Hola a todos! ¿Cómo están?
Desde hace un tiempo que cuando realizo alguna búsqueda en Google, Bing, Yahoo me aparecen unas publicidades extrañas. Intenté varias cosas, siguiendo los temas similares, para quitarlas pero por el momento no pude. Detallo lo que hice y adjunto los logs:
- Instalé el Malwarebytes, lo ejecuté y limpié lo que me sugirió
- Instalé el Spybot, lo ejecuté y limpié todo
- Instalé el ZHPCleaner (no lo entendí muy bien) pero corrí y limpié lo que me sugirió (en este caso se solucionó el problema, pero cuando reinicié la notebook volvieron a a parecer las publicidades), lo probé varias veces y siempre lo mismo.
- Hice los analisis con el Fabra Recovery Scan Tool y el Hijackthis
El sistema operativo es Windows 10, y el problema ocurre tanto en Chrome como en Edge.
Ultimo log Malwarebytes
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 5/1/21
Hora del análisis: 20:28
Archivo de registro: a688ef60-4fad-11eb-803f-f875a470bb39.json
-Información del software-
Versión: 4.3.0.98
Versión de los componentes: 1.0.1130
Versión del paquete de actualización: 1.0.35335
Licencia: Gratis
-Información del sistema-
SO: Windows 10 (Build 18362.1256)
CPU: x64
Sistema de archivos: NTFS
Usuario: GUILLERMO-NTB\guill
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 670058
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 5 hr, 43 min, 14 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Log Spybot
Search results from Spybot - Search & Destroy
6/1/2021 02:40:28
Scan took 00:17:45.
12 items found.
CasaleMedia: [SBI $ASBRCOOK] Tracking cookie (Internet Explorer (User): guill) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=http://forums.spybot.info/forumdisplay.php?54
DoubleClick: [SBI $ASBRCOOK] Tracking cookie (Internet Explorer (User): guill) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=http://forums.spybot.info/forumdisplay.php?54
DoubleClick: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=http://forums.spybot.info/forumdisplay.php?54
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4202004038-1327707918-1336093133-1001\Software\Microsoft\Microsoft Management Console\Recent File List
Category=Tracks
ThreatLevel=2
Weblink=http://forums.spybot.info/forumdisplay.php?54
Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4202004038-1327707918-1336093133-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Category=Tracks
ThreatLevel=2
Weblink=http://forums.spybot.info/forumdisplay.php?54
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4202004038-1327707918-1336093133-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Category=Tracks
ThreatLevel=2
Weblink=http://forums.spybot.info/forumdisplay.php?54
Cookie: [SBI $BCOOKIES] Browser: Cookie (32) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=http://forums.spybot.info/forumdisplay.php?54
Cache: [SBI $BCACHE00] Browser: Cache (202) (Browser: Cache, nothing done)
Category=Browser
ThreatLevel=1
Weblink=http://forums.spybot.info/forumdisplay.php?54
History: [SBI $BHISTORY] Browser: History (37) (Browser: History, nothing done)
Category=Browser
ThreatLevel=1
Weblink=http://forums.spybot.info/forumdisplay.php?54
Cookie: [SBI $BCOOKIES] Browser: Cookie (268) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=http://forums.spybot.info/forumdisplay.php?54
Cache: [SBI $BCACHE00] Browser: Cache (9375) (Browser: Cache, nothing done)
Category=Browser
ThreatLevel=1
Weblink=http://forums.spybot.info/forumdisplay.php?54
History: [SBI $BHISTORY] Browser: History (263) (Browser: History, nothing done)
Category=Browser
ThreatLevel=1
Weblink=http://forums.spybot.info/forumdisplay.php?54
--- Spybot - Search & Destroy version: 2.7.64.131 DLL (build: 20180214) ---
2018-04-20 blindman.exe (2.7.64.152)
2018-04-20 explorer.exe (2.7.64.191)
2018-02-06 SDBootCD.exe (2.7.64.109)
2018-04-20 SDCleaner.exe (2.7.64.110)
2018-04-20 SDDelFile.exe (2.7.64.94)
2018-04-20 SDFiles.exe (2.7.64.137)
2018-04-20 SDFileScanHelper.exe (2.7.64.7)
2018-04-20 SDFSSvc.exe (2.7.64.219)
2018-04-20 SDHelp.exe (2.7.64.1)
2018-02-06 SDHookHelper.exe (2.7.64.2)
2018-02-06 SDHookInst32.exe (2.7.64.2)
2018-02-06 SDHookInst64.exe (2.7.64.2)
2018-04-20 SDImmunize.exe (2.7.64.133)
2018-04-20 SDLogReport.exe (2.7.64.107)
2018-04-20 SDOnAccess.exe (2.7.64.12)
2018-04-20 SDPESetup.exe (2.7.64.3)
2018-04-20 SDPEStart.exe (2.7.64.86)
2018-04-20 SDPhoneScan.exe (2.7.64.29)
2018-04-20 SDPRE.exe (2.7.64.22)
2018-02-06 SDPrepPos.exe (2.7.64.15)
2018-04-20 SDQuarantine.exe (2.7.64.103)
2018-02-06 SDRootAlyzer.exe (2.7.64.116)
2018-02-06 SDSBIEdit.exe (2.7.64.39)
2018-04-20 SDScan.exe (2.7.64.191)
2018-02-06 SDScript.exe (2.7.64.54)
2018-04-20 SDSettings.exe (2.7.64.139)
2018-04-20 SDShell.exe (2.7.64.2)
2018-02-06 SDShred.exe (2.7.64.108)
2018-02-06 SDSysRepair.exe (2.7.64.102)
2018-02-06 SDTools.exe (2.7.64.157)
2018-04-20 SDTray.exe (2.7.64.129)
2018-04-20 SDUpdate.exe (2.7.64.98)
2018-04-20 SDUpdSvc.exe (2.7.64.82)
2018-08-08 SDUpgrade.exe (2.7.65.0)
2018-04-20 SDWelcome.exe (2.7.64.131)
2018-02-06 SDWSCSvc.exe (2.7.64.3)
2020-01-15 spybotsd2-install-bdcore-update-2020a.exe (2.8.67.0)
2021-01-05 unins000.exe (51.1052.0.0)
2017-11-28 xcacls.exe
2017-11-28 borlndmm.dll (10.0.2288.42451)
2018-01-29 DelZip190.dll (1.9.0.119)
2018-01-29 DelZip192.dll (1.9.2.136)
2018-01-29 libeay32.dll (1.0.2.14)
2017-11-28 libssl32.dll (1.0.0.4)
2018-02-06 NotificationSpreader.dll (2.7.64.4)
2018-04-20 SDAdvancedCheckLibrary.dll (2.7.64.98)
2018-04-20 SDAV.dll (2.4.40.7)
2018-02-06 SDECon32.dll (2.7.64.114)
2018-03-23 SDECon64.dll (2.7.64.113)
2018-02-06 SDEvents.dll (2.7.64.2)
2018-04-20 SDFileScanLibrary.dll (2.7.64.24)
2018-02-06 SDHook32.dll (2.7.64.2)
2018-02-06 SDHook64.dll (2.7.64.2)
2018-04-20 SDImmunizeLibrary.dll (2.7.64.3)
2018-04-20 SDLicense.dll (2.7.64.3)
2018-04-20 SDLists.dll (2.7.64.8)
2018-02-06 SDResources.dll (2.7.64.7)
2018-04-20 SDScanLibrary.dll (2.7.64.131)
2018-04-20 SDTasks.dll (2.7.64.15)
2018-02-06 SDWinLogon.dll (2.7.64.0)
2018-01-29 sqlite3.dll (3.22.0.0)
2018-01-29 ssleay32.dll (1.0.2.14)
2018-02-06 Tools.dll (2.7.64.36)
2019-07-03 Includes\Adware-000.sbi (*)
2018-09-24 Includes\Adware-001.sbi (*)
2018-09-24 Includes\Adware-002.sbi (*)
2018-09-24 Includes\Adware-003.sbi (*)
2020-12-30 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2017-11-28 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2018-06-20 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2017-01-30 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2016-07-06 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2018-04-04 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2016-05-27 Includes\Keyloggers-000.sbi (*)
2020-04-01 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2018-04-12 Includes\Malware-002.sbi (*)
2019-11-20 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2020-12-23 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2014-01-13 Includes\MalwareC.sbi (*)
2018-05-02 Includes\PUPS-000.sbi (*)
2020-12-07 Includes\PUPS-001.sbi (*)
2018-05-02 Includes\PUPS-002.sbi (*)
2018-05-02 Includes\PUPS-003.sbi (*)
2018-05-02 Includes\PUPS-004.sbi (*)
2020-12-30 Includes\PUPS-C.sbi (*)
2014-01-13 Includes\PUPS.sbi (*)
2014-01-13 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2018-08-01 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2020-07-29 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2017-06-28 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2017-10-25 Includes\Trojans-002.sbi (*)
2016-01-20 Includes\Trojans-003.sbi (*)
2018-11-28 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2015-03-31 Includes\Trojans-006.sbi (*)
2017-12-01 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2018-11-28 Includes\Trojans-009.sbi (*)
2018-06-21 Includes\Trojans-010.sbi (*)
2020-12-30 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2016-02-03 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
Log ZHPCleaner
~ ZHPCleaner v2021.1.2.266 by Nicolas Coolman (2021/01/02)
~ Run by guill (Administrator) (05/01/2021 20:03:27)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\guill\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\guill\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 18363)
---\ Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados. (ADS)
---\ Servicios (0)
~ No malintencionados o innecesarios artículos encontrados. (Servicio)
---\ Navegadores de Internet (1)
BORRADOS dados: [X64] HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser [Bad : 0] =>.SUP.ProxyRestriction
---\ Hosts carpeta (1)
~ El archivo hosts es legítimo (21)
---\ Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados. (Tarea)
---\ Explorador ( Archivos, Carpetas ) (9)
MOVIDO carpeta: C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium
MOVIDO carpeta: C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences =>Préférences Chromium
MOVIDO carpeta: C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium
MOVIDO carpeta: C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences =>Préférences Chromium
MOVIDO carpeta: C:\Users\guill\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium
MOVIDO carpeta: C:\Users\guill\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences =>Préférences Chromium
MOVIDO carpeta: C:\Windows\Prefetch\KMSPICO-SETUP.TMP-57784C01.pf =>HackTool.KMSpico
MOVIDO carpeta: C:\Windows\Prefetch\KMSPICO-SETUP.TMP-EAA7ECE0.pf =>HackTool.KMSpico
MOVIDO carpeta: C:\Windows\SECOH-QAD.dll =>HackTool.KMSpico
---\ Registro ( Claves, Valores, Datos) (0)
~ No malintencionados o innecesarios artículos encontrados. (Register)
---\ Resumen de elementos en su estación de trabajo (3)
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.ProxyRestriction
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
---\ Limpieza adicional. (9)
~ Clave de registro Tracing borrados (9)
~ Quitar los antiguos informes de ZHPCleaner. (0)
---\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Google Chrome OK
~ Internet Explorer OK
---\ STATISTIQUES
~ Items escaneado : 1170
~ Items encontrado : 0
~ artículos cancelados : 2
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 9/16
---\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto
~ End of clean in 00h00mn41s
Log Hijackthis
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26
Platform: x64 Windows 10 (Home), 10.0.18363.1256 (ReleaseId: 1909), Service Pack: 0
Time: 06.01.2021 - 02:46 (UTC-03:00)
Language: OS: Spanish (0xC0A). Display: Spanish (0x80A). Non-Unicode: Spanish (0xC0A)
Elevated: Yes
Ran by: guill (group: Administrator) on GUILLERMO-NTB, FirstRun: yes
Chrome: 87.0.4280.88
Edge: 11.0.18362.1171
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
3 C:\Program Files (x86)\Dropbox\Client\113.3.427\QtWebEngineProcess.exe
4 C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\Avast Software\Avast\AvastSvc.exe
3 C:\Program Files\Avast Software\Avast\AvastUI.exe
1 C:\Program Files\Avast Software\Avast\aswEngSrv.exe
1 C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
1 C:\Program Files\Avast Software\Avast\aswidsagent.exe
1 C:\Program Files\Avast Software\Avast\wsc_proxy.exe
1 C:\Program Files\CCleaner\CCleaner64.exe
1 C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\McAfee\WebAdvisor\servicehost.exe
1 C:\Program Files\McAfee\WebAdvisor\uihost.exe
1 C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
1 C:\Program Files\OpenVPN\bin\openvpn-gui.exe
1 C:\Program Files\OpenVPN\bin\openvpnserv.exe
1 C:\Program Files\PowerToys\PowerToys.exe
1 C:\Program Files\PowerToys\modules\ColorPicker\ColorPickerUI.exe
1 C:\Program Files\PowerToys\modules\launcher\PowerLauncher.exe
1 C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.10.0_neutral__egxr34yet59cg\Package\QuickLook.exe
1 C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.18.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20090.1002.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2009.4.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.99.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
1 C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
1 C:\Users\guill\AppData\Local\MEGAsync\MEGAsync.exe
1 C:\Users\guill\Downloads\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
1 C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
1 C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
1 C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
2 C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
1 C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
1 C:\Windows\SysWOW64\dllhost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
1 C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
1 C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_3004658ee4d7fe24\lib\TPMProvisioningService.exe
2 C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_c8af195ee1543133\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\FMService64.exe
2 C:\Windows\System32\RtkAudUService64.exe
8 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
3 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dllhost.exe
2 C:\Windows\System32\dolbyaposvc\DAX3API.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
79 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
2 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
R1 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = http://127.0.0.1:86/
R1 - HKLM\System\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies: (default) = 0http://127.0.0.1:86/
R1 - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = http://127.0.0.1:86/
R1-32 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = http://127.0.0.1:86/
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [OPENVPN-GUI] = C:\Program Files\OpenVPN\bin\openvpn-gui.exe
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\guill\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/10/13)
O4 - HKCU\..\StartupApproved\Run: [utweb] = C:\Users\guill\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED (2020/10/13)
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\Avast Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [LogiOptions] = C:\Program Files\Logitech\LogiOptions\LogiOptions.exe /noui
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\RtkAudUService64.exe -background
O4 - HKLM\..\Session Manager: [BootExecute] = C:\Windows\system32\sdnclean64.exe
O4 - User Startup: C:\Users\guill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk -> C:\Users\guill\AppData\Local\MEGAsync\MEGAsync.exe
O4-32 - HKLM\..\Run: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup
O4-32 - HKLM\..\Run: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O6 - IE Policy: HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel - present
O9 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O9 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O9-32 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9-32 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O16-32 - DPF: HKLM\..\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\DownloadInformation: GpcContainer Class [CODEBASE] =
O17 - DHCP DNS 1: 200.42.4.210
O17 - DHCP DNS 2: 200.49.130.52
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending): MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced): MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing): MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Avast Software\Avast\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC ReadyToReboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Microsoft)
O22 - Task: (telemetry) \Lenovo\Vantage\Schedule\VantageTelemetryAddinTask - C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe VantageTelemetryAddinTask
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: Avast Emergency Update - C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: EOSv3 Scheduler onLogOn - C:\Users\guill\Downloads\esetonlinescanner.exe LOGON
O22 - Task: EOSv3 Scheduler onTime - C:\Users\guill\Downloads\esetonlinescanner.exe SCHED
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: InstallShield® Setup Engine Kernel - C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe
O22 - Task: Optimize Thumbnail Cache - C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe
O22 - Task: \Avast Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\Windows\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
O22 - Task: \Lenovo\ImController\TimeBasedEvents\02cf3e5d-041a-4913-bbda-213c65830dc8 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 02cf3e5d-041a-4913-bbda-213c65830dc8
O22 - Task: \Lenovo\ImController\TimeBasedEvents\241eb2f7-d03e-4e42-babd-f46a080c5927 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 241eb2f7-d03e-4e42-babd-f46a080c5927
O22 - Task: \Lenovo\ImController\TimeBasedEvents\336a8d64-d5a1-4ca4-8d8e-d129fe481841 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 336a8d64-d5a1-4ca4-8d8e-d129fe481841
O22 - Task: \Lenovo\ImController\TimeBasedEvents\7b4b1907-99c9-4902-abc1-d629b01e6682 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 7b4b1907-99c9-4902-abc1-d629b01e6682
O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Task: \PowerToys\Autorun for guill - C:\Program Files\PowerToys\PowerToys.exe
O22 - Task: \Safer-Networking\Spybot - Search and Destroy\Check for updates - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe /autoupdate /silent /autoclose /background
O22 - Task: \Safer-Networking\Spybot - Search and Destroy\Refresh immunization - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe /immunize /silent /autoclose
O22 - Task: \Safer-Networking\Spybot - Search and Destroy\Scan the system - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe /scan /cleanclose
O23 - Service R2: @oem0.inf,%ImcSvcDisplayName%;System Interface Foundation Service - (ImControllerService) - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\Avast Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe /runassvc
O23 - Service R2: AvastWscReporter - C:\Program Files\Avast Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: DbxSvc - C:\Windows\system32\DbxSvc.exe
O23 - Service R2: Dolby DAX API Service - (DolbyDAXAPI) - C:\Windows\system32\dolbyaposvc\DAX3API.exe
O23 - Service R2: Fortemedia APO Control Service - (FMAPOService) - C:\Windows\System32\FMService64.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
O23 - Service R2: Intel(R) Dynamic Tuning service - (esifsvc) - C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
O23 - Service R2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_3004658ee4d7fe24\lib\TPMProvisioningService.exe
O23 - Service R2: LenovoVantageService - C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_c8af195ee1543133\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_c8af195ee1543133\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: OpenVPN Interactive Service - (OpenVPNServiceInteractive) - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\RtkAudUService64.exe
O23 - Service R2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service S2: Google Update Servicio (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Servicio de Actualización de Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service S3: Google Update Servicio (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_3004658ee4d7fe24\lib\SocketHeciServer.exe
O23 - Service S3: McSecDashboardService - C:\Program Files\McAfeeDashboard\McSecDashboardService.exe
O23 - Service S3: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: OpenVPN Legacy Service - (OpenVPNServiceLegacy) - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service S3: OpenVPNService - C:\Program Files\OpenVPN\bin\openvpnserv2.exe
O23 - Service S3: Servicio de Actualización de Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
--
End of file - Time spent: 24,2 sec. - 47836 bytes, CRC32: FFFFFFFF. Sign: 쓞쓴
Los los del Fabra los agrego en respuesta a esta tema, ya que no me deja sumarlos en este por exceso de caracteres
Desde ya agradezco cualquier ayuda que me puedan brindar
Saludos!
Guillermo