ComboFix 18-08-08.01 - Usuario 23/06/2019  17:23:49.1.2 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.54.3082.18.3072.1975 [GMT -3:00]
Running from: c:\users\Usuario\Desktop\ComboFix.exe
AV: AVG Antivirus *Disabled/Updated* {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
SP: AVG Antivirus *Disabled/Updated* {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\0.bak
C:\install.exe
C:\prefs.js
c:\program files\Internet Explorer\dmlconf.dat
c:\program files\sXe Injected
c:\program files\sXe Injected\ddsxei.sys
c:\program files\sXe Injected\Injected.exe
c:\program files\sXe Injected\Injected.txt
c:\program files\sXe Injected\sXe-I EULA.txt
c:\program files\sXe Injected\sXe.dll
c:\program files\sXe Injected\uninstall.exe
c:\program files\sXe Injected\uninstall.ini
c:\programdata\ntuser.pol
c:\users\Usuario\AppData\Roaming\Origin
c:\users\Usuario\AppData\Roaming\Origin\Cloud Saves\blacklist
c:\users\Usuario\AppData\Roaming\Origin\local.xml
c:\users\Usuario\AppData\Roaming\qmiran.tmp
C:\W7LEB3.EXE
c:\w7leb3.exe\W7LEB3.EXE
c:\windows\msdownld.tmp
c:\windows\security\Database\tmp.edb
c:\windows\security\logs\scecomp.log
c:\windows\system32\DEBUG.log
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\system32\hookdll.dll
c:\windows\system32\logs
c:\windows\system32\logs\myeasylog.log
c:\windows\XSxS
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ddsxeiservice
-------\Legacy_ddsxeiservice
-------\Service_ddsxeiservice
-------\Service_ddsxeiservice
.
.
(((((((((((((((((((((((((   Files Created from 2019-05-23 to 2019-06-23  )))))))))))))))))))))))))))))))
.
.
2019-06-23 20:58 . 2019-06-23 20:58	241760	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2019-06-23 18:02 . 2019-06-23 18:02	--------	d-----w-	c:\users\Usuario\AppData\Roaming\AVG
2019-06-23 18:02 . 2019-06-23 18:10	--------	d-----w-	c:\users\Usuario\AppData\Local\Avg
2019-06-23 17:54 . 2019-06-23 17:53	311216	----a-w-	c:\windows\system32\avgBoot.exe
2019-06-23 17:54 . 2019-06-23 17:54	--------	d-----w-	c:\program files\Common Files\AVG
2019-06-23 17:51 . 2019-06-23 18:10	--------	d-----w-	c:\program files\AVG
2019-06-23 17:50 . 2019-06-23 17:54	--------	d-----w-	c:\programdata\AVG
2019-06-03 00:15 . 2019-05-20 16:59	311176	----a-w-	c:\windows\system32\aswBoot.exe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2019-06-23 06:05 . 2016-03-07 05:30	5811712	----a-w-	c:\program files\Nexus.dll
2019-06-23 04:55 . 2014-10-23 19:58	842296	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2019-06-23 04:55 . 2014-10-23 19:58	175160	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2019-06-20 13:28 . 2014-10-23 20:16	139568	----a-w-	c:\windows\system32\drivers\asw9d1c49576dcab07e.tmp
2019-06-18 00:12 . 2014-10-23 20:16	167360	----a-w-	c:\windows\system32\drivers\asw9df992dd00fa49b0.tmp
2019-05-30 18:23 . 2014-10-23 20:16	312248	----a-w-	c:\windows\system32\drivers\aswb7e9b1173f2e19bf.tmp
2019-05-20 17:00 . 2014-10-23 20:16	403680	----a-w-	c:\windows\system32\drivers\asw0ff24463434a7abb.tmp
2019-05-20 17:00 . 2014-10-23 20:16	72800	----a-w-	c:\windows\system32\drivers\asw307e23bf269f7020.tmp
2019-05-20 17:00 . 2014-10-23 20:16	100984	----a-w-	c:\windows\system32\drivers\asw00e8361ad33faace.tmp
2019-05-20 17:00 . 2018-10-22 19:21	40688	----a-w-	c:\windows\system32\drivers\aswd9698a829a4a5ad3.tmp
2019-05-20 17:00 . 2019-02-23 21:42	214736	----a-w-	c:\windows\system32\drivers\aswe4b6fbfcceb2180a.tmp
2019-05-20 16:57 . 2017-11-17 19:46	173232	----a-w-	c:\windows\system32\drivers\asw135ef74129918e6b.tmp
2019-05-20 16:57 . 2019-01-17 20:44	34488	----a-w-	c:\windows\system32\drivers\asw428b0f7d8351ae6a.tmp
2019-05-20 16:57 . 2014-10-23 20:16	783024	----a-w-	c:\windows\system32\drivers\asw6a50595becba911a.tmp
2019-05-20 16:55 . 2019-01-17 20:44	56296	----a-w-	c:\windows\system32\drivers\aswc6caaef0f98f2dc6.tmp
2019-05-20 16:55 . 2019-01-17 20:44	171520	----a-w-	c:\windows\system32\drivers\asw7b313ee693a5553a.tmp
2019-05-20 16:55 . 2019-01-17 20:47	225608	----a-w-	c:\windows\system32\drivers\aswfcf6e8cd22258154.tmp
2019-05-13 04:01 . 2018-10-09 20:57	62223112	----a-w-	c:\users\Usuario\AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe
2019-04-29 21:11 . 2019-03-20 00:46	128552	----a-w-	c:\windows\system32\drivers\mbae.sys
2019-04-21 15:53 . 2014-10-23 19:53	97144	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\
 MEGA (Pending)]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2019-06-05 19:33	621816	------w-	c:\users\Usuario\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\
 MEGA (Synced)]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2019-06-05 19:33	621816	------w-	c:\users\Usuario\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\
 MEGA (Syncing)]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2019-06-05 19:33	621816	------w-	c:\users\Usuario\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2017-09-14 16553448]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2019-04-02 645456]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2019-03-24 267576]
"Wondershare Helper Compact.exe"="c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2016-10-08 2137744]
"AVGUI.exe"="c:\program files\AVG\Antivirus\AvLaunch.exe" [2019-06-23 273840]
.
c:\users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
dmnhwdep.exe [2019-6-23 90112]
MEGAsync.lnk - c:\users\Usuario\AppData\Local\MEGAsync\MEGAsync.exe [2019-2-7 12856056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0avgBoot.exe /M:4d0966ecac /A:C: /A:*STARTUP /L:3082 /heur:80 /RA:fix /pup /archives /IA:0 /KBD:2 /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ati.EXE]
path=c:\users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ati.EXE
backup=c:\windows\pss\ati.EXE.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hide.me VPN.lnk]
path=c:\users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk
backup=c:\windows\pss\hide.me VPN.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk]
path=c:\users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk
backup=c:\windows\pss\Microsoft SharePoint Workspace.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 17:54	91520	----a-w-	c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C9627F042FF14DA7EE9FE476B40759E6870DA618._service_run]
2019-06-18 00:54	1448432	----a-w-	c:\program files\Google\Chrome\Application\chrome.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2019-02-04 18:53	14679256	------w-	c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
2019-02-04 18:53	14679256	------w-	c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Chromium]
2017-01-20 23:27	921503	----a-w-	c:\users\Usuario\AppData\Local\chromium\Application\chrome.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2014-04-28 14:26	49208	----a-w-	c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2019-03-24 13:01	267576	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]
2019-06-23 06:19	479232	----a-w-	c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
2016-06-14 20:03	2397120	----a-w-	c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
2010-03-16 05:58	718208	----a-w-	c:\program files\Microsoft Office\Office14\MSOSYNC.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2019-06-23 06:07	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 21:29	1174016	----a-w-	c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2019-06-11 02:03	25181928	------w-	c:\users\Usuario\AppData\Roaming\Spotify\Spotify.exe
.
R2 avg;%1!s! Update Servicio (avg);c:\program files\AVG\Browser\Update\AVGBrowserUpdate.exe [2019-06-23 165520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
R2 Mobizen plugin;Mobizen plugin;c:\program files\RSUPPORT\MobizenService\MobizenService.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2016704]
R3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\DRIVERS\aswTap.sys [2014-10-23 38984]
R3 avgm;%1!s! Update Servicio (avgm);c:\program files\AVG\Browser\Update\AVGBrowserUpdate.exe [2019-06-23 165520]
R3 AVGSecureBrowserElevationService;AVG Secure Browser Elevation Service;c:\program files\AVG\Browser\Application\75.0.817.82\elevation_service.exe [2019-06-11 978768]
R3 BthAvrcp;Perfil AVRCP Bluetooth;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 cpuz138;cpuz138;c:\users\Usuario\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2017-08-08 89856]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys [2016-08-10 19984]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [2009-06-27 20480]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [2009-06-25 11520]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files\Google\Chrome\Application\75.0.3770.100\elevation_service.exe [2019-06-18 954352]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-11-10 102912]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys [2014-12-29 48280]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [2014-12-29 30488]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2016-12-21 18944]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26048]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 2904000]
R3 ptun0901;TAP Adapter V9 for Private Tunnel;c:\windows\system32\DRIVERS\ptun0901.sys [2016-04-21 23040]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-06-11 15872]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-11-26 34384]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2017-05-19 147344]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [x]
R3 XDva409;XDva409;c:\windows\system32\XDva409.sys [x]
R4 PST Service;PST Service;c:\program files\Motorola\MotForwardDaemon\ForwardDaemon.exe [2011-09-02 65657]
S0 avgArDisk;avgArDisk;c:\windows\system32\drivers\avgArDisk.sys [2019-06-23 34536]
S0 avgbidsh;avgbidsh;c:\windows\system32\drivers\avgbidsh.sys [2019-06-23 172080]
S0 avgbuniv;avgbuniv;c:\windows\system32\drivers\avgbuniv.sys [2019-06-23 56344]
S0 avgRvrt;avgRvrt;c:\windows\system32\drivers\avgRvrt.sys [2019-06-23 72848]
S0 avgVmm;avgVmm;c:\windows\system32\drivers\avgVmm.sys [2019-06-23 312296]
S1 avgArPot;avgArPot;c:\windows\system32\drivers\avgArPot.sys [2019-06-23 173280]
S1 avgbidsdriver;avgbidsdriver;c:\windows\system32\drivers\avgbidsdriver.sys [2019-06-23 226168]
S1 avgKbd;avgKbd;c:\windows\system32\drivers\avgKbd.sys [2019-06-23 40744]
S1 avgRdr;avgRdr;c:\windows\system32\drivers\avgRdr2.sys [2019-06-23 101032]
S1 avgSnx;avgSnx;c:\windows\system32\drivers\avgSnx.sys [2019-06-23 783072]
S1 avgSP;avgSP;c:\windows\system32\drivers\avgSP.sys [2019-06-23 403728]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2018-06-15 23840]
S2 AVG Antivirus;AVG Antivirus;c:\program files\AVG\Antivirus\AVGSvc.exe [2019-06-23 359920]
S2 avgMonFlt;avgMonFlt;c:\windows\system32\drivers\avgMonFlt.sys [2019-06-23 139616]
S2 avgStm;avgStm;c:\windows\system32\drivers\avgStm.sys [2019-06-23 167408]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-02-01 5247944]
S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2014-04-08 137528]
S2 PaceLicenseDServices;PACE License Services;c:\program files\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-05-18 2938880]
S2 TenorshareReibootService;TenorshareReibootService;c:\program files\ReiBoot\TenorshareReibootService.exe [2017-11-09 33208]
S2 WsAppService;Wondershare Application Framework Service;c:\program files\Wondershare\WAF\2.1.6.0\WsAppService.exe [2016-01-28 388608]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2014-04-10 26032]
S3 avgbIDSAgent;avgbIDSAgent;c:\program files\AVG\Antivirus\aswidsagent.exe [2019-06-23 5632800]
S3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-20 37560]
S3 FocusriteUSB;Focusrite USB;c:\windows\system32\DRIVERS\FocusriteUSB.sys [2018-01-09 74768]
S3 FocusriteUSBAudio;Focusrite USB Audio;c:\windows\system32\drivers\FocusriteUSBAudio.sys [2018-01-09 41488]
S3 FocusriteUSBSwRoot;USB Audio Root;c:\windows\system32\DRIVERS\FocusriteUSBSwRoot.sys [2018-01-09 73232]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys [2019-06-23 241760]
S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\DRIVERS\Neo_0068.sys [2018-06-17 37576]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2016-04-14 50744]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - AVGARPOT
*NewlyCreated* - AVGRVRT
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPService	REG_MULTI_SZ   	HPSLPSVC
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{48F69C39-1356-4A7B-A899-70E3539D4982}]
2019-06-23 18:12	2336304	----a-w-	c:\program files\AVG\Browser\Application\75.0.817.82\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2019-06-21 02:14	1947632	----a-w-	c:\program files\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.ar/
mStart Page = www.google.com
uInternet Settings,ProxyOverride = 192.168.*.*;*.local
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 200.49.130.52 200.42.4.199
TCP: Interfaces\{A508071F-2FF7-4261-A35A-15E265A28C9D}: NameServer = 1.1.1.1,1.0.0.1
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
MSConfigStartUp-Clownfish - c:\program files\Clownfish\Clownfish.exe
MSConfigStartUp-CyberGhost - c:\program files\CyberGhost 5\CyberGhost.exe
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
MSConfigStartUp-Dropbox Update - c:\users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe
MSConfigStartUp-Hot Keyboard - c:\games\Hot Keyboard Pro\HotKeyb.exe
MSConfigStartUp-ioCentre - c:\genius\ioCentre\gTaskBar.exe
MSConfigStartUp-LogMeIn Hamachi Ui - c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
MSConfigStartUp-OKAYFREEDOM_Agent - c:\program files\OkayFreedom\OkayFreedomClient.exe
MSConfigStartUp-PAC7302_Monitor - c:\windows\PixArt\PAC7302\Monitor.exe
MSConfigStartUp-ShadowPlay - c:\windows\system32\nvspcap.dll
MSConfigStartUp-Steam - c:\program files\Steam\steam.exe
AddRemove-Injected Anti-cheat - c:\program files\sXe Injected\uninstall.exe
AddRemove-Keylogger Detector - c:\program files\Keylogger Detector\uninstall.exe
AddRemove-Native Instruments Massive - c:\programdata\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}\Massive Setup PC.exe
AddRemove-Native Instruments Service Center - c:\programdata\{0E511DF6-1923-4AF4-9BFD-A9426C94FCD7}\Service Center Setup PC.exe
AddRemove-PCM Reverb Random Hall 32-bit - c:\programdata\{2FFD193D-97A8-4917-AFEB-9EBD415146BD}\Setup32-bit.exe
AddRemove-{0B8565BA-BAD5-4732-B122-5FD78EFC50A9} - c:\programdata\{0E511DF6-1923-4AF4-9BFD-A9426C94FCD7}\Service Center Setup PC.exe
AddRemove-{1BFE1D3A-5BD2-43D3-A18C-2202BA8D7940} - c:\programdata\{2FFD193D-97A8-4917-AFEB-9EBD415146BD}\Setup32-bit.exe
AddRemove-{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9} - c:\programdata\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}\Massive Setup PC.exe
AddRemove-{91000001-C561-4E32-99EB-3C5AD3683A70} - c:\program files\InstallShield Installation Information\{91000001-C561-4E32-99EB-3C5AD3683A70}\setup.exe
AddRemove-UnityWebPlayer - c:\users\Usuario\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ff,ec,10,0a,b6,21,c7,45,9e,e4,b6,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ff,ec,10,0a,b6,21,c7,45,9e,e4,b6,\
.
[HKEY_USERS\S-1-5-21-3146354937-2461503630-4080536050-1000\23376324_1497899253592146_6680468813822979561_n.jpg*y*]
@Allowed: (Read) (RestrictedCode)
"cl"=dword:00000003
.
[HKEY_USERS\S-1-5-21-3146354937-2461503630-4080536050-1000\�4�
*]
@Allowed: (Read) (RestrictedCode)
"cl"=dword:00000003
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(6124)
c:\progra~1\MICROS~2\Office14\3082\GrooveIntlResource.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\AVG\Antivirus\AVGUI.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Malwarebytes\Anti-Malware\mbamtray.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Completion time: 2019-06-23  18:10:15 - machine was rebooted
ComboFix-quarantined-files.txt  2019-06-23 21:10
.
Pre-Run: 18.314.264.576 bytes libres
Post-Run: 18.120.265.728 bytes libres
.
- - End Of File - - 4F78BC3E493BAD84914A1E68851BF881
A36C5E4F47E84449FF07ED3517B43A31