-1-5-21-3802059208-1213918699-4048744714-1001 - C:\Users\garci\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing) O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft) O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft) O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft) O22 - Task: \Microsoft\Windows\DirectX\DXGIAdapterCache - C:\WINDOWS\system32\dxgiadaptercache.exe (Microsoft) O22 - Task: \Microsoft\Windows\InstallService\ScanForUpdates - {A558C6A5-B42B-4C98-B610-BF9559143139} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft) O22 - Task: \Microsoft\Windows\InstallService\ScanForUpdatesAsUser - {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft) O22 - Task: \Microsoft\Windows\InstallService\SmartRetry - {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft) O22 - Task: \Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources - {D0582E3B-3126-4CAA-9155-AC37C912A489} - C:\WINDOWS\System32\LanguageOverlayServer.dll (Microsoft) O22 - Task: \Microsoft\Windows\Speech\HeadsetButtonPress - C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe StartedFromTask (Microsoft) O22 - Task: \Microsoft\Windows\WaaSMedic\PerformRemediation - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},None - C:\WINDOWS\System32\WaaSMedicSvc.dll (Microsoft) O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe -IdleTask -TaskName WdVerification O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service R2: Servicio de Antivirus de Windows Defender - (WinDefend) - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe O23 - Service S2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service S2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service S2: Audio Service - (STacSV) - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service S2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service O23 - Service S2: Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe O23 - Service S2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe O23 - Service S2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 O23 - Service S2: Servicio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service S2: Servicio Kaspersky Anti-Virus 19.0.0 - (AVP19.0.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe -r O23 - Service S2: Servicio de Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc O23 - Service S2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service S2: TomTomHOMEService - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service S3: BrYNSvc - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE O23 - Service S3: Servicio Kaspersky Secure Connection 1.0.0 - (KSDE1.0.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe -r O23 - Service S3: Servicio de Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc O23 - Service S3: Servicio de inspección de red de Antivirus de Windows Defender - (WdNisSvc) - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe O23 - Service S3: Servicio del iPod - (iPod Service) - C:\Program Files\iPod\bin\iPodService.exe O23 - Service S3: klvssbridge64_19.0.0 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe -- End of file - Time spent: 15 sec. - 36036 bytes, CRC32: FFFFFFFF. Sign: 榓
 

Kbite

Aprender y compartir
Administrador
Hola Garci 67.

No conozco esta versión de HijackThis, no parece la oficial y además no se ven algunas entradas importantes para hacer un diagnóstico, debes emplear la que indicamos AQUÍ y realizar el log en Modo normal ya que en Modo seguro no aparecen todos los procesos que puedan estar en ejecución.

Saludos, Kbite.
 

Garci_67

Miembro
Miembro
Muchas gracias Kbite. Ni me dí cuenta al descargar que no era el oficial,menuda cabeza la mia. Te pego el nuevo log ahora si de HijackThis oficial.
Insertar CODE, HTML o PHP:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:55:41, on 05/11/2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)

Boot mode: Normal
Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
C:\Users\garci\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Outlook, noticias, famosos y horóscopo de hoy en MSN España
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Outlook, noticias, famosos y horóscopo de hoy en MSN España
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'Servicio de red')
O4 - .DEFAULT User Startup: BrStMonW.exe (User 'Default user')
O4 - Startup: BrStMonW.exe
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Descargar con Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\AJRouter.dll,-2 (AJRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Servicio Kaspersky Anti-Virus 19.0.0 (AVP19.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\BcastDVRUserService.dll,-100 (BcastDVRUserService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Servicio de usuario de difusión y GameDVR_eda781 (BcastDVRUserService_eda781) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101 (BluetoothUserService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Servicio de soporte técnico de usuario de Bluetooth_eda781 (BluetoothUserService_eda781) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\BTAGService.dll,-101 (BTAGService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\BthAvctpSvc.dll,-101 (BthAvctpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\CapabilityAccessManager.dll,-1 (camsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cdpsvc.dll,-100 (CDPSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cdpusersvc.dll,-100 (CDPUserSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Servicio de usuario de plataforma de dispositivos conectados_eda781 (CDPUserSvc_eda781) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ClipSVC.dll,-103 (ClipSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\coremessaging.dll,-1 (CoreMessagingRegistrar) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006 (DevicePickerUserSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: DevicePicker_eda781 (DevicePickerUserSvc_eda781) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DevicesFlowBroker.dll,-103 (DevicesFlowUserSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: DevicesFlow_eda781 (DevicesFlowUserSvc_eda781) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DevQueryBroker.dll,-100 (DevQueryBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%systemroot%\system32\DiagSvc.dll,-100 (diagsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\diagtrack.dll,-3001 (DiagTrack) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\Windows.Internal.Management.dll,-100 (DmEnrollmentSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dmwappushsvc.dll,-200 (dmwappushservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dosvc.dll,-100 (DoSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dssvc.dll,-10003 (DsSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dusmsvc.dll,-1 (DusmSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\embeddedmodesvc.dll,-201 (embeddedmode) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @EnterpriseAppMgmtSvc.dll,-1 (EntAppSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FrameServer.dll,-100 (FrameServer) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\GraphicsPerfSvc.dll,-100 (GraphicsPerfSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @%SystemRoot%\system32\hvhostsvc.dll,-100 (HvHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @oem54.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: @%SystemRoot%\System32\tetheringservice.dll,-4097 (icssvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\InstallService.dll,-200 (InstallService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @%Systemroot%\system32\ipxlatcfg.dll,-500 (IpxlatCfgSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\irmon.dll,-2000 (irmon) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: klvssbridge64_19.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe
O23 - Service: Servicio Kaspersky Secure Connection 1.0.0 (KSDE1.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\lfsvc.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\licensemanagersvc.dll,-200 (LicenseManager) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\LanguageOverlayServer.dll,-100 (LxpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\moshost.dll,-100 (MapsBroker) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @%SystemRoot%\system32\MessagingService.dll,-100 (MessagingService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_eda781 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (mpssvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe
O23 - Service: @%systemroot%\system32\NaturalAuth.dll,-100 (NaturalAuthentication) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NetSetupSvc.dll,-3 (NetSetupSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\NgcCtnrSvc.dll,-1 (NgcCtnrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%SystemRoot%\system32\APHostRes.dll,-10002 (OneSyncSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_eda781 (OneSyncSvc_eda781) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe
O23 - Service: @%SystemRoot%\system32\PhoneserviceRes.dll,-10000 (PhoneSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-15001 (PimIndexMaintenanceSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de contactos_eda781 (PimIndexMaintenanceSvc_eda781) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\PrintWorkflowService.dll,-100 (PrintWorkflowUserSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: PrintWorkflow_eda781 (PrintWorkflowUserSvc_eda781) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pushtoinstall.dll,-200 (PushToInstall) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\RDXService.dll,-256 (RetailDemo) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\RMapi.dll,-1001 (RmSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SEMgrSvc.dll,-1001 (SEMgrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\sensorservice.dll,-1000 (SensorService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SharedRealitySvc.dll,-100 (SharedRealitySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SmsRouterSvc.dll,-10001 (SmsRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - Tempo Semiconductor Inc - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\windows.staterepository.dll,-1 (StateRepository) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBrokerSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\tokenbroker.dll,-100 (TokenBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-10003 (UnistoreSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_eda781 (UnistoreSvc_eda781) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-14001 (UserDataSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_eda781 (UserDataSvc_eda781) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\usermgr.dll,-100 (UserManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\usocore.dll,-101 (UsoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vac.dll,-200 (VacSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\icsvc.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvcext.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-901 (vmicvmsession) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvcext.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @WaaSMedicSvc.dll,-100 (WaaSMedicSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\WalletService.dll,-1000 (WalletService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\Windows.WARP.JITService.dll,-100 (WarpJITSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wfdsconmgrsvc.dll,-9000 (WFDSConMgrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\flightsettings.dll,-103 (wisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lpasvc.dll,-1000 (wlpasvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\WpcRefreshTask.dll,-100 (WpcMonSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpnservice.dll,-1 (WpnService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WpnUserService.dll,-1 (WpnUserService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Servicio de usuario de notificaciones de inserción de Windows_eda781 (WpnUserService_eda781) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\XblAuthManager.dll,-100 (XblAuthManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XblGameSave.dll,-100 (XblGameSave) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\xboxgipsvc.dll,-100 (XboxGipSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XboxNetApiSvc.dll,-100 (XboxNetApiSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
--
End of file - 36349 bytes
 

Kbite

Aprender y compartir
Administrador
En el log no veo nada malicioso,. pero si se trata de un adware normalmente estará alojado para funcionar con los navegadores, así que es importante que analices con todas estas herramientas y nos dejes en tu respuesta los informes que te generen:

Utiliza esta herramienta con todos los navegadores cerrados: AdwCleaner

Actualiza tu sistema Aquí (Utiliza el I. Explorer)

Borra todas las cookies y limpia el registro con CCleaner

Vete a Inicio- Panel de Control--> Java (si usas Java) y Elimina los temporales de Java.

Borrar archivos temporales--> Desde Inicio, Ejecutar, escribe %TEMP%, pulsa Enter y elimina todo el contenido.

Haz correr en su Modo completo el MalwareBytes Anti-Malware | Seguridad. (Actualizalo, y al acabar el escaneo elije la opción Eliminar, después guarda el report y lo pegas)

Ademas, haz un Scan Online: Antivirus Online

** Debes usar el Internet Explorer y aceptar los ActiveX

** Le indicas que elimine lo que te detecte.

Nos copias ese reporte, el del Malwarebytes Antimalware junto con el de AdwCleaner. Nos comentas si se resolvió el problema.

Saludos, Kbite
 

Garci_67

Miembro
Miembro
Pasos del 1 al 6 hechos.
Insertar CODE, HTML o PHP:
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-11-05.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-05-2018
# Duration: 00:00:10
# OS:      Windows 10 Home
# Scanned:  32052
# Detected: 6

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy             HKLM\Software\Classes\mpybrowser
PUP.Optional.Legacy             HKLM\Software\Classes\mipony
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\x-plarium.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\soldiersinc.x-plarium.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\x-plarium.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\soldiersinc.x-plarium.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

AdwCleaner[S00].txt - [5167 octets] - [04/11/2018 12:32:51]
AdwCleaner[C00].txt - [4897 octets] - [04/11/2018 12:33:10]
AdwCleaner[S01].txt - [4854 octets] - [04/11/2018 12:37:25]
AdwCleaner[C01].txt - [4696 octets] - [04/11/2018 12:37:43]
AdwCleaner[S02].txt - [4976 octets] - [04/11/2018 12:41:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
Despues del reinicio de limpieza.
Insertar CODE, HTML o PHP:
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-11-05.1 (Cloud)
# Support:  Customer Support & Help Center
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-05-2018
# Duration: 00:00:04
# OS:      Windows 10 Home
# Cleaned:  6
# Failed:  0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.


***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted      HKLM\Software\Classes\mpybrowser
Deleted      HKLM\Software\Classes\mipony
Deleted      HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\x-plarium.com
Deleted      HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\soldiersinc.x-plarium.com
Deleted      HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\x-plarium.com
Deleted      HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\soldiersinc.x-plarium.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

**** [ Firefox URLs ] *****


No malicious Firefox URLs cleaned.

*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5167 octets] - [04/11/2018 12:32:51]
AdwCleaner[C00].txt - [4897 octets] - [04/11/2018 12:33:10]
AdwCleaner[S01].txt - [4854 octets] - [04/11/2018 12:37:25]
AdwCleaner[C01].txt - [4696 octets] - [04/11/2018 12:37:43]
AdwCleaner[S02].txt - [4976 octets] - [04/11/2018 12:41:03]
AdwCleaner[S03].txt - [2583 octets] - [05/11/2018 11:36:34]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
Reporte de Malwarebites.
Insertar CODE, HTML o PHP:
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del evento de protección: 5/11/18
Hora del evento de protección: 12:08
Archivo de registro: 99eb6f9a-e019-11e8-aff8-20256446277a.json
-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.482
Versión del paquete de actualización: 1.0.7687
Licencia: Premium
-Información del sistema-
SO: Windows 10 (Build 17134.376)
CPU: x64
Sistema de archivos: NTFS
Usuario: System
-Detalles del malware bloqueado-
Archivo: 1
PUP.Optional.BundleInstaller, C:\Users\garci\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\bitcomet_setup (1).exe, En cuarentena, [417], [590723],1.0.7687

(end)
 

Garci_67

Miembro
Miembro
Hecho el punto 7 ha detectado esto:
C:\Users\garci\AppData\Roaming\Microsoft\Windows\Recent\http--krsk.chita-nashdom.ru-reemphasizesum.html.lnk LNK/URL.B Troyano
Lo he eliminado y ya no aparece.Ahora parece limpio,no?
 

Kbite

Aprender y compartir
Administrador
Si no te aparece el aviso de tu antivirus señal de que se ha limpiado todo. Fíjate que, además de la línea que has dejado del OnLine, el Malwarebytes ha puesto en su cuarentena el ejecutable del Bitcomet que tenías en Descargas por considerarlo malicioso:
Insertar CODE, HTML o PHP:
PUP.Optional.BundleInstaller, C:\Users\garci\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\bitcomet_setup (1).exe, En cuarentena, [417], [590723],1.0.7687
Por lo que creo que ahora tu sistema está limpio, algo que ya nos confirmarás para dar el tema por solucionado.

Saludos, Kbite
 

Garci_67

Miembro
Miembro
Kbite. Pues el PC va perfecto,no hace nada extraño. Como al parecer el bitcomet ahora mi antivirus lo considera peligroso,he desistido en volver a instalarlo y lo he cambiado por qbittorrent,por lo que si quereis poder dar el asunto como soluciondo. Mil gracias.
 
Estado
Cerrado para nuevas respuestas

Arriba Pie