Buenos dias y gracias por sus aportes, tengo CHrome muy muy lento al abrir paginas y el pc muy lento , aplique ComboFix y me salio este informe. Desde ya muchas gracias ,…
ComboFix 19-11-04.01 - User 25-12-2019 10:16:24.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.56.3082.18.1917.610 [GMT -3:00]
Running from: c:\users\User\Downloads\ComboFix.exe
SP: Spybot - Search and Destroy *Disabled/Outdated* {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - Windows: deleted 192 bytes in 1 streams. [/i]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\windows\wininit.ini
.
Infected copy of c:\windows\system32\userinit.exe was found and disinfected
Restored copy from - c:\combofix\HarddiskVolumeShadowCopy5_!Windows!System32!userinit.exe
.
.
((((((((((((((((((((((((( Files Created from 2019-11-25 to 2019-12-25 )))))))))))))))))))))))))))))))
.
.
2019-12-25 13:33 . 2019-12-25 13:33 -------- d-----w- c:\users\Public\AppData\Local\temp
2019-12-25 13:33 . 2019-12-25 13:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2019-12-19 11:21 . 2019-12-19 11:21 -------- d-----w- C:\Atomic Email Hunter
2019-12-19 11:19 . 2019-12-20 10:32 -------- d-----w- c:\users\User\AppData\Roaming\AtomPark
2019-12-19 10:23 . 2019-12-19 10:29 -------- d-----w- c:\users\User\AppData\Local\Molura_WickedSocialProfit
2019-12-17 19:30 . 2019-12-17 19:30 43856 ----a-w- c:\windows\system32\DbxSvc.exe
2019-12-17 19:30 . 2019-12-17 19:30 36848 ----a-w- c:\windows\system32\drivers\dbx-stable.sys
2019-12-17 19:30 . 2019-12-17 19:30 36848 ----a-w- c:\windows\system32\drivers\dbx-dev.sys
2019-12-17 19:30 . 2019-12-17 19:30 36848 ----a-w- c:\windows\system32\drivers\dbx-canary.sys
2019-12-11 09:54 . 2019-11-15 01:58 123904 ----a-w- c:\windows\system32\poqexec.exe
2019-12-11 09:52 . 2019-11-28 03:29 99840 ----a-w- c:\windows\system32\sspicli.dll
2019-12-02 19:17 . 2019-12-02 19:17 387320 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\ACEOLEDB.DLL
2019-12-02 19:17 . 2019-12-02 19:17 2203384 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\ACECORE.DLL
2019-11-28 18:55 . 2019-11-28 18:55 -------- d-----w- C:\testintel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2019-12-25 13:42 . 2019-12-25 13:42 0 ---ha-w- c:\users\User\AppData\Local\BIT3363.tmp
2019-12-25 01:22 . 2019-12-25 01:22 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{47ACA493-CC7C-4A70-98DA-737F2FA80B0E}\offreg.3388.dll
2019-12-23 19:33 . 2019-12-23 19:33 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{47ACA493-CC7C-4A70-98DA-737F2FA80B0E}\offreg.3868.dll
2019-12-23 16:33 . 2019-12-23 16:33 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{47ACA493-CC7C-4A70-98DA-737F2FA80B0E}\offreg.3504.dll
2019-12-19 21:41 . 2019-12-19 21:40 69801720 ----a-w- c:\users\User\AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe
2019-12-18 00:27 . 2015-08-19 23:16 842296 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2019-12-18 00:27 . 2015-08-19 23:16 175160 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2019-12-07 03:18 . 2019-12-23 09:51 11954232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{47ACA493-CC7C-4A70-98DA-737F2FA80B0E}\mpengine.dll
2019-11-28 03:40 . 2019-12-11 09:52 5120 ----a-w- c:\windows\system32\drivers\es-ES\srv.sys.mui
2019-11-28 03:29 . 2019-12-11 09:52 172032 ----a-w- c:\windows\system32\wdigest.dll
2019-11-28 03:29 . 2019-12-11 09:52 171008 ----a-w- c:\windows\system32\winsrv.dll
2019-11-28 03:02 . 2019-12-11 09:53 2407424 ----a-w- c:\windows\system32\win32k.sys
2019-11-26 20:22 . 2019-12-11 09:53 532192 ----a-w- c:\windows\system32\winload.exe
2019-11-19 07:05 . 2019-12-11 09:53 4387840 ----a-w- c:\windows\system32\wininet.dll
2019-11-16 19:44 . 2019-11-16 19:44 85248 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2019-11-16 19:44 . 2019-11-16 19:44 72576 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2019-11-16 19:44 . 2019-11-16 19:44 51456 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2019-11-16 19:44 . 2019-11-16 19:44 26496 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2019-11-16 19:44 . 2019-11-16 19:44 19456 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2019-11-16 19:44 . 2019-11-16 19:44 168960 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2019-11-16 19:44 . 2019-11-16 19:44 860928 ----a-w- c:\windows\system32\drivers\mod7700.sys
2019-11-16 19:44 . 2019-11-16 19:44 27136 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2019-11-16 19:44 . 2019-11-16 19:44 208896 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2019-11-16 19:44 . 2019-11-16 19:44 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2019-11-16 19:44 . 2019-11-16 19:44 106880 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2019-11-16 19:44 . 2019-11-16 19:44 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2019-11-16 19:44 . 2015-08-20 00:12 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2019-11-16 19:44 . 2015-08-20 00:12 1461992 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01009.dll
2019-11-16 19:44 . 2015-08-20 00:12 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2019-11-16 19:44 . 2015-08-20 00:12 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2019-11-15 01:59 . 2019-12-11 09:53 33280 ----a-w- c:\windows\system32\WcsPlugInService.dll
2019-11-12 21:03 . 2015-08-27 23:07 613944 ------w- c:\windows\system32\MpSigStub.exe
2019-11-05 21:29 . 2019-11-13 18:02 164064 ----a-w- c:\windows\system32\drivers\msrpc.sys
2019-11-05 21:29 . 2019-11-13 18:02 106936 ----a-w- c:\windows\system32\consent.exe
2019-11-05 21:25 . 2019-11-13 18:02 266752 ----a-w- c:\windows\system32\upnphost.dll
2019-11-05 21:25 . 2019-11-13 18:02 628224 ----a-w- c:\windows\system32\usp10.dll
2019-11-05 21:25 . 2019-11-13 18:02 83968 ----a-w- c:\windows\system32\userenv.dll
2019-11-05 21:25 . 2019-11-13 18:02 573440 ----a-w- c:\windows\system32\netlogon.dll
2019-11-05 21:25 . 2019-11-13 18:02 175104 ----a-w- c:\windows\system32\netcorehc.dll
2019-11-05 21:25 . 2019-11-13 18:02 337408 ----a-w- c:\windows\system32\msihnd.dll
2019-11-05 21:25 . 2019-11-13 18:02 25600 ----a-w- c:\windows\system32\msimsg.dll
2019-11-05 21:25 . 2019-11-13 18:02 2368000 ----a-w- c:\windows\system32\msi.dll
2019-11-05 21:25 . 2019-11-13 18:01 4608 ----a-w- c:\windows\system32\msimg32.dll
2019-11-05 21:25 . 2019-11-13 18:02 46080 ----a-w- c:\windows\system32\mf3216.dll
2019-11-05 21:25 . 2019-11-13 18:02 502784 ----a-w- c:\windows\system32\iphlpsvc.dll
2019-11-05 21:24 . 2019-11-13 18:02 1005056 ----a-w- c:\windows\system32\cryptui.dll
2019-11-05 21:24 . 2019-11-13 18:02 88576 ----a-w- c:\windows\system32\AxInstSv.dll
2019-11-05 21:24 . 2019-11-13 18:02 1806848 ----a-w- c:\windows\system32\authui.dll
2019-11-05 21:24 . 2019-11-13 18:02 47104 ----a-w- c:\windows\system32\appinfo.dll
2019-11-05 21:12 . 2019-11-13 18:02 1312256 ----a-w- c:\windows\system32\msjet40.dll
2019-11-05 21:03 . 2019-11-13 18:02 23552 ----a-w- c:\windows\system32\upnpcont.exe
2019-11-05 21:03 . 2019-11-13 18:02 45056 ----a-w- c:\windows\system32\udhisapi.dll
2019-11-05 20:57 . 2019-11-13 18:02 57856 ----a-w- c:\windows\system32\AxInstUI.exe
2019-11-05 20:57 . 2019-11-13 18:02 73216 ----a-w- c:\windows\system32\msiexec.exe
2019-11-05 19:43 . 2019-11-13 18:02 1251840 ----a-w- c:\windows\system32\DWrite.dll
2019-11-05 19:43 . 2019-11-13 18:02 910336 ----a-w- c:\windows\system32\FntCache.dll
2019-10-11 02:22 . 2019-10-18 17:35 292352 ----a-w- c:\windows\system32\sipnotify.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2019-05-07 19:21 343888 ----a-w- c:\program files\Dropbox\Client\DropboxExt.27.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2019-05-07 19:21 343888 ----a-w- c:\program files\Dropbox\Client\DropboxExt.27.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2019-05-07 19:21 343888 ----a-w- c:\program files\Dropbox\Client\DropboxExt.27.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2019-05-07 19:21 343888 ----a-w- c:\program files\Dropbox\Client\DropboxExt.27.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2019-05-07 19:21 343888 ----a-w- c:\program files\Dropbox\Client\DropboxExt.27.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2019-05-07 19:21 343888 ----a-w- c:\program files\Dropbox\Client\DropboxExt.27.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2019-05-07 19:21 343888 ----a-w- c:\program files\Dropbox\Client\DropboxExt.27.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2019-05-07 19:21 343888 ----a-w- c:\program files\Dropbox\Client\DropboxExt.27.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2019-05-07 19:21 343888 ----a-w- c:\program files\Dropbox\Client\DropboxExt.27.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2019-05-07 19:21 343888 ----a-w- c:\program files\Dropbox\Client\DropboxExt.27.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"="c:\program files\CCleaner\CCleaner.exe" [2019-10-15 18458752]
"uTorrent"="c:\users\User\AppData\Roaming\uTorrent\uTorrent.exe" [2019-11-06 2005224]
"Skype for Desktop"="c:\program files\Microsoft\Skype for Desktop\Skype.exe" [2019-12-13 91503464]
"MzCPUAccelerator"="c:\program files\Mz Ultimate Tools\Mz CPU Accelerator\MzCPUAccelerator.exe" [2010-12-19 272384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 167424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 144384]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2018-04-20 6788032]
"Dropbox"="c:\program files\Dropbox\Client\Dropbox.exe" [2019-12-17 6268224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SDWinLogon]
SDWinLogon.dll [BU]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^UuZUAsExBFN0L5HGCNDaNGHJD08324I0NJaK33.LNK]
path=c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UuZUAsExBFN0L5HGCNDaNGHJD08324I0NJaK33.LNK
backup=c:\windows\pss\UuZUAsExBFN0L5HGCNDaNGHJD08324I0NJaK33.LNK.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsMon00]
2010-02-09 19:43 2621440 ------r- c:\program files\Browny02\Brother\BrStMonW.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2008-12-24 13:26 114688 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
2019-12-17 19:31 6268224 ----a-w- c:\program files\Dropbox\Client\Dropbox.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2018-01-22 07:24 261944 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R0 uezndl;uezndl; [x]
R2 Banda Ancha Movil. RunOuc;Banda Ancha Movil. OUC;c:\program files\Banda Ancha Movil\UpdateDog\ouc.exe [2019-11-16 218624]
R2 dbupdate;Servicio de Actualización de Dropbox (dbupdate);c:\program files\Dropbox\Update\DropboxUpdate.exe [2016-06-13 143144]
R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2010-01-25 245760]
R3 BthAudioHF;Servicio BthAudioHF;c:\windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 43008]
R3 dbupdatem;Servicio de Actualización de Dropbox (dbupdatem);c:\program files\Dropbox\Update\DropboxUpdate.exe [2016-06-13 143144]
R3 dbx;dbx;c:\windows\system32\DRIVERS\dbx.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2019-11-16 102784]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files\Google\Chrome\Application\79.0.3945.88\elevation_service.exe [2019-12-14 959984]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2019-11-19 104960]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2015-01-16 18944]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 TSVAD_PCM;Wirecast Virtual Microphone Driver;c:\windows\system32\drivers\tsvadpcm.sys [2016-03-16 28432]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys [2017-05-04 52680]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2015-09-08 104096]
S1 XQHDrv;BigNox Service;c:\windows\system32\DRIVERS\XQHDrv.sys [2015-09-08 203424]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2017-01-30 143776]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe [2019-12-17 43856]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDeviceService.exe [2010-11-16 264704]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2018-04-20 3892256]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2018-04-20 3943664]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2018-02-06 233712]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2019-11-16 208896]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2019-11-16 72576]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
bthaudiosvc REG_MULTI_SZ HFGService
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2019-12-19 21:48 1924080 ----a-w- c:\program files\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2019-05-03 02:33 328240 ----a-w- c:\program files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contents of the 'Scheduled Tasks' folder
.
2019-12-25 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2016-06-13 18:53]
.
2019-12-25 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2016-06-13 18:53]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://go.microsoft.com
mStart Page = about:blank
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: Interfaces\{00AF1559-75B9-4319-BE29-44DD52DA2D8B}: NameServer = 190.110.138.46 190.110.138.47
TCP: Interfaces\{04D3BCD8-2DA4-4B42-85E4-627D4F81F69F}: NameServer = 190.110.138.46 190.110.138.47
TCP: Interfaces\{7ABD77A9-B23C-4348-882F-B5DB2446A38F}: NameServer = 190.110.154.67 190.110.138.47
TCP: Interfaces\{99335D73-35D6-4E59-8469-DCCCB33E6BF7}: NameServer = 190.110.138.46 190.110.138.47
TCP: Interfaces\{E70E4B53-99C6-409E-8DAA-D8B4649C3C0A}: NameServer = 190.110.154.67 190.110.138.47
DPF: {0696CFB4-3B70-4235-BEBE-AFDE57DF1EB1} - hxxp://www.sebra.cl/cabs/BcsAdmEcuRunVBS.CAB
DPF: {193A7C00-1FF6-4BDB-A29D-701108D9D07B} - hxxp://www.sebra.cl/cabs/BcsNegEcuSys.CAB
DPF: {399955CC-F282-4346-B182-0E9ED6174D7D} - hxxp://www.sebra.cl/ecutop00.cab?cb=179775416
DPF: {3C858638-D3FF-4F45-85BF-679A9A8B6199} - hxxp://www.sebra.cl/cabs/BcsNegACPrecios.cab
DPF: {41AB50DE-F6C0-4147-98D6-E9740316B696} - hxxp://www.sebra.cl/cabs/BcsNegUTMontos.cab
DPF: {575FEBF8-33E1-4F3F-B39F-9676459B7C88} - hxxp://www.sebra.cl/cabs/BcsNegUTNoticias.cab
DPF: {6142AD07-D6F9-41EE-B6CD-69AA9A31E872} - hxxp://www.sebra.cl/cabs/BcsNegUTIndices.cab
DPF: {73066ED9-668A-44D1-BF26-31F33E63DC1B} - hxxp://www.sebra.cl/cabs/BcsNegBOMontos.cab
DPF: {7BD8E4E9-FCD3-47C2-8FF2-71DAEC2FB5AE} - hxxp://www.sebra.cl/cabs/BcsNegUTGrafGen.cab
DPF: {A00C2653-6679-4B99-B5CD-96EB17004DB0} - hxxp://www.sebra.cl/cabs/BcsAdmCambioCredencial.cab
DPF: {A54580CD-18F7-4D0B-BB48-8288CC015329} - hxxp://www.sebra.cl/cabs/BcsNegUTGrafSrv.cab
DPF: {B4DEBCA0-C203-49BC-BADC-75A7C45AA237} - hxxp://www.sebra.cl/cabs/BcsNegUTTraspasos.cab
DPF: {F865A038-6DC3-4142-9E09-29FC446A4CD3} - hxxp://www.sebra.cl/cabs/BcsAdmEcuJavaLoad.cab
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\r9n9sjsj.default-1547513079257\
FF - prefs.js: browser.search.selectedEngine - Default Search Engine
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
c:\windows\system32\taskhost.exe
c:\program files\Google\Update\1.3.35.422\GoogleCrashHandler.exe
c:\programdata\Banda Ancha Movil\OnlineUpdate\ouc.exe
c:\program files\TeamViewer\TeamViewer_Service.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2019-12-25 10:47:07 - machine was rebooted
ComboFix-quarantined-files.txt 2019-12-25 13:47
ComboFix2.txt 2018-02-02 19:40
.
Pre-Run: 190.023.565.312 bytes libres
Post-Run: 189.747.331.072 bytes libres
.
- - End Of File - - FF0B55513246EE323574BE00FCAA30E3
A36C5E4F47E84449FF07ED3517B43A31