darktulkas
New Member
Hola buenas reinstale un Windows 10 desde 0 en un notebook, le instale un par de programas incluido el antivirus con licencia y lo deje en la noche actualizando, y cuando lo reviso en la mañana, esta haciendo de todo, abriendo páginas, videos, escribiendo, girando pantalla, abriendo más programas, menus, etc. Reinicie y todo se mantuvo, quite el internet y aún se mantiene pero en mucha menor medida, digamos que en un 90 a 95% menos, pero aún así hace algunas cosas por si solo el note.
Dejo el log de hijackthis por si pueden ayudarme por fa.
Logfile of HiJackThis Fork (Beta) by Alex Dragokas v.2.10.0.6
Platform: x64 Windows 10 (Pro), 10.0.14393.2214 (ReleaseId: 1607), Service Pack: 0
Time: 14.02.2021 - 12:38 (UTC-03:00)
Language: OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0x340A)
Elevated: Yes
Ran by: Eka (group: Administrator) on DESKTOP-CRCQAJI, FirstRun: no
Chrome: 88.0.4324.150
Edge: 11.0.14393.2214
Internet Explorer: 11.0.14393.2007
Default: "C:\Windows\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files\AVG\Antivirus\afwServ.exe
1 C:\Program Files\AVG\Antivirus\aswEngSrv.exe
1 C:\Program Files\AVG\Antivirus\AVGSvc.exe
1 C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
3 C:\Program Files\AVG\Antivirus\AVGUI.exe
1 C:\Program Files\AVG\Antivirus\wsc_proxy.exe
1 C:\Program Files\Classic Shell\ClassicStartMenu.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Elantech\ETDCtrl.exe
1 C:\Program Files\Elantech\ETDCtrlHelper.exe
1 C:\Program Files\Elantech\ETDService.exe
1 C:\Program Files\Elantech\ETDTouch.exe
1 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\rempl\sedsvc.exe
2 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
17 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 E:\HiJackThis.exe
O2 - HKLM\..\BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll
O2 - HKLM\..\BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
O2 - HKLM\..\BHO: NitroPDF.IE.Sharepoint - {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} - C:\Program Files\Nitro\Pro\13\npnitroie.dll
O2-32 - HKLM\..\BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2-32 - HKLM\..\BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2-32 - HKLM\..\BHO: NitroPDF.IE.Sharepoint - {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} - C:\Program Files (x86)\Nitro\Pro\13\npnitroie.dll
O3 - HKLM\..\Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
O3-32 - HKLM\..\Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKCU\..\Run: [Spotify] = C:\Users\Eka\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKLM\..\Run: [AVGUI.exe] = C:\Program Files\AVG\Antivirus\AvLaunch.exe /gui
O4 - HKLM\..\Run: [Classic Start Menu] = C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun
O4 - HKLM\..\Run: [ETDCtrl] = C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O9 - Button: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: (no name) - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Tools menu item: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: Classic IE Settings - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9-32 - Button: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: (no name) - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9-32 - Tools menu item: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: Classic IE Settings - C:\Program Files\Classic Shell\ClassicIE_32.exe
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\AVG\Antivirus\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Classic Shell\ClassicExplorer64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\AVG\Antivirus\x86\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - - (no file)
O22 - BITS Job: (download) {768984A8-6B63-44B5-A909-B5562B2B9284} - http://msedge.b.tlu.dl.delivery.mp....J3SWa6V0d760+0LNpby+6omUx2u/et7zouqEmenf/Eg== -> C:\Users\Eka\AppData\Local\Temp\edge_BITS_372_1221603568\9c839662-0ae0-4a3d-abf2-edba1af63603
O22 - BITS Job: (download) {9CD800DA-CDF9-40AF-9C63-167658506215} - https://oneclient.sfx.ms/Win/Prod/21.002.0104.0005/OneDriveSetup.exe -> C:\Users\Eka\AppData\Local\Temp\wct1407.tmp
O22 - BITS Job: (download) {C12D0E58-81FE-444C-85FD-08C416F29F4E} - http://edgedl.gvt1.com/edgedl/relea...B1O5ddVmdvk_88.253.200/dCWclxKjU5RSOUZ52LSQXQ -> C:\Users\Eka\AppData\Local\Temp\chrome_BITS_2316_544480611\dCWclxKjU5RSOUZ52LSQXQ
O22 - BITS Job: Fix all (including legit)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask - {E7ED314F-2816-4C26-AEB5-54A34D02404C} - C:\Windows\System32\kernelceip.dll (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistant - C:\Windows\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun - C:\Windows\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /AllUsersRun (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun - C:\Windows\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /CalendarRun (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun - C:\Windows\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /WakeupRun (Microsoft)
O22 - Task: \AVG\Overseer - C:\Program Files\Common Files\AVG\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \Microsoft\Windows\EDP\EDP App Launch Task - {35EF4182-F900-4632-B072-8639E4478A61},AppLaunch - (no file)
O22 - Task: \Microsoft\Windows\EDP\EDP Auth Task - {35EF4182-F900-4632-B072-8639E4478A61},ReAuth - (no file)
O22 - Task: Antivirus Emergency Update - C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: RTKCPL - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O23 - Service R2: AVG Antivirus - C:\Program Files\AVG\Antivirus\AVGSvc.exe /runassvc
O23 - Service R2: AVG Firewall Service - (AVG Firewall) - C:\Program Files\AVG\Antivirus\afwServ.exe
O23 - Service R2: AVG Tools - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe /runassvc
O23 - Service R2: AvgWscReporter - C:\Program Files\AVG\Antivirus\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Elan Service - (ETDService) - C:\Program Files\Elantech\ETDService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
O23 - Service S2: Google Update Servicio (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: avgbIDSAgent - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\88.0.4324.150\elevation_service.exe
O23 - Service S3: Google Update Servicio (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
--
End of file - Time spent: 22,2 sec. - 21506 bytes, CRC32: FFFFFFFF. Sign: 푻휌
Dejo el log de hijackthis por si pueden ayudarme por fa.
Logfile of HiJackThis Fork (Beta) by Alex Dragokas v.2.10.0.6
Platform: x64 Windows 10 (Pro), 10.0.14393.2214 (ReleaseId: 1607), Service Pack: 0
Time: 14.02.2021 - 12:38 (UTC-03:00)
Language: OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0x340A)
Elevated: Yes
Ran by: Eka (group: Administrator) on DESKTOP-CRCQAJI, FirstRun: no
Chrome: 88.0.4324.150
Edge: 11.0.14393.2214
Internet Explorer: 11.0.14393.2007
Default: "C:\Windows\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files\AVG\Antivirus\afwServ.exe
1 C:\Program Files\AVG\Antivirus\aswEngSrv.exe
1 C:\Program Files\AVG\Antivirus\AVGSvc.exe
1 C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
3 C:\Program Files\AVG\Antivirus\AVGUI.exe
1 C:\Program Files\AVG\Antivirus\wsc_proxy.exe
1 C:\Program Files\Classic Shell\ClassicStartMenu.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Elantech\ETDCtrl.exe
1 C:\Program Files\Elantech\ETDCtrlHelper.exe
1 C:\Program Files\Elantech\ETDService.exe
1 C:\Program Files\Elantech\ETDTouch.exe
1 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\rempl\sedsvc.exe
2 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
17 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 E:\HiJackThis.exe
O2 - HKLM\..\BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll
O2 - HKLM\..\BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
O2 - HKLM\..\BHO: NitroPDF.IE.Sharepoint - {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} - C:\Program Files\Nitro\Pro\13\npnitroie.dll
O2-32 - HKLM\..\BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2-32 - HKLM\..\BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2-32 - HKLM\..\BHO: NitroPDF.IE.Sharepoint - {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} - C:\Program Files (x86)\Nitro\Pro\13\npnitroie.dll
O3 - HKLM\..\Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
O3-32 - HKLM\..\Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKCU\..\Run: [Spotify] = C:\Users\Eka\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKLM\..\Run: [AVGUI.exe] = C:\Program Files\AVG\Antivirus\AvLaunch.exe /gui
O4 - HKLM\..\Run: [Classic Start Menu] = C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun
O4 - HKLM\..\Run: [ETDCtrl] = C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O9 - Button: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: (no name) - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Tools menu item: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: Classic IE Settings - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9-32 - Button: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: (no name) - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9-32 - Tools menu item: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: Classic IE Settings - C:\Program Files\Classic Shell\ClassicIE_32.exe
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\AVG\Antivirus\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Classic Shell\ClassicExplorer64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\AVG\Antivirus\x86\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - - (no file)
O22 - BITS Job: (download) {768984A8-6B63-44B5-A909-B5562B2B9284} - http://msedge.b.tlu.dl.delivery.mp....J3SWa6V0d760+0LNpby+6omUx2u/et7zouqEmenf/Eg== -> C:\Users\Eka\AppData\Local\Temp\edge_BITS_372_1221603568\9c839662-0ae0-4a3d-abf2-edba1af63603
O22 - BITS Job: (download) {9CD800DA-CDF9-40AF-9C63-167658506215} - https://oneclient.sfx.ms/Win/Prod/21.002.0104.0005/OneDriveSetup.exe -> C:\Users\Eka\AppData\Local\Temp\wct1407.tmp
O22 - BITS Job: (download) {C12D0E58-81FE-444C-85FD-08C416F29F4E} - http://edgedl.gvt1.com/edgedl/relea...B1O5ddVmdvk_88.253.200/dCWclxKjU5RSOUZ52LSQXQ -> C:\Users\Eka\AppData\Local\Temp\chrome_BITS_2316_544480611\dCWclxKjU5RSOUZ52LSQXQ
O22 - BITS Job: Fix all (including legit)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask - {E7ED314F-2816-4C26-AEB5-54A34D02404C} - C:\Windows\System32\kernelceip.dll (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistant - C:\Windows\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun - C:\Windows\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /AllUsersRun (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun - C:\Windows\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /CalendarRun (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun - C:\Windows\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /WakeupRun (Microsoft)
O22 - Task: \AVG\Overseer - C:\Program Files\Common Files\AVG\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \Microsoft\Windows\EDP\EDP App Launch Task - {35EF4182-F900-4632-B072-8639E4478A61},AppLaunch - (no file)
O22 - Task: \Microsoft\Windows\EDP\EDP Auth Task - {35EF4182-F900-4632-B072-8639E4478A61},ReAuth - (no file)
O22 - Task: Antivirus Emergency Update - C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: RTKCPL - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O23 - Service R2: AVG Antivirus - C:\Program Files\AVG\Antivirus\AVGSvc.exe /runassvc
O23 - Service R2: AVG Firewall Service - (AVG Firewall) - C:\Program Files\AVG\Antivirus\afwServ.exe
O23 - Service R2: AVG Tools - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe /runassvc
O23 - Service R2: AvgWscReporter - C:\Program Files\AVG\Antivirus\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Elan Service - (ETDService) - C:\Program Files\Elantech\ETDService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
O23 - Service S2: Google Update Servicio (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: avgbIDSAgent - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\88.0.4324.150\elevation_service.exe
O23 - Service S3: Google Update Servicio (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
--
End of file - Time spent: 22,2 sec. - 21506 bytes, CRC32: FFFFFFFF. Sign: 푻휌