Hola amigos (as),antes que todo sigo su pagina desde hace varios años y no hay nada mejor que Uds,no me había logeado pero ya fue tiempo de hacerlo. Después de estar en la página “intercambios virtuales” me recomendó buscar un programa en un buscador ruso…y ahí se me vino el problema he usado en algunas ocasiones el HiJackThis ,muchas en realidad,pero en Windows XP y 7 ,siempre con precaución e investigando cada ítem antes de borrar,pero ahora preferiría ayuda experta para esto tengo Windows 10 y dio este log a continuación espero que me puedan ayudar
Saludos
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.11
Platform: x64 Windows 10 (Home Single Language), 10.0.17134.471 (ReleaseId: 1803), Service Pack: 0
Time: 23.12.2018 - 14:07 (UTC-03:00)
Language: OS: Spanish (0x80A). Display: Spanish (0x80A). Non-Unicode: Spanish (0x340A)
Elevated: Yes
Ran by: arnold (group: Administrator) on LAPTOP-279BD6ED, FirstRun: no
Edge: 11.0.17134.471
Internet Explorer: 11.0.17134.1
Default: "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
1 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
1 C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
1 C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
1 C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
1 C:\Program Files\AMD\CNext\CNext\cnext.exe
1 C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
1 C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
1 C:\Program Files\Elantech\ETDCtrl.exe
1 C:\Program Files\Elantech\ETDCtrlHelper.exe
1 C:\Program Files\Elantech\ETDService.exe
1 C:\Program Files\Elantech\ETDTouch.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\Users\arnal\Downloads\HiJackThis.exe
2 C:\Windows\SysWOW64\svchost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DbxSvc.exe
8 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\atieclxx.exe
1 C:\Windows\System32\atiesrxx.exe
1 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\browser_broker.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\notepad.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
70 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
8 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
2 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://hp15-comm.msn.com/?pc=HRTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Bar] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Page] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Search: [Default_Search_URL] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://hp15-comm.msn.com/?pc=HRTE
R0 - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://hp15-comm.msn.com/?pc=HRTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main: [SearchAssistant] = www.google.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}: [URL] = https://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tsrc=301&p_w=y0w50&q={searchTerms} - GMX - Enhanced by Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [SuggestionsURL] = https://ie.search.yahoo.com/os?appid=ie8&command={searchTerms} - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [TopResultURL] = - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [URL] = https://cl.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__171229__yaie&p={searchTerms} - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{c2b8e594-d284-ef0b-2c66-48a9c98914bc}: [URL] = https://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tsrc=301&p_w=y0w50&q={searchTerms} - GMX - Enhanced by Google
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 skipittok.com
O1 - Hosts: 0.0.0.0 telemetry.malwarebytes.com
O1 - Hosts: 0.0.0.0 anchorfree.net
O1 - Hosts: 0.0.0.0 rss2search.com
O1 - Hosts: 0.0.0.0 techbrowsing.com
O1 - Hosts: 0.0.0.0 box.anchorfree.net
O1 - Hosts: 0.0.0.0 www.mefeedia.com
O1 - Hosts: 0.0.0.0 www.anchorfree.net
O1 - Hosts: 0.0.0.0 www.mefeedia.com
O1 - Hosts: 0.0.0.0 anchorfree.us
O1 - Hosts: 0.0.0.0 a433.com
O1 - Hosts: 0.0.0.0 anchorfree.net
O1 - Hosts: 0.0.0.0 rpt.anchorfree.net
O1 - Hosts: 0.0.0.0 delivery.anchorfree.us/land.php
O1 - Hosts: 0.0.0.0 hsselite.com
O1 - Hosts: 0.0.0.0 www.hsselite.com
O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKCU\..\StartupApproved\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (2018/03/23)
O4 - HKLM\..\Run: [ETDCtrl] = C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [StartCN] = c:\Program Files\AMD\CNext\CNext\cnext.exe atlogon
O4 - HKLM\..\Session Manager: [BootExecute] = C:\WINDOWS\system32\sdnclean64.exe
O4 - HKLM\..\StartupApproved\Run32: [CanonQuickMenu] = C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon (2017/12/14)
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2018/03/23)
O4 - HKLM\..\StartupApproved\Run32: [HPMessageService] = C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (2018/03/23)
O4 - HKLM\..\StartupApproved\Run32: [PowerDVD14Agent] = C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (2017/12/14)
O4 - HKLM\..\StartupApproved\Run: [BtServer] = C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe (2018/03/23)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft) (2018/03/23)
O4 - HKLM\..\StartupApproved\Run: [WindowsDefender] = C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft) (2018/03/23)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - User Startup: C:\Users\arnal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bvubbcij.lnk -> (lnk is corrupted)
O4-32 - HKLM\..\Run: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Ejecuta Comprobación de red de HP, que le ayuda a resolver problemas de conexión - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Comprobación de red de HP - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O17 - DHCP DNS 1: 200.83.1.4
O17 - DHCP DNS 2: 190.160.0.14
O17 - DHCP DNS 3: 200.30.192.15
O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O22 - Task (.job): (Not scheduled) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (Not scheduled) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task (.job): HPCeeScheduleForarnal.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForarnal (null)
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service R2: AdaptiveSleepService - c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service R2: BTDevManager - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Elan Service - (ETDService) - C:\Program Files\Elantech\ETDService.exe
O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service R2: HPWMISVC - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R2: Servicio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service R2: WC Assistant - (WCAssistantService) - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service S2: Servicio de Actualización de Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: tbaseprovisioning - C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Cyberlink RichVideo64 Service(CRVS) - (RichVideo64) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service S3: HP Software Framework Service - (hpqwmiex) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servicio de Actualización de Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
Debug information:
- 23.12.2018 13:44:50 - modFile.OpenW - #0 LastDllError = 32 (El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.) Cannot open file: C:\Users\arnal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bvubbcij.lnk
--
End of file - Time spent: 50,1 sec. - 33406 bytes, CRC32: FFFFFFFF. Sign: ꂣꬂ