• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 12

    Lentitud en arranque y en abrir paginas en internet.

    Estimados amigos, desde hace unas semanas vnego observando q el pc va mas lento en arranque y al navegar por paginas de internet... os adjunto l log de Hijackthis por si vierais algo anomalo.... muchas ...

    1. #1
      Usuario Avatar de ozzelito
      Registrado
      jul 2008
      Ubicación
      De alquiler.
      Mensajes
      128

      Lentitud en arranque y en abrir paginas en internet.

      Estimados amigos, desde hace unas semanas vnego observando q el pc va mas lento en arranque y al navegar por paginas de internet... os adjunto l log de Hijackthis por si vierais algo anomalo.... muchas gracias

      Logfile of Trend Micro HijackThis v2.0.5
      Scan saved at 22:18:24, on 18/04/2017
      Platform: Windows 7 SP1 (WinNT 6.00.3505)
      MSIE: Internet Explorer v11.0 (11.00.9600.18639)

      FIREFOX: 52.0.2 (x86 es-ES)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\taskhost.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      c:\windows\system32\PRISMSVR.EXE
      C:\Windows\system32\igfxEM.exe
      C:\Windows\system32\igfxHK.exe
      C:\Program Files\AVAST Software\Avast\AvastUI.exe
      C:\Program Files\XFastUSB\XFastUsb.exe
      C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
      C:\Program Files\Common Files\Java\Java Update\jusched.exe
      C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      C:\Program Files\Common Files\Java\Java Update\jusched.exe
      C:\Windows\explorer.exe
      C:\Users\Nuria\AppData\Roaming\Spotify\SpotifyWebHelper.exe
      C:\Users\Nuria\Google Drive\AECC\Desktop\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll
      O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
      O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll
      O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
      O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
      O4 - HKLM\..\Run: [XFastUSB] "C:\Program Files\XFastUSB\XFastUsb.exe"
      O4 - HKLM\..\Run: [USB3MON] "C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
      O4 - HKLM\..\Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [Copernic Desktop Search - Corporate] "C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe" /tray
      O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Nuria\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
      O4 - HKCU\..\Run: [Plex Media Server] "C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe"
      O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun
      O4 - HKCU\..\Run: [hubiC] C:\Program Files\OVH\hubiC\hubiC.exe
      O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Nuria\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
      O4 - HKUS\S-1-5-18\..\Run: [Plex Media Server] "C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe" (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [Plex Media Server] "C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe" (User 'Default user')
      O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
      O4 - Startup: Citrix Receiver.lnk = C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
      O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
      O8 - Extra context menu item: Descargar con Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
      O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O9 - Extra button: Mostrar u ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: http://*.fnmt.es
      O15 - Trusted Zone: http://*.fnmt.gob.es
      O18 - Protocol: exalead - {39076C07-7014-41FF-A3CD-841360B1C2EC} - C:\Program Files\Exalead\Exalead Desktop\ExaScheme.dll
      O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      O20 - AppInit_DLLs: C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll
      O21 - SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll
      O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll
      O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
      O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: ASRock IO Monitor Service (ASRockIOMon) - Unknown owner - C:\Program Files\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
      O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Archivos sin conexión (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: DokanMounter - Unknown owner - C:\Program Files\Dokan\DokanLibrary\mounter.exe
      O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: EaseUS Agente de Servicio (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
      O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
      O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
      O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%windir%\system32\inetsrv\ftpres.dll,-30001 (ftpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Servicio HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\Windows\system32\igfxCUIService.exe
      O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
      O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
      O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\irmon.dll,-2000 (Irmon) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
      O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
      O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
      O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: PAExec - Power Admin LLC - C:\Windows\PAExec.exe
      O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Plex Update Service (PlexUpdateService) - Plex, Inc. - C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
      O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Copias de seguridad de Windows (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
      O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
      O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Proveedor de instantáneas de software de Microsoft (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
      O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Administrador de sesión del Administrador de ventanas de escritorio (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
      O23 - Service: Instantáneas de volumen (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
      O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
      O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
      O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files\Wondershare\WAF\2.1.6.0\WsAppService.exe
      O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
      O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

      --
      End of file - 28737 bytes

    2. #2
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      11.859

      Re: Lentitud en arranque y en abrir paginas en internet.

      Saludos ozzelito

      Te voy a indicar unos pasos tipos a realizar para comprobar las aplicaciones, sistemas, servicios... que cargan en tu sistema, y al mismo tiempo para realizar una primera desinfección de adwares/malwares, que suelen ralentizar nuestra navegación por internet. Por favor, realiza lo siguiente:


      Paso 1- Vamos a descargar en TU ESCRITORIO todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía):




      Paso 2- Ahora vamos a ejecutar las herramientas de una en una (cuando haya finalizado una, ejecutas la siguiente), y debes ejecutarlas en el mismo orden que te indico:


      AdwCleaner

      • El primer paso sería cerrar todos los programas que tengas abiertos.
      • Ejecutas Adwcleaner.exe. (Si usas Windows Vista/7 u 8 presionas clic derecho y seleccionas "Ejecutar como Administrador.")
      • A continuación, debes pulsar sobre el botón Escanear ]; el proceso de análisis se iniciará; esperas tranquilamente a que finalice.
      • Cuando termine, pulsas sobre el botón Limpiar.
      • Por último, te va a solicitar Reiniciar el sistema; como es evidente, debes Aceptar.
      • Ya solo queda, guardar el reporte que te aparecerá una vez que reinicies, para copiarlo y pegarlo en tu próxima respuesta.



      JRT.exe

      • Ejecutas Junkware Removal Tool (JRT.exe). (Si usas Windows Vista/7 u 8 presionas clic derecho y seleccionas "Ejecutar como Administrador.")
      • Ahora tienes que pulsar cualquier tecla para que el proceso continúe y esperas a que termine.
      • Cuando finalice, un registro (JRT.txt) se guardará en el escritorio y se abrirá automáticamente.
      • Este reporte debes copiarlo, para pegarlo también en tu próxima respuesta.



      Malwarebytes

      Es conveniente que inviertas unos minutos en leer con detalle su manual, para Configurarlo, Actualizarlo y Usarlo Correctamente.

      • Pulsa sobre Análisis y seleccionas Análisis Personalizado; a continuación pulsas sobre Configurar Análisis: seleccionas todas la unidades que tengas y pulsas sobre Analizar ahora.
      • Cuando Termine el análisis, Seleccionas "Eliminar Seleccionados".
      • Reinicias el sistema.
      • En el apartado "Historial" encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.




      CCleaner

      Debes usar, sus dos opciones principales, de acuerdo a su Manual:

      • "Limpiador": para borrar cookies, temporales de internet y todos los archivos que éste te muestre como obsoletos.
      • "Registro" para limpiar todo el Registro de Windows (haciendo copia de seguridad).
      • NO necesitamos este reporte.



      Paso 3- Por último vamos a ejecutar OTL que lo debes de tener descargado en tu escritorio:

      • Cierra todos programas que tengas abiertos ( msn, internet explorer,mozilla,Emule,Ares..) y hacer doble click en el ícono de OTL para ejecutarlo.
      • Ahora en el menú solo debes cambiar debajo de donde pone: "Tipo de Análisis" poner Resultado Mínimo.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.




      • Presionar el botón >> .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.



      Paso 4.-: En tu próxima respuesta, pegas los reportes de las 4 Herramientas (AdwCleaner, JRT, Malwarebytes' y OTL) y no olvides comentar como sigue el problema.




      Saludos
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de ozzelito
      Registrado
      jul 2008
      Ubicación
      De alquiler.
      Mensajes
      128

      Re: Lentitud en arranque y en abrir paginas en internet.

      Estimado @MiguelRiaguel, agradecerte una evz ma tu inetres y buen hacer.... adjunto te envio los logs.. espero haberlo hecho bien. Los envio en varios hilos ya q en uno no entran todos. En un principio parece q arranca algo mas rapido..

      # AdwCleaner v6.045 - Archivo de registro creado 21/04/2017 en 08:07:40
      # Actualizado en 28/03/2017 por Malwarebytes
      # Base de datos : 2017-04-21.1 [Servidor]
      # Sistema Operativo : Windows 7 Professional Service Pack 1 (X86)
      # Nombre de usuario : Nuria - PC
      # Ejecutado desde : C:\Users\Nuria\Google Drive\AECC\Desktop\adwcleaner_6.045.exe
      # Modo: Limpiar
      # Soporte : https://www.malwarebytes.com/support



      ***** [ Servicios ] *****



      ***** [ Carpetas ] *****

      [-] Carpeta eliminada: C:\Users\Nuria\AppData\Roaming\mipony
      [-] Carpeta eliminada: C:\Users\Nuria\AppData\Roaming\IObit\Advanced SystemCare
      [-] Carpeta eliminada: C:\Users\Nuria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mipony
      [-] Carpeta eliminada: C:\Users\Nuria\Documents\mipony
      [-] Carpeta eliminada: C:\ProgramData\IObit\ASCDownloader
      [-] Carpeta eliminada: C:\ProgramData\IObit\Advanced SystemCare
      [#] Carpeta eliminada al reiniciar: C:\ProgramData\Application Data\IObit\ASCDownloader
      [#] Carpeta eliminada al reiniciar: C:\ProgramData\Application Data\IObit\Advanced SystemCare
      [-] Carpeta eliminada: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mipony
      [-] Carpeta eliminada: C:\Program Files\mipony
      [-] Carpeta eliminada: C:\Windows\system32\Tasks\WiseCleaner


      ***** [ Archivos ] *****

      [-] Archivo eliminado: C:\Users\Nuria\Downloads\WRCFree.exe
      [-] Archivo eliminado: C:\Users\Nuria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk


      ***** [ DLL ] *****



      ***** [ WMI ] *****



      ***** [ Accesos directos ] *****



      ***** [ Tareas programadas ] *****

      [-] Tarea eliminada: WiseCleaner


      ***** [ Registro ] *****

      [-] Llave eliminada: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
      [-] Llave eliminada: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
      [-] Llave eliminada: HKLM\SOFTWARE\Classes\mipony
      [-] Llave eliminada: HKLM\SOFTWARE\Classes\mipony-ext
      [-] Llave eliminada: HKLM\SOFTWARE\Classes\mpybrowser
      [-] Llave eliminada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
      [-] Llave eliminada: HKLM\SOFTWARE\IOBIT\ASC
      [-] Llave eliminada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiPony
      [-] Llave eliminada: HKU\S-1-5-21-3356932651-526673129-1569688988-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
      [#] Llave eliminada al reiniciar: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
      [-] Llave eliminada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
      [-] Llave eliminada: HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
      [-] Llave eliminada: HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
      [-] Llave eliminada: HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare


      ***** [ Navegadores ] *****



      *************************

      :: Llaves "Tracing" eliminadas
      :: Se han borrado los ajustes de Winsock

      *************************

      C:\AdwCleaner\AdwCleaner[C0].txt - [3083 Bytes] - [21/04/2017 08:07:40]
      C:\AdwCleaner\AdwCleaner[S0].txt - [3328 Bytes] - [21/04/2017 08:07:15]

      ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3229 Bytes] ##########


      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.3 (04.10.2017)
      Operating System: Windows 7 Professional x86
      Ran by Nuria (Administrator) on 21/04/2017 at 8:11:45,36
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 9

      Successfully deleted: C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\searchplugins\avast-search.xml (File)
      Successfully deleted: C:\Users\Nuria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\678TU4E1 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Nuria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QK3TDNSG (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Nuria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S894PRNX (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Nuria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UDNOSW3C (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\678TU4E1 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QK3TDNSG (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S894PRNX (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UDNOSW3C (Temporary Internet Files Folder)



      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 21/04/2017 at 8:14:33,87
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 21/4/17
      Hora del análisis: 8:26
      Archivo de registro: mal.txt
      Administrador: Sí

      -Información del software-
      Versión: 3.0.6.1469
      Versión de los componentes: 1.0.103
      Versión del paquete de actualización: 1.0.1773
      Licencia: Prueba

      -Información del sistema-
      SO: Windows 7 Service Pack 1
      CPU: x86
      Sistema de archivos: NTFS
      Usuario: PC\Nuria

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 299289
      Tiempo transcurrido: 5 min, 21 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Activado
      PUM: Activado

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 5
      PUP.Optional.AshampooRegistryCleaner, C:\PROGRAMDATA\ASHAMPOO\ICO_ASHAMPOO_MARKETPLACE.ICO, Sin acciones por parte del usuario, [2571], [355157],1.0.1773
      PUP.Optional.BundleInstaller, C:\USERS\NURIA\DOWNLOADS\MIPONYINSTALLER.ZIP, Sin acciones por parte del usuario, [25], [25330],1.0.1773
      PUP.Optional.WirelessNetworkTool, C:\USERS\NURIA\DOWNLOADS\WIRELESSNETVIEW_SETUP.EXE, Sin acciones por parte del usuario, [16434], [299476],1.0.1773
      PUP.Optional.InstallCore, C:\USERS\NURIA\DOWNLOADS\MIPONY-INSTALLER(1).EXE, Sin acciones por parte del usuario, [3], [340677],1.0.1773
      PUP.Optional.InstallCore, C:\USERS\NURIA\DOWNLOADS\MIPONY-INSTALLER.EXE, Sin acciones por parte del usuario, [3], [340677],1.0.1773

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

    4. #4
      Usuario Avatar de ozzelito
      Registrado
      jul 2008
      Ubicación
      De alquiler.
      Mensajes
      128

      Re: Lentitud en arranque y en abrir paginas en internet.

      OTL logfile created on: 21/04/2017 8:47:16 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nuria\Google Drive\AECC\Desktop
      Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.11.9600.18638)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      3,19 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 74,77% Memory free
      7,68 Gb Paging File | 6,34 Gb Available in Paging File | 82,55% Paging File free
      Paging file location(s): c:\pagefile.sys 4598 4618 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 223,47 Gb Total Space | 19,40 Gb Free Space | 8,68% Space Free | Partition Type: NTFS
      Drive D: | 931,28 Gb Total Space | 249,11 Gb Free Space | 26,75% Space Free | Partition Type: FAT32
      Drive E: | 100,00 Mb Total Space | 41,70 Mb Free Space | 41,70% Space Free | Partition Type: NTFS
      Drive F: | 687,37 Gb Total Space | 623,73 Gb Free Space | 90,74% Space Free | Partition Type: NTFS

      Computer Name: PC | User Name: Nuria | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Nuria\Google Drive\AECC\Desktop\OTL(1).exe (OldTimer Tools)
      PRC - C:\Users\Nuria\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
      PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o.)
      PRC - C:\Program Files\Google\Update\1.3.33.3\GoogleCrashHandler.exe (Google Inc.)
      PRC - C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe (Plex, Inc.)
      PRC - C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated)
      PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe ()
      PRC - C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe (CHENGDU YIWO Tech Development Co., Ltd)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Program Files\Wondershare\WAF\2.1.6.0\WsAppService.exe (Wondershare)
      PRC - C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
      PRC - C:\Windows\System32\igfxCUIService.exe (Intel Corporation)
      PRC - C:\Windows\System32\igfxEM.exe (Intel Corporation)
      PRC - C:\Windows\System32\igfxHK.exe (Intel Corporation)
      PRC - C:\Program Files\XFastUSB\XFastUsb.exe (FNet Co., Ltd.)
      PRC - C:\Program Files\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe ()
      PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
      PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
      PRC - C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Program Files\Dokan\DokanLibrary\mounter.exe ()
      PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
      PRC - C:\Windows\System32\PRISMSVR.exe (Conexant Systems, Inc.)


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files\AVAST Software\Avast\ffl2.dll ()
      MOD - C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll ()
      MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
      MOD - C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ()
      MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\9a1cd47d0e924cf5bf0ca1b5026d650b\System.ServiceModel.Web.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\0b69a2ccb27dbb63fc337f5db409f834\System.IdentityModel.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\aac4a7fee37b96c05eb0862217745fc1\System.ServiceModel.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\0068e35b6580e4e32aeae04a6471c9ee\System.ComponentModel.Composition.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\9b0d0cb232dec8e57df49678532cb923\System.Runtime.Serialization.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\cde471ea4f02c36c73581ed5681e463e\SMDiagnostics.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\1348a5d04b41c614e48fe5fdb88d1cfa\System.ServiceModel.Internals.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\fb06ad4bc55b9c3ca68a3f9259d826cd\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\1d52bd4ac5e0a6422058a5d62c9f6d9d\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\fe4b221b4109f0c78f57a792500699b5\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\4fbda26d781323081b45526da6e87b35\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\60a7f8245c39a1b0bf984a11845c6878\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\eb4cca4f06a15158c3f7e2c56516729b\System.Core.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\ca5d89c8ed4d2a7e542244cd6757e3cd\System.Xaml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\1be7a15b1f33bf22e4f53aaf45518c77\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\7582400666d289c016013ad0f6e0e3e6\mscorlib.ni.dll ()
      MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()


      ========== Services (SafeList) ==========

      SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (aswbIDSAgent) -- C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o.)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
      SRV - (PlexUpdateService) -- C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe (Plex, Inc.)
      SRV - (AGSService) -- C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated)
      SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
      SRV - (EaseUS Agent) -- C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe (CHENGDU YIWO Tech Development Co., Ltd)
      SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (DiagTrack) -- C:\Windows\System32\diagtrack.dll (Microsoft Corporation)
      SRV - (WsAppService) -- C:\Program Files\Wondershare\WAF\2.1.6.0\WsAppService.exe (Wondershare)
      SRV - (PAExec) -- C:\Windows\PAExec.exe (Power Admin LLC)
      SRV - (BoxSyncUpdateService) -- C:\Program Files\Box\Box Sync\SyncUpdaterService.exe (Box, Inc.)
      SRV - (igfxCUIService1.0.0.0) -- C:\Windows\System32\igfxCUIService.exe (Intel Corporation)
      SRV - (cphs) -- C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation)
      SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (ASRockIOMon) -- C:\Program Files\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe ()
      SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (jhi_service) -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
      SRV - (Intel(R) -- C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
      SRV - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
      SRV - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
      SRV - (ICCS) -- C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
      SRV - (ftpsvc) -- C:\Windows\System32\inetsrv\ftpsvc.dll (Microsoft Corporation)
      SRV - (DokanMounter) -- C:\Program Files\Dokan\DokanLibrary\mounter.exe ()
      SRV - (AxAutoMntSrv) -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
      SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
      SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WMSVC) -- C:\Windows\System32\inetsrv\WMSvc.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (a4t57icp) -- File not found
      DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
      DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys (AVAST Software)
      DRV - (aswStm) -- C:\Windows\System32\drivers\aswStm.sys (AVAST Software)
      DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
      DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
      DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys (AVAST Software)
      DRV - (aswHwid) -- C:\Windows\System32\drivers\aswHwid.sys (AVAST Software)
      DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
      DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
      DRV - (aswblog) -- C:\Windows\System32\drivers\aswblogx.sys (AVAST Software s.r.o.)
      DRV - (aswbidsdriver) -- C:\Windows\System32\drivers\aswbidsdriverx.sys (AVAST Software s.r.o.)
      DRV - (aswbidsh) -- C:\Windows\System32\drivers\aswbidshx.sys (AVAST Software s.r.o.)
      DRV - (aswbuniv) -- C:\Windows\System32\drivers\aswbunivx.sys (AVAST Software s.r.o.)
      DRV - (FNETTBOH_305) -- C:\Windows\System32\drivers\FNETTBOH_305.SYS (FNet Co., Ltd.)
      DRV - (wovad_micarray) -- C:\Windows\System32\drivers\womic.sys (Windows (R) Win 7 DDK provider)
      DRV - (EUFDDISK) -- C:\Windows\System32\drivers\EuFdDisk.sys (CHENGDU YIWO Tech Development Co., Ltd)
      DRV - (EUDSKACS) -- C:\Windows\System32\drivers\eudskacs.sys (CHENGDU YIWO Tech Development Co., Ltd)
      DRV - (EUBAKUP) -- C:\Windows\System32\drivers\eubakup.sys (CHENGDU YIWO Tech Development Co., Ltd)
      DRV - (EUBKMON) -- C:\Windows\System32\drivers\EUBKMON.sys ()
      DRV - (wdm_usb) -- C:\Windows\System32\drivers\usb2ser.sys (MBB)
      DRV - (GUBootStartup) -- C:\Windows\System32\drivers\GUBootStartup.sys (Glarysoft Ltd)
      DRV - (HWiNFO32) -- C:\Windows\System32\drivers\HWiNFO32.SYS (REALiX(tm))
      DRV - (IntelHaxm) -- C:\Windows\System32\drivers\IntelHaxm.sys (Intel Corporation)
      DRV - (AsrDrv101) -- C:\Windows\System32\drivers\AsrDrv101.sys (ASRock Incorporation)
      DRV - (iusb3xhc) -- C:\Windows\System32\drivers\iusb3xhc.sys (Intel Corporation)
      DRV - (iusb3hub) -- C:\Windows\System32\drivers\iusb3hub.sys (Intel Corporation)
      DRV - (iusb3hcs) -- C:\Windows\System32\drivers\iusb3hcs.sys (Intel Corporation)
      DRV - (ptun0901) -- C:\Windows\System32\drivers\ptun0901.sys (The OpenVPN Project)
      DRV - (MEI) -- C:\Windows\System32\drivers\TeeDriver.sys (Intel Corporation)
      DRV - (SIVDriver) -- C:\Windows\System32\drivers\SIVX32.sys (Ray Hinchliffe)
      DRV - (FNETURPX) -- C:\Windows\System32\drivers\FNETURPX.SYS (FNet Co., Ltd.)
      DRV - (VBoxNetFlt) -- C:\Windows\System32\drivers\VBoxNetFlt.sys (Oracle Corporation)
      DRV - (VBoxNetAdp) -- C:\Windows\System32\drivers\VBoxNetAdp.sys (Oracle Corporation)
      DRV - (VBoxUSB) -- C:\Windows\System32\drivers\VBoxUSB.sys (Oracle Corporation)
      DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
      DRV - (ISCT) -- C:\Windows\System32\drivers\ISCTD.sys ()
      DRV - (INETMON) -- C:\Windows\System32\drivers\INETMON.sys ()
      DRV - (RtlWlanu) -- C:\Windows\System32\drivers\RTWlanU.sys (Realtek Semiconductor Corporation )
      DRV - (AmUStor) -- C:\Windows\System32\drivers\AmUStor.sys (Alcor Micro, Corp.)
      DRV - (Serial) -- C:\Windows\System32\drivers\nuvserial.sys (Nuvoton Technology Corp.)
      DRV - (Serenum) -- C:\Windows\System32\drivers\nuvserenum.sys (Windows (R) Win 7 DDK provider)
      DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (pwdspio) -- C:\Windows\System32\pwdspio.sys ()
      DRV - (AsrRamDisk) -- C:\Windows\System32\drivers\AsrRamDisk.sys (ASRock Inc.)
      DRV - (iaStorA) -- C:\Windows\System32\drivers\iaStorA.sys (Intel Corporation)
      DRV - (iaStorF) -- C:\Windows\System32\drivers\iaStorF.sys (Intel Corporation)
      DRV - (SSCBFS3) -- C:\Windows\System32\drivers\sscbfs3.sys (EldoS Corporation)
      DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
      DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
      DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
      DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
      DRV - (ctxusbm) -- C:\Windows\System32\drivers\ctxusbm.sys (Citrix Systems, Inc.)
      DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV - (Dokan) -- C:\Windows\System32\drivers\dokan.sys (Windows (R) Win 7 DDK provider)
      DRV - (AsrAppCharger) -- C:\Windows\System32\drivers\AsrAppCharger.sys (Windows (R) Win 7 DDK provider)
      DRV - (athur) -- C:\Windows\System32\drivers\athur.sys (Atheros Communications, Inc.)
      DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
      DRV - (MBfilt) -- C:\Windows\System32\drivers\MBfilt32.sys (Creative Technology Ltd.)
      DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
      DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
      DRV - (athrusb) -- C:\Windows\System32\drivers\athrusb.sys (Atheros Communications, Inc.)
      DRV - (irsir) -- C:\Windows\System32\drivers\irsir.sys (Microsoft Corporation)
      DRV - (PRISM_A02) -- C:\Windows\System32\drivers\PRISMA02.sys (Conexant Systems, Inc.)
      DRV - (MarvinBus) -- C:\Windows\System32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
      DRV - (PortTalk) -- C:\Windows\System32\drivers\PortTalk.sys (Beyond Logic BeyondLogic)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ES
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 43 69 D6 95 05 91 CE 01 [binary data]
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = EE D5 8F EF 56 D5 D1 01 [binary data]
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 2A 00 00 00 64 D5 06 DC FF DA 98 CC 8D 94 AA 9C BE 7E 7C 5B 0F 8A 96 CB E7 EB 4E 69 4D B2 AD 0D 29 7B 28 AA C7 5F BB 1B CC DA 3F 4A B6 6C 02 00 00 00 0E 00 00 00 64 54 67 53 65 79 54 46 55 35 73 25 33 64 [binary data]
      IE - HKCU\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Bing
      IE - HKCU\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.countryCode: "ES"
      FF - prefs.js..browser.search.defaultengine: "Avast Search"
      FF - prefs.js..browser.search.defaultenginename: "Avast Search"
      FF - prefs.js..browser.search.defaultthis.engineName: "Avast Search"
      FF - prefs.js..browser.search.defaulturl: "https://search.avast.com/AV772/search/web?q={searchTerms}"
      FF - prefs.js..browser.search.hiddenOneOffs: "Avast Search,Yahoo,Bing,DuckDuckGo,Twitter"
      FF - prefs.js..browser.search.order.1: "Avast Search"
      FF - prefs.js..browser.search.region: "ES"
      FF - prefs.js..browser.search.selectedEngine: "Avast Search"
      FF - prefs.js..browser.startup.homepage: "about:home"
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:53.0
      FF - prefs.js..keyword.URL: "https://search.avast.com/AV772/search/web?q={searchTerms}"
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1225196.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.121.2: C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2: C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin: C:\Program Files\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Nuria\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/09/17 10:11:12 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017/04/18 00:02:58 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017/04/18 00:02:58 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/09/17 10:11:12 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6B23F5E3-8014-46B8-9F04-63B1B382C9D5}: C:\Program Files\Copernic Desktop Search - Corporate\FirefoxConnector [2017/04/17 20:57:17 | 000,000,000 | ---D | M]

      [2014/07/13 12:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Extensions
      [2014/07/13 12:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Extensions\[email protected]
      [2017/04/17 06:57:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\extensions
      [2016/10/07 20:24:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\O26lwnfv.default\extensions
      [2016/10/12 12:44:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\O26lwnfv.default\extensions\[email protected]
      [2017/04/17 06:57:57 | 001,055,311 | ---- | M] () (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2017/04/16 21:25:30 | 000,005,297 | ---- | M] () (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\features\{2194dfdd-ad4d-463c-96d2-7a6deccdc513}\[email protected]
      [2017/04/16 21:25:30 | 000,007,195 | ---- | M] () (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\features\{2194dfdd-ad4d-463c-96d2-7a6deccdc513}\[email protected]
      [2017/04/20 07:14:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

      ========== Chrome ==========

      CHR - plugin: Error reading preferences file
      CHR - Extension: No name found = C:\Users\Nuria\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
      CHR - Extension: No name found = C:\Users\Nuria\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\
      CHR - Extension: No name found = C:\Users\Nuria\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.199_0\
      CHR - Extension: No name found = C:\Users\Nuria\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
      CHR - Extension: No name found = C:\Users\Nuria\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\
      CHR - Extension: No name found = C:\Users\Nuria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
      CHR - Extension: No name found = C:\Users\Nuria\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5717.116.0.4_0\

      O1 HOSTS File: ([2016/08/05 12:45:48 | 000,000,940 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: 127.0.0.1 activation.acronis.com
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
      O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
      O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
      O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
      O4 - HKLM..\Run: [Malwarebytes TrayApp] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
      O4 - HKLM..\Run: [USB3MON] C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
      O4 - HKLM..\Run: [XFastUSB] C:\Program Files\XFastUSB\XFastUsb.exe (FNet Co., Ltd.)
      O4 - HKCU..\Run: [BitTorrent] C:\Users\Nuria\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
      O4 - HKCU..\Run: [Copernic Desktop Search - Corporate] C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe (Copernic Inc.)
      O4 - HKCU..\Run: [GUDelayStartup] C:\Program Files\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
      O4 - HKCU..\Run: [Plex Media Server] C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
      O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Nuria\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
      O4 - Startup: C:\Users\Nuria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk = C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutorun = 158
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
      O8 - Extra context menu item: &Enviar a OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O8 - Extra context menu item: Descargar con Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
      O15 - HKCU\..Trusted Domains: fnmt.es ([]http in Sitios de confianza)
      O15 - HKCU\..Trusted Domains: fnmt.es ([]https in Sitios de confianza)
      O15 - HKCU\..Trusted Domains: fnmt.gob.es ([]http in Sitios de confianza)
      O15 - HKCU\..Trusted Domains: fnmt.gob.es ([]https in Sitios de confianza)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A737E0B5-0F54-4364-BB85-3C32A8119974}: DhcpNameServer = 192.168.0.1
      O18 - Protocol\Handler\exalead {39076C07-7014-41FF-A3CD-841360B1C2EC} - C:\Program Files\Exalead\Exalead Desktop\ExaScheme.dll (TODO: <Company name>)
      O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O20 - AppInit_DLLs: (C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll) - C:\Program Files\Citrix\ICA Client\RSHook.dll (Citrix Systems, Inc.)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\PRISMAPI.DLL: DllName - (PRISMAPI.DLL) - C:\Windows\System32\PRISMAPI.dll (Conexant Systems, Inc.)
      O21 - SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\System32\SSCbFsMntNtf3.dll (EldoS Corporation)
      O22 - SharedTaskScheduler: {C28617FD-4FE7-4043-AD51-C8132CE90106} - Virtual Storage Mount Notification - C:\Windows\System32\SSCbFsMntNtf3.dll (EldoS Corporation)
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O32 - AutoRun File - [2015/12/02 01:36:39 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ]
      O32 - AutoRun File - [2010/04/21 23:56:26 | 000,017,010 | ---- | M] () - D:\Autoestima, Habilidades Sociales Y Psicologã*A Cognitiva.pdf -- [ FAT32 ]
      O32 - AutoRun File - [2015/12/02 00:36:40 | 000,000,000 | R--D | M] - D:\Autorun.inf -- [ FAT32 ]
      O32 - AutoRun File - [2015/12/02 01:36:39 | 000,000,000 | R--D | M] - E:\Autorun.inf -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O34 - HKLM BootExecute: (ACHINE BootExecute)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found

      MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
      MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Utilidad de configuración inalámbrica de TP-LINK.lnk - C:\Program Files\TP-LINK\Utilidad de configuración inalámbrica de TP-LINK\TWCU.exe - ()
      MsConfig - StartUpFolder: C:^Users^Nuria^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla y Selector de OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE - (Microsoft Corporation)
      MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: AdobeCEPServiceManager - hkey= - key= - C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: AlcoholAutomount - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
      MsConfig - StartUpReg: AmIcoSinglun - hkey= - key= - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (Alcor Micro Corp.)
      MsConfig - StartUpReg: ArgenteRC - hkey= - key= - C:\Program Files\Argente - Registry Cleaner\ArgenteRC.exe (Raúl Argente)
      MsConfig - StartUpReg: BCSSync - hkey= - key= - C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
      MsConfig - StartUpReg: BoxSync - hkey= - key= - C:\Program Files\Box\Box Sync\BoxSync.exe (Box, Inc.)
      MsConfig - StartUpReg: CCleaner Monitoring - hkey= - key= - C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
      MsConfig - StartUpReg: ConnectionCenter - hkey= - key= - C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
      MsConfig - StartUpReg: Copernic Desktop Search - Corporate - hkey= - key= - C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe (Copernic Inc.)
      MsConfig - StartUpReg: Everything - hkey= - key= - File not found
      MsConfig - StartUpReg: ExaleadDesktop - hkey= - key= - C:\Program Files\Exalead\Exalead Desktop\ExaleadDesktop.exe (Exalead SA.)
      MsConfig - StartUpReg: GoogleDriveSync - hkey= - key= - C:\Program Files\Google\Drive\googledrivesync.exe (Google)
      MsConfig - StartUpReg: GUDelayStartup - hkey= - key= - C:\Program Files\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
      MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
      MsConfig - StartUpReg: KiesPDLR.exe - hkey= - key= - File not found
      MsConfig - StartUpReg: KiesPreload - hkey= - key= - File not found
      MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - File not found
      MsConfig - StartUpReg: OfficeSyncProcess - hkey= - key= - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
      MsConfig - StartUpReg: RTHDVCPL - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
      MsConfig - StartUpReg: SugarSync - hkey= - key= - C:\Program Files\SugarSync\SugarSync.exe (SugarSync, Inc.)
      MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
      MsConfig - StartUpReg: USBToolTip - hkey= - key= - File not found
      MsConfig - StartUpReg: Wondershare Helper Compact - hkey= - key= - C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
      MsConfig - StartUpReg: Wondershare Helper Compact.exe - hkey= - key= - C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
      MsConfig - State: "startup" - 2
      MsConfig - State: "services" - 2

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2017/04/21 08:43:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Nuria\Google Drive\AECC\Desktop\OTL(1).exe
      [2017/04/21 08:25:01 | 000,161,216 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMChameleon.sys
      [2017/04/21 08:24:54 | 000,096,704 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\farflt.sys
      [2017/04/21 08:24:54 | 000,064,288 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mwac.sys
      [2017/04/21 08:24:49 | 000,039,360 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
      [2017/04/21 08:24:44 | 000,220,088 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
      [2017/04/21 08:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      [2017/04/21 08:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
      [2017/04/21 08:09:48 | 000,000,000 | ---D | C] -- C:\Users\Nuria\Google Drive\AECC\Desktop\Nueva carpeta (4)
      [2017/04/21 08:04:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
      [2017/04/21 08:04:57 | 000,000,000 | ---D | C] -- \AdwCleaner
      [2017/04/20 07:19:10 | 000,000,000 | ---D | C] -- C:\Users\Nuria\Google Drive\AECC\Desktop\jesus
      [2017/04/18 22:17:19 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Nuria\Google Drive\AECC\Desktop\HijackThis.exe
      [2017/04/18 00:02:59 | 000,330,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
      [2017/04/17 07:06:50 | 000,000,000 | ---D | C] -- C:\Users\Nuria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WirelessNetView
      [2017/04/16 21:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 10.0
      [2017/04/16 21:46:16 | 000,021,696 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\fbnative.exe
      [2017/04/11 19:14:29 | 000,000,000 | ---D | C] -- C:\Users\Nuria\AppData\Roaming\hubiC
      [2017/04/11 1928 | 000,000,000 | ---D | C] -- C:\Program Files\OVH
      [2017/04/11 07:16:47 | 000,000,000 | ---D | C] -- C:\inetpub
      [2017/04/11 07:16:47 | 000,000,000 | ---D | C] -- \inetpub
      [2017/04/11 07:16:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\BestPractices
      [2017/04/10 22:22:59 | 000,000,000 | ---D | C] -- C:\Users\Nuria\AppData\Local\LocalStorage
      [2017/04/10 22:22:58 | 000,000,000 | ---D | C] -- C:\Users\Nuria\AppData\Roaming\FeePerfect
      [2017/04/10 22:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\Feem 2017
      [2017/04/07 18:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\WOMic
      [2017/04/07 11:08:39 | 000,000,000 | ---D | C] -- C:\Users\Nuria\Google Drive\AECC\Desktop\HACIENDA Ejercicio 2016
      [2017/04/05 19:53:12 | 000,000,000 | ---D | C] -- C:\Users\Nuria\Google Drive\AECC\Desktop\Unidad_2_Malas_noticias_._
      [2017/04/05 07:08:53 | 000,000,000 | ---D | C] -- C:\Users\Nuria\Google Drive\AECC\Desktop\Nueva carpeta (3)
      [2017/04/03 20:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\NzbDrone
      [2017/03/30 17:11:30 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
      [2017/03/30 17:11:30 | 000,000,000 | -H-D | C] -- \OneDriveTemp
      [2017/03/30 17:08:40 | 000,000,000 | R--D | C] -- C:\Users\Nuria\OneDrive
      [2017/03/30 17:08:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft OneDrive
      [2017/03/30 17:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
      [2017/03/26 13:01:48 | 000,000,000 | ---D | C] -- C:\Users\Nuria\AppData\Local\Skype
      [2017/03/26 13:01:43 | 000,000,000 | ---D | C] -- C:\Users\Nuria\AppData\Roaming\Skype
      [2017/03/26 13:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
      [2015/03/26 13:48:46 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files\Common Files\atimpenc.dll
      [2014/03/23 20:42:54 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Nuria\AppData\Roaming\pcouffin.sys
      [2012/08/13 19:32:28 | 000,421,968 | ---- | C] (Microsoft Corporation) -- C:\Users\Nuria\msvcp100.dll
      [2012/08/13 19:32:28 | 000,096,336 | ---- | C] (Microsoft Corporation) -- C:\Users\Nuria\CrmClientSetup.exe
      [2012/08/13 19:32:24 | 000,771,152 | ---- | C] (Microsoft Corporation) -- C:\Users\Nuria\msvcr100.dll

      ========== Files - Modified Within 30 Days ==========

      [2017/04/21 08:43:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nuria\Google Drive\AECC\Desktop\OTL(1).exe
      [2017/04/21 08:43:49 | 000,027,120 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2017/04/21 08:43:49 | 000,027,120 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2017/04/21 08:43:01 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3356932651-526673129-1569688988-1001.job
      [2017/04/21 08:42:13 | 000,001,770 | ---- | M] () -- C:\Users\Nuria\Documents\cc_20170421_084211.reg
      [2017/04/21 08:41:53 | 000,002,434 | ---- | M] () -- C:\Users\Nuria\Documents\cc_20170421_084151.reg
      [2017/04/21 08:41:38 | 000,028,928 | ---- | M] () -- C:\Users\Nuria\Documents\cc_20170421_084135.reg
      [2017/04/21 08:40:00 | 000,751,356 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2017/04/21 08:40:00 | 000,665,742 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2017/04/21 08:40:00 | 000,163,010 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2017/04/21 08:40:00 | 000,124,242 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2017/04/21 08:37:18 | 000,064,288 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mwac.sys
      [2017/04/21 08:37:08 | 000,096,704 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\farflt.sys
      [2017/04/21 08:37:06 | 000,039,360 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
      [2017/04/21 08:37:05 | 000,220,088 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
      [2017/04/21 08:35:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2017/04/21 08:35:00 | 2569,535,488 | -HS- | M] () -- C:\hiberfil.sys
      [2017/04/21 08:25:01 | 000,161,216 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMChameleon.sys
      [2017/04/21 08:24:37 | 000,001,980 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
      [2017/04/21 06:09:00 | 000,000,610 | ---- | M] () -- C:\Windows\tasks\G2MUploadTask-S-1-5-21-3356932651-526673129-1569688988-1001.job
      [2017/04/20 07:14:56 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2017/04/18 22:17:07 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Nuria\Google Drive\AECC\Desktop\HijackThis.exe
      [2017/04/18 00:02:52 | 000,472,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
      [2017/04/18 00:02:52 | 000,279,800 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
      [2017/04/18 00:02:52 | 000,118,800 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
      [2017/04/18 00:02:52 | 000,106,904 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
      [2017/04/18 00:02:52 | 000,090,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
      [2017/04/18 00:02:52 | 000,062,152 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
      [2017/04/18 00:02:52 | 000,034,136 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
      [2017/04/18 00:02:51 | 000,330,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
      [2017/04/18 00:02:48 | 000,764,064 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
      [2017/04/18 00:02:48 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
      [2017/04/18 00:02:46 | 000,267,528 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\System32\drivers\aswblogx.sys
      [2017/04/18 00:02:46 | 000,255,184 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\System32\drivers\aswbidsdriverx.sys
      [2017/04/18 00:02:46 | 000,148,208 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\System32\drivers\aswbidshx.sys
      [2017/04/18 00:02:46 | 000,041,176 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\System32\drivers\aswbunivx.sys
      [2017/04/16 21:57:25 | 003,915,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
      [2017/04/16 21:33:21 | 000,001,024 | -H-- | M] () -- C:\AMTAG.BIN
      [2017/04/16 18:54:48 | 000,485,876 | ---- | M] () -- C:\Users\Nuria\Google Drive\AECC\Desktop\MOD 9_Obligaciones.SGIENC.pdf
      [2017/04/11 1928 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\hubiC.lnk
      [2017/04/10 22:22:59 | 000,017,408 | ---- | M] () -- C:\Users\Nuria\AppData\Local\WebpageIcons.db
      [2017/04/07 06:44:55 | 000,025,600 | ---- | M] () -- C:\Users\Nuria\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2017/04/06 02:33:07 | 000,002,087 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2017/03/31 08:13:15 | 000,029,760 | ---- | M] (FNet Co., Ltd.) -- C:\Windows\System32\drivers\FNETTBOH_305.SYS
      [2017/03/31 07:51:31 | 000,153,840 | ---- | M] () -- C:\Users\Nuria\Documents\manuel-rodriguez-contrato.pdf
      [2017/03/26 13:30:24 | 000,000,723 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
      [2017/03/22 11:02:44 | 000,059,904 | ---- | M] () -- C:\Windows\System32\drivers\mbae.sys

    5. #5
      Usuario Avatar de ozzelito
      Registrado
      jul 2008
      Ubicación
      De alquiler.
      Mensajes
      128

      Re: Lentitud en arranque y en abrir paginas en internet.

      ========== Files Created - No Company Name ==========

      [2017/04/21 08:42:12 | 000,001,770 | ---- | C] () -- C:\Users\Nuria\Documents\cc_20170421_084211.reg
      [2017/04/21 08:41:52 | 000,002,434 | ---- | C] () -- C:\Users\Nuria\Documents\cc_20170421_084151.reg
      [2017/04/21 08:41:37 | 000,028,928 | ---- | C] () -- C:\Users\Nuria\Documents\cc_20170421_084135.reg
      [2017/04/21 08:24:37 | 000,001,980 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
      [2017/04/21 08:24:35 | 000,059,904 | ---- | C] () -- C:\Windows\System32\drivers\mbae.sys
      [2017/04/20 07:14:56 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2017/04/16 18:54:48 | 000,485,876 | ---- | C] () -- C:\Users\Nuria\Google Drive\AECC\Desktop\MOD 9_Obligaciones.SGIENC.pdf
      [2017/04/11 1928 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\hubiC.lnk
      [2017/04/11 1928 | 000,000,913 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hubiC.lnk
      [2017/04/10 22:22:59 | 000,017,408 | ---- | C] () -- C:\Users\Nuria\AppData\Local\WebpageIcons.db
      [2017/03/31 07:51:31 | 000,153,840 | ---- | C] () -- C:\Users\Nuria\Documents\manuel-rodriguez-contrato.pdf
      [2017/03/30 17:08:40 | 000,002,182 | ---- | C] () -- C:\Users\Nuria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
      [2017/03/18 13:37:07 | 000,370,774 | ---- | C] () -- C:\Users\Nuria\variable psicologicos de dolor.pdf
      [2017/03/18 11:55:26 | 000,000,600 | ---- | C] () -- C:\Users\Nuria\AppData\Local\PUTTY.RND
      [2016/09/24 12:00:18 | 000,000,001 | ---- | C] () -- C:\Users\Nuria\AppData\Local\llftool.4.30.agreement
      [2016/08/05 10:01:53 | 000,001,024 | -H-- | C] () -- \AMTAG.BIN
      [2016/08/04 19:57:34 | 000,046,584 | ---- | C] () -- C:\Windows\System32\drivers\EUBKMON.sys
      [2016/06/28 15:42:50 | 003,915,992 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
      [2016/05/15 20:48:34 | 000,000,073 | ---- | C] () -- C:\Users\Nuria\.gitconfig
      [2016/04/10 22:57:42 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
      [2016/01/23 00:26:23 | 000,000,232 | ---- | C] () -- C:\Windows\System32\dllhost.exe.config
      [2016/01/17 22:16:58 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
      [2016/01/17 11:11:47 | 003,180,264 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
      [2016/01/17 11:11:46 | 000,449,481 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
      [2016/01/06 12:54:16 | 000,505,608 | ---- | C] () -- C:\Windows\System32\USBKeyCredentialProvider.dll
      [2016/01/03 23:24:11 | 004,198,400 | ---- | C] () -- \H81MVG41.50
      [2016/01/03 12:40:25 | 000,892,088 | ---- | C] () -- \Coreinfo.exe
      [2015/12/28 23:45:32 | 000,197,448 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
      [2015/12/28 23:45:32 | 000,096,608 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll
      [2015/12/28 21:36:42 | 000,000,640 | ---- | C] () -- C:\Windows\System32\VendorCmd0.bin
      [2015/12/27 21:39:26 | 005,467,168 | ---- | C] () -- \H81MVG4140.exe
      [2015/12/27 21:14:15 | 005,462,560 | ---- | C] () -- \H81MVG4130.exe
      [2015/12/27 20:45:31 | 000,022,728 | ---- | C] () -- C:\Windows\System32\drivers\INETMON.sys
      [2015/12/21 09:26:58 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
      [2015/12/01 22:19:07 | 000,000,001 | ---- | C] () -- C:\Users\Nuria\AppData\Local\llftool.4.40.agreement
      [2015/12/01 01:54:34 | 000,000,464 | RHS- | C] () -- C:\ProgramData\ntuser.pol
      [2015/11/22 21:41:32 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-PC-Windows-7-Professional-(32-bit).dat
      [2015/09/04 12:35:56 | 000,413,800 | ---- | C] () -- C:\Windows\System32\igfxTray.exe
      [2015/09/04 12:35:56 | 000,080,384 | ---- | C] () -- C:\Windows\System32\igfxCUIServicePS.dll
      [2015/09/04 12:35:56 | 000,073,728 | ---- | C] ( ) -- C:\Windows\System32\igfxDHLibv2_0.dll
      [2015/09/04 12:35:56 | 000,060,416 | ---- | C] ( ) -- C:\Windows\System32\igfxDHLib.dll
      [2015/09/04 12:35:56 | 000,011,264 | ---- | C] ( ) -- C:\Windows\System32\igfxDILib.dll
      [2015/09/04 12:35:56 | 000,010,752 | ---- | C] ( ) -- C:\Windows\System32\igfxDILibv2_0.dll
      [2015/09/04 12:35:56 | 000,010,240 | ---- | C] ( ) -- C:\Windows\System32\igfxEMLibv2_0.dll
      [2015/09/04 12:35:56 | 000,010,240 | ---- | C] ( ) -- C:\Windows\System32\igfxEMLib.dll
      [2015/09/04 12:35:56 | 000,005,120 | ---- | C] ( ) -- C:\Windows\System32\igfxLHMLibv2_0.dll
      [2015/09/04 12:35:56 | 000,005,120 | ---- | C] ( ) -- C:\Windows\System32\igfxLHMLib.dll
      [2015/09/04 12:35:52 | 006,725,182 | ---- | C] () -- C:\Windows\System32\igdclbif.bin
      [2015/09/04 12:35:52 | 000,153,088 | ---- | C] () -- C:\Windows\System32\igdde32.dll
      [2015/09/04 12:35:50 | 017,331,808 | ---- | C] () -- C:\Windows\System32\igd11dxva32.dll
      [2015/09/04 12:35:48 | 000,000,935 | ---- | C] () -- C:\Windows\System32\Gfxv4_0.exe.config
      [2015/09/04 12:35:48 | 000,000,895 | ---- | C] () -- C:\Windows\System32\Gfxv2_0.exe.config
      [2015/09/04 12:35:48 | 000,000,895 | ---- | C] () -- C:\Windows\System32\DPTopologyAppv2_0.exe.config
      [2015/06/30 21:11:39 | 000,000,918 | ---- | C] () -- C:\Users\Nuria\ServerCert.pan
      [2014/11/23 15:57:22 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
      [2014/11/23 15:57:22 | 000,000,000 | RHS- | C] () -- \IO.SYS
      [2014/07/01 17:59:53 | 000,000,000 | ---- | C] () -- \asc_rdflag
      [2014/05/18 22:41:27 | 000,007,600 | ---- | C] () -- C:\Users\Nuria\AppData\Local\Resmon.ResmonCfg
      [2014/03/23 20:42:54 | 000,007,887 | ---- | C] () -- C:\Users\Nuria\AppData\Roaming\pcouffin.cat
      [2014/03/23 20:42:54 | 000,001,144 | ---- | C] () -- C:\Users\Nuria\AppData\Roaming\pcouffin.inf
      [2014/01/30 22:42:19 | 000,000,001 | ---- | C] () -- C:\Users\Nuria\AppData\Local\llftool.4.25.agreement
      [2014/01/02 19:48:04 | 000,000,070 | ---- | C] () -- C:\Users\Nuria\AppData\Roaming\WB.CFG
      [2013/10/09 22:01:58 | 000,000,048 | ---- | C] () -- C:\Users\Nuria\.jupload.properties
      [2013/10/02 18:37:43 | 000,000,590 | ---- | C] () -- C:\Users\Nuria\AppData\Roaming\AutoGK.ini
      [2013/08/31 12:21:23 | 000,000,037 | -HS- | C] () -- C:\Users\Nuria\AppData\Local\70149b02515b3bb20dd492.47983420
      [2013/08/25 11:12:33 | 000,025,600 | ---- | C] () -- C:\Users\Nuria\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2013/08/09 23:58:25 | 000,399,860 | RHS- | C] () -- \bootmgr
      [2013/07/16 23:53:35 | 2569,535,488 | -HS- | C] () -- \hiberfil.sys
      [2012/09/29 22:31:48 | 000,001,918 | ---- | C] () -- \certnuria.pfx.cer
      [2012/05/22 15:03:02 | 000,000,275 | ---- | C] () -- \config.xml
      [2009/07/14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
      [2009/07/14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys

      ========== ZeroAccess Check ==========

      [2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2016/08/29 17:12:50 | 012,880,384 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2015/06/24 22:24:37 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\.oit
      [2013/09/15 22:37:26 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\4Free
      [2016/08/05 11:47:24 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Acronis
      [2017/04/21 08:02:12 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Acrylic Wi-Fi Home
      [2015/03/25 21:25:54 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\AIMP3
      [2016/01/23 02:36:53 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Apowersoft
      [2016/07/19 07:13:04 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Audacity
      [2014/07/31 06:53:45 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\AVAST Software
      [2016/09/28 18:36:06 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\AVG
      [2016/12/18 15:02:40 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Azureus
      [2015/03/21 11:33:18 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\BitSpirit
      [2017/04/21 08:45:56 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\BitTorrent
      [2013/09/27 02:13:36 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Blender Foundation
      [2015/06/24 22:26:15 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\calibre
      [2013/09/22 10:55:57 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Canneverbe Limited
      [2016/04/17 20:59:14 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Canon_Inc_IC
      [2015/07/20 07:18:50 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\com.adobe.mauby
      [2015/07/20 07:18:50 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [2016/02/10 22:06:42 | 000,000,000 | -HSD | M] -- C:\Users\Nuria\AppData\Roaming\Common
      [2016/02/10 22:53:49 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Copernic
      [2016/05/19 16:29:18 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Disk Cleaner
      [2015/11/22 12:37:18 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\DiskDefrag
      [2016/02/11 22:17:25 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Downloaded Installations
      [2015/12/29 18:30:08 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Dropbox
      [2016/05/22 12:06:56 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\DVDVideoSoft
      [2015/11/11 07:28:25 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\DxCK
      [2016/11/20 10:58:46 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Emby-InstallLogs
      [2017/03/26 13:30:24 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Emby-Server
      [2017/04/10 22:22:58 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\FeePerfect
      [2016/02/11 22:22:13 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\FileOpen
      [2016/02/10 22:33:43 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\FileSeek
      [2017/04/21 08:41:12 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\FileZilla
      [2013/08/21 00:20:32 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Fix-It Driver Repair
      [2015/02/14 03:13:32 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\FNET
      [2015/08/18 21:38:17 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Foxit Software
      [2013/10/06 22:11:45 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\FreeVideoConverter
      [2017/04/09 21:16:13 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\GlarySoft
      [2014/07/26 10:27:56 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Hard Disk Sentinel
      [2016/01/23 00:27:04 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\HMYGSetting
      [2017/04/21 08:45:50 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\hubiC
      [2016/06/21 23:22:39 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\ICAClient
      [2013/10/31 09:11:09 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\ImgBurn
      [2017/04/21 08:07:35 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\IObit
      [2016/07/25 19:37:14 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\JetBrains
      [2016/04/03 20:21:54 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Key Metric Software
      [2015/12/27 23:30:03 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Leadertech
      [2016/01/16 23:09:03 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Locate32
      [2013/11/21 17:56:25 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\MetaGeek
      [2016/08/23 21:21:06 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\NCH Swift Sound
      [2016/02/14 14:07:20 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Nitro
      [2016/08/05 00:19:32 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Nitro PDF
      [2015/06/21 18:35:05 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Nuance
      [2015/03/24 07:25:14 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\NuGet
      [2016/01/10 11:00:00 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Opera Software
      [2015/03/16 07:23:05 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Oracle
      [2013/09/17 09:28:40 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\PhotoScape
      [2016/10/16 21:39:41 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Plex Home Theater
      [2015/03/22 21:33:17 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\PotPlayerMini
      [2013/10/07 18:21:23 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\proDAD
      [2013/12/01 13:09:27 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Publish Providers
      [2016/06/23 06:53:06 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Samsung
      [2015/08/18 21:38:57 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\SecondLife
      [2016/04/13 21:57:36 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Serviio-Console-Wrapper
      [2015/02/09 20:42:11 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Sony
      [2017/04/18 22:14:41 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Spotify
      [2015/07/20 19:09:51 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\TeamViewer
      [2014/07/13 12:02:45 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\TomTom
      [2016/08/04 20:58:07 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Toshiba Corporation
      [2013/11/24 12:33:27 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\TP-LINK
      [2016/09/27 19:36:10 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\TuneUp Software
      [2016/01/18 07:37:46 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\TweakNow RegCleaner
      [2016/06/29 18:12:49 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\uTorrent
      [2015/01/29 01:56:13 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\VS Revo Group
      [2014/03/23 20:50:05 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Vso
      [2016/04/02 12:00:50 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Wondershare
      [2013/12/15 20:18:27 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Wondershare Video Converter Ultimate
      [2016/01/03 20:43:33 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Xilisoft
      [2016/04/25 23:36:14 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Yandex
      [2015/06/21 15:24:45 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\Zeon
      [2013/12/15 20:18:58 | 000,000,000 | ---D | M] -- C:\Users\Nuria\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2017/04/16 21:33:21 | 000,001,024 | -H-- | M] () -- C:\AMTAG.BIN
      [2014/07/01 17:59:53 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
      [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2013/07/17 12:45:38 | 000,000,002 | ---- | M] () -- C:\AvastSetup.log
      [2016/03/24 00:39:31 | 000,399,860 | RHS- | M] () -- C:\bootmgr
      [2012/10/10 17:26:57 | 000,001,918 | ---- | M] () -- C:\certnuria.pfx.cer
      [2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2012/05/15 19:53:51 | 000,000,275 | ---- | M] () -- C:\config.xml
      [2014/08/18 13:29:28 | 000,892,088 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Coreinfo.exe
      [2016/07/03 15:23:38 | 000,001,567 | ---- | M] () -- C:\DelFix.txt
      [2015/08/03 15:44:44 | 004,198,400 | ---- | M] () -- C:\H81MVG41.50
      [2013/12/06 17:42:36 | 005,462,560 | ---- | M] () -- C:\H81MVG4130.exe
      [2014/07/02 22:16:02 | 005,467,168 | ---- | M] () -- C:\H81MVG4140.exe
      [2017/04/21 08:35:00 | 2569,535,488 | -HS- | M] () -- C:\hiberfil.sys
      [2016/07/10 19:46:18 | 000,003,835 | ---- | M] () -- C:\IFS.log
      [2014/11/23 15:57:22 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2014/07/07 06:45:22 | 000,001,145 | ---- | M] () -- C:\mb.txt
      [2014/11/23 15:57:22 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2017/04/21 08:35:00 | 526,385,151 | -HS- | M] () -- C:\pagefile.sys

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 175 bytes -> C:\ProgramData\TEMP:1AAB2E68

      < End of report >

    6. #6
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      11.859

      Re: Lentitud en arranque y en abrir paginas en internet.

      Hola de nuevo,

      Con Malwarebytes has realizado un análisis de amenazas y te pedí que hicieras un Análisis Personalizado, ya que hace un examen mucho más exhaustivo de todo el sistema tarda un poco más en terminar, eso sí, pero el resultado final es mucho mejor y más profundo. No tengas prisa en hacer los pasos, es mucho más importante realizarlos tal y como los solicitamos para que sean lo más óptimos posibles.

      Ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro:

      • Para hacerlo descarga >> DelFix.exe en tu escritorio.

        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

        • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      Ahora ejecuta de nuevo OTL.exe pero en Modo Seguro.



      1.- Copiar el siguiente texto (excluyendo la palabra Código):
      Código:
      :OTL
      [2016/10/12 12:44:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\O26lwnfv.default\extensions\[email protected]
      [2017/04/17 06:57:57 | 001,055,311 | ---- | M] () (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2017/04/16 21:25:30 | 000,005,297 | ---- | M] () (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\features\{2194dfdd-ad4d-463c-96d2-7a6deccdc513}\[email protected]
      [2017/04/16 21:25:30 | 000,007,195 | ---- | M] () (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\features\{2194dfdd-ad4d-463c-96d2-7a6deccdc513}\[email protected]
      CHR - plugin: Error reading preferences file
      O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
      O8 - Extra context menu item: Descargar con Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm File not found
      MsConfig - StartUpReg: KiesPDLR.exe - hkey= - key= - File not found
      MsConfig - StartUpReg: KiesPreload - hkey= - key= - File not found
      MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - File not found
      MsConfig - StartUpReg: USBToolTip - hkey= - key= - File not found
      @Alternate Data Stream - 175 bytes -> C:\ProgramData\TEMP:1AAB2E68
      
      :Files
      ipconfig /flushdns /c
      ipconfig /registerdns /c
      ipconfig /release /c
      ipconfig /renew /c
      
      :Commands
      [purity]
      [resethosts]
      [emptyflash]
      [emptytemp]
      [emptyjava]
      [createrestorepoint]
      [Reboot]

      2.- Pegar el contenido sobre el apartado: Análisis Personalizados /Código de Reparación.


      3.- Presionar el botón Reparar para comenzar el procedimiento. Presionar OK.


      OTL va a reiniciar el ordenador para completar el procedimiento.

      Guardar el nuevo reporte generado. Copiar y pegarlo en su próxima respuesta.
      Ahora ejecuta un Análisis Personalizado con Malwarebytes, tal y como te indiqué en un paso anterior, para así comprobar que el sistema está totalmente limpio. Me dejas también este nuevo reporte de Malwarebytes, comentando como funciona el Sistema ahora.

      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de ozzelito
      Registrado
      jul 2008
      Ubicación
      De alquiler.
      Mensajes
      128

      Re: Lentitud en arranque y en abrir paginas en internet.

      Mis excusas.. no lei bien el apartado de Analisis personalizado..te adjunto los logs..

      :OTL
      [2016/10/12 12:44:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\O26lwnfv.default\extensions\[email protected]
      [2017/04/17 06:57:57 | 001,055,311 | ---- | M] () (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2017/04/16 21:25:30 | 000,005,297 | ---- | M] () (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\features\{2194dfdd-ad4d-463c-96d2-7a6deccdc513}\[email protected]
      [2017/04/16 21:25:30 | 000,007,195 | ---- | M] () (No name found) -- C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\features\{2194dfdd-ad4d-463c-96d2-7a6deccdc513}\[email protected]
      CHR - plugin: Error reading preferences file
      O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
      O8 - Extra context menu item: Descargar con Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm File not found
      MsConfig - StartUpReg: KiesPDLR.exe - hkey= - key= - File not found
      MsConfig - StartUpReg: KiesPreload - hkey= - key= - File not found
      MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - File not found
      MsConfig - StartUpReg: USBToolTip - hkey= - key= - File not found
      @Alternate Data Stream - 175 bytes -> C:\ProgramData\TEMP:1AAB2E68

      :Files
      ipconfig /flushdns /c
      ipconfig /registerdns /c
      ipconfig /release /c
      ipconfig /renew /c

      :Commands
      [purity]
      [resethosts]
      [emptyflash]
      [emptytemp]
      [emptyjava]
      [createrestorepoint]
      [Reboot]

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 21/4/17
      Hora del análisis: 8:26
      Archivo de registro: malw.txt
      Administrador: Sí

      -Información del software-
      Versión: 3.0.6.1469
      Versión de los componentes: 1.0.103
      Versión del paquete de actualización: 1.0.1773
      Licencia: Prueba

      -Información del sistema-
      SO: Windows 7 Service Pack 1
      CPU: x86
      Sistema de archivos: NTFS
      Usuario: PC\Nuria

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 299289
      Tiempo transcurrido: 5 min, 21 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Activado
      PUM: Activado

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 5
      PUP.Optional.AshampooRegistryCleaner, C:\PROGRAMDATA\ASHAMPOO\ICO_ASHAMPOO_MARKETPLACE.ICO, En cuarentena, [2571], [355157],1.0.1773
      PUP.Optional.BundleInstaller, C:\USERS\NURIA\DOWNLOADS\MIPONYINSTALLER.ZIP, En cuarentena, [25], [25330],1.0.1773
      PUP.Optional.WirelessNetworkTool, C:\USERS\NURIA\DOWNLOADS\WIRELESSNETVIEW_SETUP.EXE, En cuarentena, [16434], [299476],1.0.1773
      PUP.Optional.InstallCore, C:\USERS\NURIA\DOWNLOADS\MIPONY-INSTALLER(1).EXE, En cuarentena, [3], [340677],1.0.1773
      PUP.Optional.InstallCore, C:\USERS\NURIA\DOWNLOADS\MIPONY-INSTALLER.EXE, En cuarentena, [3], [340677],1.0.1773

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

    8. #8
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      11.859

      Re: Lentitud en arranque y en abrir paginas en internet.

      Hola de nuevo:

      El reporte de Malwarebytes es el mismo que me dejaste en una respuesta tuya anterior Te dejo un link donde se explica como consultar los reportes de tus análisis de Malwarebytes: Historial y Registros de Análisis. Si puedes, me dejas el reporte del Análisis Personalizado que te solicité.

      Y respecto a OTL, no es el reporte esperado: o no realizaste los pasos que te indiqué de forma correcta, o no me copiaste el reporte que correspondía. Te aconsejo que vuelves a realizar los pasos que te indiqué con OTL en mi anterior respuesta #6, y me dejes ese reporte.

      Perdona que insista en los reportes de las herramientas, pero ya que no podemos tener el equipo de forma física delante de nosotros, estos reportes son nuestros ojos y nos indican que acciones podemos emprender. No te olvides tampoco de comentar que tal sigue funcionando el equipo después de realizar todos los pasos indicados.

      Estamos en contacto.
      Saludos
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de ozzelito
      Registrado
      jul 2008
      Ubicación
      De alquiler.
      Mensajes
      128

      Re: Lentitud en arranque y en abrir paginas en internet.

      Ops.. debi de liarme... espero q ahora este todo bien... Menuda torpeza la mia

      All processes killed
      ========== OTL ==========
      Folder C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\O26lwnfv.default\extensions\[email protected]\ not found.
      File C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
      File C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\features\{2194dfdd-ad4d-463c-96d2-7a6deccdc513}\[email protected] not found.
      File C:\Users\Nuria\AppData\Roaming\Mozilla\Firefox\Profiles\d0hgsd4r.default-1492370191901\features\{2194dfdd-ad4d-463c-96d2-7a6deccdc513}\[email protected] not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ not found.
      Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Descargar con Mipony\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\KiesPDLR.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\KiesPreload\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\KiesTrayAgent\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\USBToolTip\ not found.
      Unable to delete ADS C:\ProgramData\TEMP:1AAB2E68 .
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Nuria\Google Drive\AECC\Desktop\cmd.bat deleted successfully.
      C:\Users\Nuria\Google Drive\AECC\Desktop\cmd.txt deleted successfully.
      < ipconfig /registerdns /c >
      Configuraci¢n IP de Windows
      Se inici¢ el registro de los registros de recursos DNS para todos
      los adaptadores de este equipo. Cualquier error se notificar* en
      el Visor de eventos en 15 minutos.
      C:\Users\Nuria\Google Drive\AECC\Desktop\cmd.bat deleted successfully.
      C:\Users\Nuria\Google Drive\AECC\Desktop\cmd.txt deleted successfully.
      < ipconfig /release /c >
      Configuraci¢n IP de Windows
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 19:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::38b4:3c49:8db4:ee3e%41
      Puerta de enlace predeterminada . . . . . :
      Adaptador de Ethernet Conexi¢n de *rea local 2:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{D62CB804-3243-4EAC-AFD5-7DE029730DB7}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{C8F34DBC-F70B-4AF4-B69E-F82058C18BFE}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{A737E0B5-0F54-4364-BB85-3C32A8119974}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local* 11:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      C:\Users\Nuria\Google Drive\AECC\Desktop\cmd.bat deleted successfully.
      C:\Users\Nuria\Google Drive\AECC\Desktop\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local 2 mientras los medios
      est‚n desconectados.
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 19:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::38b4:3c49:8db4:ee3e%41
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.154
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.0.1
      Adaptador de Ethernet Conexi¢n de *rea local 2:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{D62CB804-3243-4EAC-AFD5-7DE029730DB7}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{C8F34DBC-F70B-4AF4-B69E-F82058C18BFE}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{A737E0B5-0F54-4364-BB85-3C32A8119974}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local* 11:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      C:\Users\Nuria\Google Drive\AECC\Desktop\cmd.bat deleted successfully.
      C:\Users\Nuria\Google Drive\AECC\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: All Users

      User: Default
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Flash cache emptied: 0 bytes

      User: Nuria
      ->Flash cache emptied: 492 bytes

      User: Public

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Nuria
      ->Temp folder emptied: 14555992 bytes
      ->Temporary Internet Files folder emptied: 5957915 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 22503579 bytes
      ->Google Chrome cache emptied: 53534742 bytes
      ->Flash cache emptied: 0 bytes

      User: Public
      ->Temp folder emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 401066 bytes
      RecycleBin emptied: 92869 bytes

      Total Files Cleaned = 93,00 mb


      [EMPTYJAVA]

      User: All Users

      User: Default

      User: Default User

      User: Nuria
      ->Java cache emptied: 0 bytes

      User: Public

      Total Java Files Cleaned = 0,00 mb

      Unable to start System Restore Service. Error code 1084

      OTL by OldTimer - Version 3.2.69.0 log created on 04232017_212101

      Files\Folders moved on Reboot...

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...


      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 23/4/17
      Hora del análisis: 21:28
      Archivo de registro:
      Administrador: Sí

      -Información del software-
      Versión: 3.0.6.1469
      Versión de los componentes: 1.0.103
      Versión del paquete de actualización: 1.0.1792
      Licencia: Prueba

      -Información del sistema-
      SO: Windows 7 Service Pack 1
      CPU: x86
      Sistema de archivos: NTFS
      Usuario: PC\Nuria

      -Resumen del análisis-
      Tipo de análisis: Análisis personalizado
      Resultado: Completado
      Objetos analizados: 337147
      Tiempo transcurrido: 1 hr, 8 min, 32 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Activado
      Heurística: Activado
      PUP: Activado
      PUM: Activado

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 0
      (No hay elementos maliciosos detectados)

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

    10. #10
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      11.859

      Re: Lentitud en arranque y en abrir paginas en internet.

      Holaaa...

      las prisas que mala consejera es te vuelvo a copiar el final de mi mensaje anterior:

      Cita Originalmente publicado por @MiguelRiaguel Ver Mensaje
      No te olvides tampoco de comentar que tal sigue funcionando el equipo después de realizar todos los pasos indicados.

      Estamos en contacto.
      Saludos
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo