Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ISUSPM.exe


  • Please log in to reply
3 replies to this topic

#1 Reseet

Reseet

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 18 January 2018 - 02:10 PM

Hi! I've issues with Installshield Update Service Scheduler.

This process starts with windows and turn on and of my internet randomly and if i shut down tis process my internet goes of until i restart my computer...

Google looks like a 2010 or older version. I use chrome but this happens in firefox and opera too and only happens with google

 

I tried with adwcleaner but i have no luck

 

In other post i see someone with the same issues (https://www.bleepingcomputer.com/forums/t/627429/installshield-isuspmexe-issues/) and i downloaded autorun.exe and this is what gave to me

"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AlternateShell"	""	""	""	"29/09/2017 10:47"	""
+ "cmd.exe"	"Procesador de comandos de Windows"	"Microsoft Corporation"	"c:\windows\system32\cmd.exe"	"23/01/1915 16:14"	""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"	""	""	""	"17/01/2018 16:47"	""
+ "RTHDVCPL"	"Realtek HD Audio Manager"	"Realtek Semiconductor"	"c:\program files\realtek\audio\hda\rtkngui64.exe"	"18/09/2017 1:50"	""
+ "SecurityHealth"	"Windows Defender notification icon"	"Microsoft Corporation"	"c:\program files\windows defender\msascuil.exe"	"26/09/1920 15:44"	""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"	""	""	""	"26/12/2017 19:05"	""
+ "LogMeIn Hamachi Ui"	"Hamachi Client Application"	"LogMeIn Inc."	"c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe"	"29/06/2017 8:27"	""
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"	""	""	""	"23/12/2017 12:03"	""
+ "DAEMON Tools Lite Automount"	"DAEMON Tools Lite"	"Disc Soft Ltd"	"c:\program files\daemon tools lite\dtagent.exe"	"14/08/2017 7:30"	""
+ "OneDrive"	"Microsoft OneDrive"	"Microsoft Corporation"	"c:\users\crist\appdata\local\microsoft\onedrive\onedrive.exe"	"27/10/2017 3:01"	""
+ "Spotify"	"Spotify"	"Spotify Ltd"	"c:\users\crist\appdata\roaming\spotify\spotify.exe"	"02/11/2017 14:04"	""
+ "Spotify Web Helper"	"SpotifyWebHelper"	"Spotify Ltd"	"c:\users\crist\appdata\roaming\spotify\spotifywebhelper.exe"	"02/11/2017 14:03"	""
+ "Steam"	"Steam Client Bootstrapper"	"Valve Corporation"	"c:\program files (x86)\steam\steam.exe"	"15/12/2017 16:49"	""
+ "Voobly"	"Voobly"	"Voobly"	"c:\program files (x86)\voobly\voobly.exe"	"06/09/2017 13:58"	""
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"	""	""	""	"19/11/2017 18:00"	""
+ "Google Chrome"	"Google Chrome Installer"	"Google Inc."	"c:\program files (x86)\google\chrome\application\63.0.3239.132\installer\chrmstp.exe"	"03/01/2018 5:04"	""
+ "n/a"	"Proceso host de Windows (Rundll32)"	"Microsoft Corporation"	"c:\windows\system32\rundll32.exe"	"01/04/2032 23:35"	""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"	""	""	""	"30/09/2017 11:41"	""
+ "n/a"	"Proceso host de Windows (Rundll32)"	"Microsoft Corporation"	"c:\windows\syswow64\rundll32.exe"	"24/02/1929 3:39"	""
"HKLM\SOFTWARE\Classes\Protocols\Handler"	""	""	""	"18/12/2017 17:57"	""
+ "mso-minsb-roaming.16"	"Microsoft Office 2016 component"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\msosb.dll"	"24/11/2017 7:24"	""
+ "mso-minsb.16"	"Microsoft Office 2016 component"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\msosb.dll"	"24/11/2017 7:24"	""
+ "osf-roaming.16"	"Microsoft Office 2016 component"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\msosb.dll"	"24/11/2017 7:24"	""
+ "osf.16"	"Microsoft Office 2016 component"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\msosb.dll"	"24/11/2017 7:24"	""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""	"19/11/2017 20:24"	""
+ "AIMP"	"Context Menu Extension"	"AIMP DevTeam"	"c:\program files (x86)\aimp\system\aimp_menu64.dll"	"10/05/2017 16:08"	""
+ "EPP"	"Extensión de shell Microsoft Security Client"	"Microsoft Corporation"	"c:\programdata\microsoft\windows defender\platform\4.12.17007.17123-0\shellext.dll"	"14/10/1939 10:48"	""
+ "WinRAR"	"WinRAR shell extension"	"Alexander Roshal"	"c:\program files\winrar\rarext.dll"	"11/08/2017 10:53"	""
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers"	""	""	""	"29/09/2017 10:48"	""
+ "EPP"	"Extensión de shell Microsoft Security Client"	"Microsoft Corporation"	"c:\programdata\microsoft\windows defender\platform\4.12.17007.17123-0\shellext.dll"	"14/10/1939 10:48"	""
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""	"19/11/2017 20:23"	""
+ "AIMP"	"Context Menu Extension"	"AIMP DevTeam"	"c:\program files (x86)\aimp\system\aimp_menu64.dll"	"10/05/2017 16:08"	""
+ "EPP"	"Extensión de shell Microsoft Security Client"	"Microsoft Corporation"	"c:\programdata\microsoft\windows defender\platform\4.12.17007.17123-0\shellext.dll"	"14/10/1939 10:48"	""
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""	"19/11/2017 17:56"	""
+ "NvCplDesktopContext"	"NVIDIA Display Shell Extension"	"NVIDIA Corporation"	"c:\windows\system32\nvshext.dll"	"14/11/2017 16:46"	""
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""	"19/11/2017 20:24"	""
+ "WinRAR"	"WinRAR shell extension"	"Alexander Roshal"	"c:\program files\winrar\rarext.dll"	"11/08/2017 10:53"	""
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"	""	""	""	"19/11/2017 20:24"	""
+ "WinRAR"	"WinRAR shell extension"	"Alexander Roshal"	"c:\program files\winrar\rarext.dll"	"11/08/2017 10:53"	""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""	"05/12/2017 11:16"	""
+ " SkyDrivePro1 (ErrorConflict)"	"Microsoft OneDrive for Business Extensions"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\grooveex.dll"	"11/11/2017 10:02"	""
+ " SkyDrivePro2 (SyncInProgress)"	"Microsoft OneDrive for Business Extensions"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\grooveex.dll"	"11/11/2017 10:02"	""
+ " SkyDrivePro3 (InSync)"	"Microsoft OneDrive for Business Extensions"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\grooveex.dll"	"11/11/2017 10:02"	""
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""	"18/12/2017 17:57"	""
+ " SkyDrivePro1 (ErrorConflict)"	"Microsoft OneDrive for Business Extensions"	"Microsoft Corporation"	"c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\grooveex.dll"	"11/11/2017 9:59"	""
+ " SkyDrivePro2 (SyncInProgress)"	"Microsoft OneDrive for Business Extensions"	"Microsoft Corporation"	"c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\grooveex.dll"	"11/11/2017 9:59"	""
+ " SkyDrivePro3 (InSync)"	"Microsoft OneDrive for Business Extensions"	"Microsoft Corporation"	"c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\grooveex.dll"	"11/11/2017 9:59"	""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""	"05/12/2017 11:16"	""
+ "Lync Browser Helper"	"Skype for Business"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\ochelper.dll"	"11/11/2017 10:00"	""
+ "Microsoft OneDrive for Business Browser Helper"	"Microsoft OneDrive for Business Extensions"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\grooveex.dll"	"11/11/2017 10:02"	""
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""	"18/12/2017 17:57"	""
+ "Lync Browser Helper"	"Skype for Business"	"Microsoft Corporation"	"c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\ochelper.dll"	"11/11/2017 10:05"	""
+ "Microsoft OneDrive for Business Browser Helper"	"Microsoft OneDrive for Business Extensions"	"Microsoft Corporation"	"c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\grooveex.dll"	"11/11/2017 9:59"	""
"HKLM\Software\Microsoft\Internet Explorer\Extensions"	""	""	""	"05/12/2017 11:16"	""
+ "Lync Click to Call"	"Skype for Business"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\ochelper.dll"	"11/11/2017 10:00"	""
+ "OneNote Lin&ked Notes"	"Microsoft OneNote Internet Explorer Add-in"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\onbttnielinkednotes.dll"	"11/11/2017 9:59"	""
+ "Se&nd to OneNote"	"Microsoft OneNote Internet Explorer Add-in"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\onbttnie.dll"	"11/11/2017 10:16"	""
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"	""	""	""	"18/12/2017 17:57"	""
+ "Lync Click to Call"	"Skype for Business"	"Microsoft Corporation"	"c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\ochelper.dll"	"11/11/2017 10:05"	""
+ "OneNote Lin&ked Notes"	"Microsoft OneNote Internet Explorer Add-in"	"Microsoft Corporation"	"c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\onbttnielinkednotes.dll"	"11/11/2017 10:08"	""
+ "Se&nd to OneNote"	"Microsoft OneNote Internet Explorer Add-in"	"Microsoft Corporation"	"c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\onbttnie.dll"	"11/11/2017 10:12"	""
"Task Scheduler"	""	""	""	""	""
+ "\InstallShield® Update Service Scheduler"	"InstallShield® Update Service Scheduler"	"InstallShield®"	"c:\program files (x86)\common files\installshield\update\isuspm.exe"	"07/10/2017 17:57"	""
+ "\Microsoft\Office\Office Automatic Updates"	"Microsoft Office Click-to-Run Client"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe"	"03/01/2018 0:59"	""
+ "\Microsoft\Office\Office ClickToRun Service Monitor"	"Microsoft Office Click-to-Run Client"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe"	"03/01/2018 0:59"	""
+ "\Microsoft\Office\OfficeBackgroundTaskHandlerLogon"	"obth"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\officebackgroundtaskhandler.exe"	"03/01/2018 1:06"	""
+ "\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration"	"obth"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\officebackgroundtaskhandler.exe"	"03/01/2018 1:06"	""
+ "\Microsoft\Office\OfficeTelemetryAgentFallBack2016"	"Office Telemetry Agent"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\msoia.exe"	"03/01/2018 1:07"	""
+ "\Microsoft\Office\OfficeTelemetryAgentLogOn2016"	"Office Telemetry Agent"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\msoia.exe"	"03/01/2018 1:07"	""
+ "\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance"	"Microsoft Malware Protection Command Line Utility"	"Microsoft Corporation"	"c:\programdata\microsoft\windows defender\platform\4.12.17007.17123-0\mpcmdrun.exe"	"11/09/1971 15:19"	""
+ "\Microsoft\Windows\Windows Defender\Windows Defender Cleanup"	"Microsoft Malware Protection Command Line Utility"	"Microsoft Corporation"	"c:\programdata\microsoft\windows defender\platform\4.12.17007.17123-0\mpcmdrun.exe"	"11/09/1971 15:19"	""
+ "\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan"	"Microsoft Malware Protection Command Line Utility"	"Microsoft Corporation"	"c:\programdata\microsoft\windows defender\platform\4.12.17007.17123-0\mpcmdrun.exe"	"11/09/1971 15:19"	""
+ "\Microsoft\Windows\Windows Defender\Windows Defender Verification"	"Microsoft Malware Protection Command Line Utility"	"Microsoft Corporation"	"c:\programdata\microsoft\windows defender\platform\4.12.17007.17123-0\mpcmdrun.exe"	"11/09/1971 15:19"	""
+ "\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange"	"Proceso host de Windows (Rundll32)"	"Microsoft Corporation"	"c:\windows\system32\rundll32.exe"	"01/04/2032 23:35"	""
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"	"Aplicación de configuración del Servicio de uso compartido de red del Reproductor de Windows Media"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnscfg.exe"	"23/07/1918 14:28"	""
+ "\Opera scheduled Autoupdate 1513367203"	"Opera Internet Browser"	"Opera Software"	"c:\program files\opera\launcher.exe"	"17/12/2017 7:37"	""
+ "\Optimize Thumbnail Cache Files"	"Microsoft ® Windows Based Script Host"	"Microsoft Corporation"	"c:\windows\system32\wscript.exe"	"17/10/1927 12:33"	""
"HKLM\System\CurrentControlSet\Services"	""	""	""	"17/01/2018 16:47"	""
+ "BEService"	"BattlEye Service: "	""	"c:\program files (x86)\common files\battleye\beservice.exe"	"07/12/2017 23:27"	""
+ "ClickToRunSvc"	"Microsoft Office Click-to-Run Service: ‪Manages resource coordination, background streaming, and system integration of Microsoft Office products and their related updates. This service is required to run during the use of any Microsoft Office program, during initial streaming installation and all subsequent updates.‬"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe"	"03/01/2018 1:10"	""
+ "Disc Soft Lite Bus Service"	"Disc Soft Lite Bus Service: Disc Soft Bus Service Lite"	"Disc Soft Ltd"	"c:\program files\daemon tools lite\discsoftbusservicelite.exe"	"14/08/2017 7:30"	""
+ "gupdate"	"Servicio de Google Update (gupdate): Mantiene actualizado el software de Google. Si este servicio se inhabilita o se detiene, el software de Google no se mantendrá actualizado, lo que significa que las vulnerabilidades de seguridad que puedan surgir no se podrán solucionar y es posible que el rendimiento del producto se vea afectado. Este servicio se desinstala por sí solo cuando no lo está utilizando ningún software de Google."	"Google Inc."	"c:\program files (x86)\google\update\googleupdate.exe"	"13/07/2017 23:07"	""
+ "gupdatem"	"Servicio de Google Update (gupdatem): Mantiene actualizado el software de Google. Si este servicio se inhabilita o se detiene, el software de Google no se mantendrá actualizado, lo que significa que las vulnerabilidades de seguridad que puedan surgir no se podrán solucionar y es posible que el rendimiento del producto se vea afectado. Este servicio se desinstala por sí solo cuando no lo está utilizando ningún software de Google."	"Google Inc."	"c:\program files (x86)\google\update\googleupdate.exe"	"13/07/2017 23:07"	""
+ "Hamachi2Svc"	"LogMeIn Hamachi Tunneling Engine: Hamachi Client Tunneling Engine"	"LogMeIn Inc."	"c:\program files (x86)\logmein hamachi\x64\hamachi-2.exe"	"29/06/2017 8:29"	""
+ "LMIGuardianSvc"	"LMIGuardianSvc: Support LogMeIn processes with quality assurance feedback"	"LogMeIn, Inc."	"c:\program files (x86)\logmein hamachi\x64\lmiguardiansvc.exe"	"27/05/2016 10:03"	""
+ "MozillaMaintenance"	"Mozilla Maintenance Service: El servicio de matenimiento de Mozilla asegura que tiene la última y más segura versión de  Mozilla Firefox en su computadora. Mantener Firefox actualizado es muy importante para su seguridad en línea y Mozilla recomienda encarecidamente que mantenga este servicio habilitado."	"Mozilla Foundation"	"c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"	"06/12/2017 16:36"	""
+ "NvContainerLocalSystem"	"NVIDIA LocalSystem Container: Container service for NVIDIA root features"	"NVIDIA Corporation"	"c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe"	"14/09/2017 20:27"	""
+ "NvContainerNetworkService"	"NVIDIA NetworkService Container: Container service for NVIDIA network features"	"NVIDIA Corporation"	"c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe"	"14/09/2017 20:27"	""
+ "NVDisplay.ContainerLocalSystem"	"NVIDIA Display Container LS: Container service for NVIDIA root features"	"NVIDIA Corporation"	"c:\program files\nvidia corporation\display.nvcontainer\nvdisplay.container.exe"	"14/11/2017 17:06"	""
+ "NvTelemetryContainer"	"NVIDIA Telemetry Container: Container service for NVIDIA Telemetry"	"NVIDIA Corporation"	"c:\program files (x86)\nvidia corporation\nvtelemetry\nvtelemetrycontainer.exe"	"12/07/2017 3:12"	""
+ "ose64"	"Office 64 Source Engine: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\source engine\ose.exe"	"03/01/2018 0:58"	""
+ "Sense"	"Servicio de Protección contra amenazas avanzada de Windows Defender: El servicio de Protección contra amenazas avanzada de Windows Defender ayuda a proteger contra las amenazas avanzadas mediante la supervisión y la generación de informes de eventos de seguridad que se produzcan en el equipo."	"Microsoft Corporation"	"c:\program files\windows defender advanced threat protection\mssense.exe"	"19/09/1928 21:21"	""
+ "Service KMSELDI"	"Service KMSELDI: Service_KMS"	"@ByELDI"	"c:\program files\kmspico\service_kms.exe"	"11/01/2016 19:28"	""
+ "Steam Client Service"	"Steam Client Service: Steam Client Service monitors and updates Steam content"	"Valve Corporation"	"c:\program files (x86)\common files\steam\steamservice.exe"	"15/12/2017 16:48"	""
+ "TeamViewer"	"TeamViewer 13: TeamViewer Remote Software"	"TeamViewer GmbH"	"c:\program files (x86)\teamviewer\teamviewer_service.exe"	"05/12/2017 6:54"	""
+ "WdNisSvc"	"Servicio de inspección de red de Antivirus de Windows Defender: Ayuda a proteger contra intentos de intrusión dirigidos a vulnerabilidades conocidas o recientemente descubiertas en protocolos de red"	"Microsoft Corporation"	"c:\programdata\microsoft\windows defender\platform\4.12.17007.17123-0\nissrv.exe"	"01/10/2025 14:40"	""
+ "WinDefend"	"Servicio de Antivirus de Windows Defender: Ayuda a proteger a los usuarios contra malware y otro software potencialmente no deseado"	"Microsoft Corporation"	"c:\programdata\microsoft\windows defender\platform\4.12.17007.17123-0\msmpeng.exe"	"12/06/1938 11:31"	""
+ "WMPNetworkSvc"	"Servicio de uso compartido de red del Reproductor de Windows Media: Comparte las bibliotecas del Reproductor de Windows Media con otros dispositivos multimedia  y reproductores en red mediante Plug and Play universal."	"Microsoft Corporation"	"c:\program files\windows media player\wmpnetwk.exe"	"22/06/2002 19:32"	""
"HKLM\System\CurrentControlSet\Services"	""	""	""	"17/01/2018 16:47"	""
+ "3ware"	"3ware: LSI 3ware SCSI Storport Driver"	"LSI"	"c:\windows\system32\drivers\3ware.sys"	"18/05/2015 19:28"	""
+ "ADP80XX"	"ADP80XX: PMC-Sierra Storport  Driver For SPC8x6G SAS/SATA controller"	"PMC-Sierra"	"c:\windows\system32\drivers\adp80xx.sys"	"09/04/2015 17:49"	""
+ "amdsata"	"amdsata: AHCI 1.3 Device Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdsata.sys"	"14/05/2015 9:14"	""
+ "amdsbs"	"amdsbs: AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"	"AMD Technologies Inc."	"c:\windows\system32\drivers\amdsbs.sys"	"11/12/2012 18:21"	""
+ "amdxata"	"amdxata: Storage Filter Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdxata.sys"	"30/04/2015 21:55"	""
+ "arcsas"	"Controlador de minipuerto de Adaptec SAS/SATA-II RAID Storport: Adaptec SAS RAID WS03 Driver"	"PMC-Sierra, Inc."	"c:\windows\system32\drivers\arcsas.sys"	"09/04/2015 16:12"	""
+ "b06bdrv"	"Adaptador VBD de red QLogic: QLogic Gigabit Ethernet VBD"	"QLogic Corporation"	"c:\windows\system32\drivers\bxvbda.sys"	"25/05/2016 4:03"	""
+ "bcmfn2"	"bcmfn2 Service: BCM Function 2  Device Driver"	"Windows (R) Win 7 DDK provider"	"c:\windows\system32\drivers\bcmfn2.sys"	"31/10/2016 23:09"	""
+ "cht4iscsi"	"cht4iscsi: Chelsio iSCSI VMiniport Driver"	"Chelsio Communications"	"c:\windows\system32\drivers\cht4sx64.sys"	"24/04/2017 2:22"	""
+ "cht4vbd"	"Controlador de bus virtual Chelsio: Virtual Bus Driver for Chelsio ® T5/T6 Chipset"	"Chelsio Communications"	"c:\windows\system32\drivers\cht4vx64.sys"	"24/04/2017 2:19"	""
+ "dtlitescsibus"	"DAEMON Tools Lite Virtual SCSI Bus: DAEMON Tools Lite Virtual SCSI Bus Driver"	"Disc Soft Ltd"	"c:\windows\system32\drivers\dtlitescsibus.sys"	"24/09/2015 17:17"	""
+ "dtliteusbbus"	"DAEMON Tools Lite Virtual USB Bus: DAEMON Tools Lite Virtual USB Bus Driver"	"Disc Soft Ltd"	"c:\windows\system32\drivers\dtliteusbbus.sys"	"28/12/2015 10:05"	""
+ "ebdrv"	"Adaptador VBD QLogic 10 Gigabit Ethernet: QLogic 10 GigE VBD"	"QLogic Corporation"	"c:\windows\system32\drivers\evbda.sys"	"25/05/2016 4:01"	""
+ "Hamachi"	"LogMeIn Hamachi Virtual Miniport): LogMeIn Hamachi Virtual Miniport Driver"	"LogMeIn Inc."	"c:\windows\system32\drivers\hamdrv.sys"	"30/03/2015 10:28"	""
+ "HpSAMD"	"HpSAMD: Smart Array SAS/SATA Controller Media Driver"	"Hewlett-Packard Company"	"c:\windows\system32\drivers\hpsamd.sys"	"26/03/2013 18:36"	""
+ "iagpio"	"Controlador de la controladora Intel Serial IO GPIO: Intel(R) Serial IO GPIO Controller Driver"	"Intel(R) Corporation"	"c:\windows\system32\drivers\iagpio.sys"	"12/07/2017 3:46"	""
+ "iai2c"	"Controladora de host de Intel(R) Serial IO I2C: Intel(R) Serial IO I2C Driver"	"Intel(R) Corporation"	"c:\windows\system32\drivers\iai2c.sys"	"12/07/2017 3:46"	""
+ "iaLPSS2i_GPIO2"	"Controlador de Intel(R) Serial IO GPIO v2: Intel(R) Serial IO GPIO Driver v2"	"Intel Corporation"	"c:\windows\system32\drivers\ialpss2i_gpio2.sys"	"14/06/2017 1:01"	""
+ "iaLPSS2i_GPIO2_BXT_P"	"Controlador de Intel(R) Serial IO GPIO v2: Intel(R) Serial IO GPIO Driver v2"	"Intel Corporation"	"c:\windows\system32\drivers\ialpss2i_gpio2_bxt_p.sys"	"14/06/2017 1:01"	""
+ "iaLPSS2i_I2C"	"Controlador de Intel(R) Serial IO I2C v2: Intel(R) Serial IO I2C Driver v2"	"Intel Corporation"	"c:\windows\system32\drivers\ialpss2i_i2c.sys"	"14/06/2017 1:00"	""
+ "iaLPSS2i_I2C_BXT_P"	"Controlador de Intel(R) Serial IO I2C v2: Intel(R) Serial IO I2C Driver v2"	"Intel Corporation"	"c:\windows\system32\drivers\ialpss2i_i2c_bxt_p.sys"	"14/06/2017 1:01"	""
+ "iaLPSSi_GPIO"	"Controlador de controladora Intel(R) Serial IO GPIO: Intel(R) Serial IO GPIO Controller Driver"	"Intel Corporation"	"c:\windows\system32\drivers\ialpssi_gpio.sys"	"02/02/2015 6:00"	""
+ "iaLPSSi_I2C"	"Controlador de Intel(R) Serial IO I2C: Intel(R) Serial IO I2C Controller Driver"	"Intel Corporation"	"c:\windows\system32\drivers\ialpssi_i2c.sys"	"24/02/2015 12:52"	""
+ "iaStorAV"	"Controladora RAID SATA de Intel(R) para Windows: Intel(R) Rapid Storage Technology driver (inbox) - x64"	"Intel Corporation"	"c:\windows\system32\drivers\iastorav.sys"	"22/02/2017 10:43"	""
+ "iaStorV"	"Controladora RAID de Intel para Windows 7: Intel Matrix Storage Manager driver - x64"	"Intel Corporation"	"c:\windows\system32\drivers\iastorv.sys"	"11/04/2011 15:48"	""
+ "ibbus"	"Mellanox InfiniBand Bus/AL (Controlador de filtro): InfiniBand Fabric Bus Driver"	"Mellanox"	"c:\windows\system32\drivers\ibbus.sys"	"10/04/2016 10:46"	""
+ "IntcAzAudAddService"	"Service for Realtek HD Audio (WDM): Realtek(r) High Definition Audio Function Driver"	"Realtek Semiconductor Corp."	"c:\windows\system32\drivers\rtkvhd64.sys"	"24/10/2017 8:04"	""
+ "LSI_SAS"	"LSI_SAS: LSI Fusion-MPT SAS Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas.sys"	"25/03/2015 16:36"	""
+ "LSI_SAS2i"	"LSI_SAS2i: LSI SAS Gen2 Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas2i.sys"	"05/08/2016 11:08"	""
+ "LSI_SAS3i"	"LSI_SAS3i: Avago SAS Gen3 Driver (StorPort)"	"Avago Technologies"	"c:\windows\system32\drivers\lsi_sas3i.sys"	"08/08/2016 9:07"	""
+ "LSI_SSS"	"LSI_SSS: LSI SSS PCIe/Flash Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sss.sys"	"15/03/2013 20:39"	""
+ "megasas"	"megasas: MEGASAS RAID Controller Driver for Windows"	"Avago Technologies"	"c:\windows\system32\drivers\megasas.sys"	"04/03/2015 23:36"	""
+ "megasas2i"	"megasas2i: MEGASAS RAID Controller Driver for Windows"	"Avago Technologies"	"c:\windows\system32\drivers\megasas2i.sys"	"22/07/2016 18:36"	""
+ "megasr"	"megasr: LSI MegaRAID Software RAID Driver"	"LSI Corporation, Inc."	"c:\windows\system32\drivers\megasr.sys"	"03/06/2013 19:02"	""
+ "MEIx64"	"Intel(R) Management Engine Interface : Intel(R) Management Engine Interface"	"Intel Corporation"	"c:\windows\system32\drivers\teedriverw8x64.sys"	"07/07/2015 14:43"	""
+ "mlx4_bus"	"Enumerador de bus ConnectX de Mellanox: MLX4 Bus Driver"	"Mellanox"	"c:\windows\system32\drivers\mlx4_bus.sys"	"10/04/2016 10:49"	""
+ "MpKsl53cf0540"	"MpKsl53cf0540: KSLDriver"	"Microsoft Corporation"	"c:\programdata\microsoft\windows defender\definition updates\{9f904708-9900-4c17-8002-2a240d5b3405}\mpksl53cf0540.sys"	"27/02/1989 22:54"	""
+ "mvumis"	"mvumis: Marvell Flash Controller Driver"	"Marvell Semiconductor, Inc."	"c:\windows\system32\drivers\mvumis.sys"	"23/05/2014 17:39"	""
+ "ndfltr"	"Servicio NetworkDirect: NetworkDirect Support Filter Driver"	"Mellanox"	"c:\windows\system32\drivers\ndfltr.sys"	"10/04/2016 10:46"	""
+ "NVHDA"	"Service for NVIDIA High Definition Audio Driver: NVIDIA HDMI Audio Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvhda64v.sys"	"14/09/2017 6:55"	""
+ "nvlddmkm"	"nvlddmkm: NVIDIA Windows Kernel Mode Driver, Version 388.31 "	"NVIDIA Corporation"	"c:\windows\system32\driverstore\filerepository\nv_dispi.inf_amd64_c791f781cd94491f\nvlddmkm.sys"	"14/11/2017 16:50"	""
+ "nvraid"	"nvraid: NVIDIA® nForce(TM) RAID Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvraid.sys"	"21/04/2014 15:28"	""
+ "nvstor"	"nvstor: NVIDIA® nForce(TM) Sata Performance Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvstor.sys"	"21/04/2014 15:34"	""
+ "NvStreamKms"	"NVIDIA KMS: Nvidia Streaming Kernel Service"	"NVIDIA Corporation"	"c:\program files\nvidia corporation\nvstreamsrv\nvstreamkms.sys"	"26/09/2017 7:08"	""
+ "nvvad_WaveExtensible"	"NVIDIA Virtual Audio Device (Wave Extensible) (WDM): NVIDIA Virtual Audio Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvvad64v.sys"	"19/09/2017 5:38"	""
+ "nvvhci"	"NVVHCI Enumerator Service: Virtual USB Host Controller driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvvhci.sys"	"27/12/2016 22:44"	""
+ "percsas2i"	"percsas2i: MEGASAS RAID Controller Driver for Windows"	"Avago Technologies"	"c:\windows\system32\drivers\percsas2i.sys"	"14/03/2016 21:50"	""
+ "percsas3i"	"percsas3i: MEGASAS RAID Controller Driver for Windows"	"Avago Technologies"	"c:\windows\system32\drivers\percsas3i.sys"	"04/03/2016 18:22"	""
+ "rt640x64"	"Controlador Realtek RT640 NT: Realtek 8136/8168/8169 NDIS 6.40 64-bit Driver                "	"Realtek                                            "	"c:\windows\system32\drivers\rt640x64.sys"	"05/10/2016 10:32"	""
+ "RtlWlanu_OldIC"	"Adaptador de red LAN inalámbrica 802.11n USB 2.0 Realtek: Realtek WLAN USB NDIS Driver 28199"	"Realtek Semiconductor Corporation                           "	"c:\windows\system32\drivers\rtwlanu_oldic.sys"	"20/04/2016 22:43"	""
+ "SiSRaid2"	"SiSRaid2: SiS RAID Stor Miniport Driver"	"Silicon Integrated Systems Corp."	"c:\windows\system32\drivers\sisraid2.sys"	"24/09/2008 15:28"	""
+ "SiSRaid4"	"SiSRaid4: SiS AHCI Stor-Miniport Driver"	"Silicon Integrated Systems"	"c:\windows\system32\drivers\sisraid4.sys"	"01/10/2008 18:56"	""
+ "stexstor"	"stexstor: Promise SuperTrak EX Series Driver for Windows x64"	"Promise Technology, Inc."	"c:\windows\system32\drivers\stexstor.sys"	"26/11/2012 21:02"	""
+ "vsmraid"	"vsmraid: VIA RAID DRIVER FOR AMD-X86-64"	"VIA Technologies Inc.,Ltd"	"c:\windows\system32\drivers\vsmraid.sys"	"22/04/2014 16:21"	""
+ "VSTXRAID"	"Controlador de Windows de controladora de almacenamiento RAID VIA StorX: VIA StorX RAID Controller Driver"	"VIA Corporation"	"c:\windows\system32\drivers\vstxraid.sys"	"21/01/2013 16:00"	""
+ "wdm_usb"	"wdm_usb: USB Modem/Serial Device Driver"	"MBB"	"c:\windows\system32\drivers\usb2ser.sys"	"22/01/2015 3:43"	""
+ "WinMad"	"Servicio WinMad: Kernel WinMad"	"Mellanox"	"c:\windows\system32\drivers\winmad.sys"	"10/04/2016 10:46"	""
+ "WinVerbs"	"Servicio WinVerbs: Kernel WinVerbs"	"Mellanox"	"c:\windows\system32\drivers\winverbs.sys"	"10/04/2016 10:46"	""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers"	""	""	""	"29/09/2017 10:48"	""
+ "Adobe Type Manager"	"Windows NT OpenType/Type 1 Font Driver"	"Adobe Systems Incorporated"	"c:\windows\system32\atmfd.dll"	"27/06/1991 11:48"	""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""	"26/12/2017 22:16"	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\system32\l3codeca.acm"	"26/12/1917 21:37"	""
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""	"26/12/2017 22:16"	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\syswow64\l3codeca.acm"	"12/04/1909 6:26"	""
+ "vidc.cvid"	"Códec Cinepak®"	"Radius Inc."	"c:\windows\syswow64\iccvid.dll"	"30/08/2004 19:35"	""
+ "VIDC.FMVC"	"FM Screen Capture Codec (VFW)"	"Fox Magic Software"	"c:\windows\syswow64\fmcodec.dll"	"12/06/2005 11:29"	""
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""	"04/12/2017 17:49"	""
+ "{1D5BE324-AC17-482F-9070-234EB529AE12}"	"Audio Data"	"Viscom Software"	"c:\program files (x86)\dsnet corp\atube catcher 2.0\viscomaudiodata.dll"	"02/12/2006 10:55"	""
+ "{2E9126B1-53F9-4312-B21D-035455BFC80F}"	""	""	"c:\program files (x86)\dsnet corp\atube catcher 2.0\viscomspeaker.dll"	"20/06/2012 8:12"	""
+ "{3C78B8E2-6C4D-11D1-ADE2-0000F8754B99}"	""	"Viscom Software"	"c:\program files (x86)\dsnet corp\atube catcher 2.0\viscomwave.dll"	"18/08/2003 2:31"	""
+ "{473FA820-DC78-4E38-9F13-7AAB9B26092F}"	"Wave Form"	"Viscom Software www.viscomsoft.com"	"c:\program files (x86)\dsnet corp\atube catcher 2.0\viscomwaveform.dll"	"07/12/2008 13:19"	""
+ "{4FCE4216-5C59-453B-894D-3E7569C6062F}"	"Audio Encoder"	"Viscom Software"	"c:\program files (x86)\dsnet corp\atube catcher 2.0\viscomaudioencoder.dll"	"11/11/2006 10:38"	""
+ "{74CFD057-E3A4-4352-8357-477084086D4B}"	"viscomaudioprocess.dll"	""	"c:\program files (x86)\dsnet corp\atube catcher 2.0\viscomaudioprocess.dll"	"09/06/2012 2:31"	""
"HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command\(Default)"	""	""	""	"19/11/2017 13:09"	""
+ "C:\Program Files\Internet Explorer\iexplore.exe"	"Internet Explorer"	"Microsoft Corporation"	"c:\program files\internet explorer\iexplore.exe"	"22/02/2034 4:54"	""
"HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls"	""	""	""	"29/09/2017 10:47"	""
+ "_wow64"	""	""	"File not found: C:\Windows\SysWOW64\wow64.dll"	""	""
+ "_wow64cpu"	""	""	"File not found: C:\Windows\SysWOW64\wow64cpu.dll"	""	""
+ "_wow64win"	""	""	"File not found: C:\Windows\SysWOW64\wow64win.dll"	""	""
+ "_wowarmhw"	""	""	"File not found: C:\Windows\System32\wowarmhw.dll"	""	""
+ "_wowarmhw"	""	""	"File not found: C:\Windows\SysWOW64\wowarmhw.dll"	""	""
"HKLM\Software\Microsoft\Office\Outlook\Addins"	""	""	""	"09/12/2017 16:52"	""
+ "LyncAddin Class"	"Skype for Business"	"Microsoft Corporation"	"c:\program files\microsoft office\root\office16\ucaddin.dll"	"11/11/2017 10:01"	""
+ "TeamViewerMeetingAddIn.AddIn"	"TeamViewer Outlook AddIn"	"TeamViewer GmbH"	"c:\program files (x86)\teamviewer\outlook\teamviewermeetingaddinshim64.dll"	"05/12/2017 8:05"	""

I hope anyone can help me. Sorry if i've errors but english it's not my language. 

 

Thank you all! :D



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:26 AM

Posted 18 January 2018 - 03:54 PM

See what the programs below can do for you.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of Google Chrome and Avast.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

  • Download and install the free version of Malwarebytes
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point
  • Once Malwarebytes is installed, launch it and let it update its database. You might have to click on the little arrow by Scan Status in the middle right pane for it to do so
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan
  • Let the scan run, the time required to complete the scan depends of your system and computer specs
  • Once the scan is complete, make sure that the first checkbox at the top is checked (which will automatically check every detected item), then click on the Quarantine Selected button
    • If it asks you to restart your computer to complete the removal, do so
  • Click on Export Summary after the deletion (in the bottom-left corner) and select Copy to Clipboard. Paste the content in your next reply

 

Download Malwarebytes Anti-Rootkit (MBAR) to your desktop.

  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"

 

Download and run the FREE online scanner from Free Virus Scan | Online Virus Scan from ESET | ESET

  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Reseet

Reseet
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 18 January 2018 - 09:05 PM

 

See what the programs below can do for you.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of Google Chrome and Avast.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

  • Download and install the free version of Malwarebytes
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point
  • Once Malwarebytes is installed, launch it and let it update its database. You might have to click on the little arrow by Scan Status in the middle right pane for it to do so
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan
  • Let the scan run, the time required to complete the scan depends of your system and computer specs
  • Once the scan is complete, make sure that the first checkbox at the top is checked (which will automatically check every detected item), then click on the Quarantine Selected button
    • If it asks you to restart your computer to complete the removal, do so
  • Click on Export Summary after the deletion (in the bottom-left corner) and select Copy to Clipboard. Paste the content in your next reply

 

Download Malwarebytes Anti-Rootkit (MBAR) to your desktop.

  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"

 

Download and run the FREE online scanner from Free Virus Scan | Online Virus Scan from ESET | ESET

  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

 

 

Thank you! I do the scan with ccleaner and malwarebytes and now all works fine! :D

 

This is what malwarebytes detected

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/1/18
Hora del análisis: 22:51
Archivo de registro: 446ea8a8-fcbb-11e7-a9f0-7a7919014c98.json
Administrador: Sí

-Información del software-
Versión: 3.3.1.2183
Versión de los componentes: 1.0.262
Versión del paquete de actualización: 1.0.3727
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 16299.192)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-I4L8TU1\crist

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Resultado: Completado
Objetos analizados: 297069
Amenazas detectadas: 27
Amenazas en cuarentena: 27
Tiempo transcurrido: 5 min, 45 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 7
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OPTIMIZE THUMBNAIL CACHE FILES, Se eliminará al reiniciar, [285], [328817],1.0.3727
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5ED752F8-78D2-4251-8F97-9078A59EF1A2}, Se eliminará al reiniciar, [285], [328817],1.0.3727
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{5ED752F8-78D2-4251-8F97-9078A59EF1A2}, Se eliminará al reiniciar, [285], [328817],1.0.3727
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\InstallShield® Update Service Scheduler, Se eliminará al reiniciar, [285], [261680],1.0.3727
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CF2B93F8-4071-402E-A3DA-FE30A1EA936E}, Se eliminará al reiniciar, [285], [261680],1.0.3727
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{CF2B93F8-4071-402E-A3DA-FE30A1EA936E}, Se eliminará al reiniciar, [285], [261680],1.0.3727

Valor del registro: 16
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-905718938-1697845998-1820113342-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-905718938-1697845998-1820113342-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-905718938-1697845998-1820113342-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-905718938-1697845998-1820113342-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, Se eliminará al reiniciar, [285], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5ED752F8-78D2-4251-8F97-9078A59EF1A2}|PATH, Se eliminará al reiniciar, [285], [328818],1.0.3727
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CF2B93F8-4071-402E-A3DA-FE30A1EA936E}|PATH, Se eliminará al reiniciar, [285], [261682],1.0.3727

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 4
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\OPTIMIZE THUMBNAIL CACHE FILES, Se eliminará al reiniciar, [285], [328817],1.0.3727
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\InstallShield® Update Service Scheduler, Se eliminará al reiniciar, [285], [261680],1.0.3727
Adware.Elex.ShrtCln, C:\USERS\CRIST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [2141], [454749],1.0.3727
Adware.Elex.ShrtCln, C:\USERS\CRIST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [2141], [454749],1.0.3727

Sector físico: 0
(No hay elementos maliciosos detectados)


(end)


#4 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:26 AM

Posted 18 January 2018 - 09:13 PM

I suggest doing the other scans, too. Up to you...of course.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users