• Registrarse
  • Iniciar sesión


  • Página 2 de 4 PrimeroPrimero 1234 ÚltimoÚltimo
    Resultados 11 al 20 de 34

    Pc muy lenta y no puedo crear punto de restauracion (Solucionado)

    ...

          
    1. #11
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Feliz Año Nuevo y gracias por la ayuda, disculpa un poco la tardanza. Ya estoy de vuelta, haré lo que me dices y te estaré informando.

    2. #12
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.436

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Feliz año también para ti
      Ok... estamos en contacto.
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Hola Miguel, te voy a dejar los Log que me solicitaste; estaré atento a las sugerencias que hagas.

      Log Dr Web
      Start curing
      -----------------------------------------------------------------------------

      E:\DISCO E\PROGRAMAS\BUENOS PROGRAMAS\pcmedik Repara pc Mantenimiento.exe - quarantined
      G:\APLICACIONES\PROGRAMAS NUEVOS Y BUENOS\AdwCleaner.exe - quarantined
      G:\INTERESANTE\REPRODUCTORES\SFInstaller_ASG_aresgalaxy_8896843_.exe - quarantined
      G:\INTERESANTE\REPRODUCTORES\aTube_Catcher_Setup.exe - quarantined

      Total 471187644148 bytes in 529899 files scanned (937992 objects)
      Total 529764 files (937815 objects) are clean
      Total 4 files (8 objects) are infected
      Total 4 files are neutralized
      Total 162 files are raised error condition
      Scan time is 02:07:31.294

      [email protected] as downloader log:
      all ok
      # product=EOS
      # version=8
      # OnlineScannerApp.exe=1.0.0.1
      # EOSSerial=85fb353a01ce344b80468f2689b34c4f
      # end=init
      # utc_time=2018-01-06 05:49:34
      # local_time=2018-01-06 12:49:34 (-0500, Hora est. Pacífico, Sudamérica)
      # country="Spain"
      # osver=6.2.9200 NT
      [email protected] as downloader log:
      all ok
      # product=EOS
      # version=8
      # OnlineScannerApp.exe=1.0.0.1
      # EOSSerial=85fb353a01ce344b80468f2689b34c4f
      # end=init
      # utc_time=2018-01-06 05:51:58
      # local_time=2018-01-06 12:51:58 (-0500, Hora est. Pacífico, Sudamérica)
      # country="Spain"
      # osver=6.2.9200 NT
      Update Init
      Update Download
      Update Finalize
      Updated modules version: 35975
      # product=EOS
      # version=8
      # OnlineScannerApp.exe=1.0.0.1
      # EOSSerial=85fb353a01ce344b80468f2689b34c4f
      # end=updated
      # utc_time=2018-01-06 05:59:26
      # local_time=2018-01-06 12:59:26 (-0500, Hora est. Pacífico, Sudamérica)
      # country="Spain"
      # osver=6.2.9200 NT
      # product=EOS
      # version=8
      # OnlineScannerApp.exe=1.0.0.1
      # OnlineScanner.ocx=1.0.0.7777
      # api_version=3.1.1
      # EOSSerial=85fb353a01ce344b80468f2689b34c4f
      # engine=35975
      # end=finished
      # remove_checked=true
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2018-01-06 08:47:42
      # local_time=2018-01-06 03:47:42 (-0500, Hora est. Pacífico, Sudamérica)
      # country="Spain"
      # lang=3082
      # osver=6.2.9200 NT
      # compatibility_mode_1=''
      # compatibility_mode=5893 16776573 100 94 0 77824074 0 0
      # scanned=237985
      # found=8
      # cleaned=8
      # scan_time=10096
      sh=58C7139D5257AFCFFB2EA4056A1E0F424381DED8 ft=1 fh=7c7d1b7174339564 vn="Win32/Bundled.Toolbar.Google.D aplicación potencialmente peligrosa (no se ha podido desinfectar - archivo eliminado)" ac=C fn="C:\Users\VASCOS\Desktop\LOGS\ccsetup538.exe"
      sh=66C72019EAFA41BBF3E708CC3824C7C4447BDAB6 ft=1 fh=0a46a8abafa4da1b vn="Win64/HackKMS.C aplicación potencialmente peligrosa (no se ha podido desinfectar - archivo eliminado)" ac=C fn="C:\Windows\SECOH-QAD.exe"
      sh=D40FBAF76D1B6D1FC593E0399A3171EF50E1204E ft=1 fh=e7700d129ff08fc3 vn="Win32/Bundled.Toolbar.Google.E aplicación potencialmente peligrosa (no se ha podido desinfectar - archivo eliminado)" ac=C fn="E:\DISCO E\PROGRAMAS\BUENOS PROGRAMAS\dfsetup209.exe"
      sh=EDEA181BABEF4DFF0979CAE05BF9DE4C89B8F7D8 ft=0 fh=0000000000000000 vn="una variante de Win32/Bundled.Toolbar.Ask aplicación potencialmente peligrosa (eliminado)" ac=C fn="E:\DISCO E\PROGRAMAS\BUENOS PROGRAMAS\FFSetup230-.rar"
      sh=6F08A14139AC460B09CA4DEDCF4FA1E0A3FFABE0 ft=1 fh=35acc8f29e2dbb34 vn="Win32/Bundled.Toolbar.Google.E aplicación potencialmente peligrosa (no se ha podido desinfectar - archivo eliminado)" ac=C fn="E:\DISCO E\PROGRAMAS\USB\PARA RECUPERAR ARCHIVOS BORRADOS\spsetup115.exe"
      sh=D40FBAF76D1B6D1FC593E0399A3171EF50E1204E ft=1 fh=e7700d129ff08fc3 vn="Win32/Bundled.Toolbar.Google.E aplicación potencialmente peligrosa (no se ha podido desinfectar - archivo eliminado)" ac=C fn="G:\INTERESANTE\BUENOS PROGRAMAS\dfsetup209.exe"
      sh=621CDFBBACE55BEC19759F3418C2B1985FDB626D ft=1 fh=3c15423fa214769f vn="una variante de Win32/Bundled.Toolbar.Ask aplicación potencialmente peligrosa (no se ha podido desinfectar - archivo eliminado)" ac=C fn="G:\INTERESANTE\BUENOS PROGRAMAS\FFSetup230-.exe"
      sh=FC53D339A55E8696EE28106F7181DEAECF0C9AE7 ft=0 fh=0000000000000000 vn="una variante de Win32/HackTool.Patcher.D aplicación potencialmente peligrosa (eliminado)" ac=C fn="G:\INTERESANTE\REPRODUCTORES\Nero 11.rar"

    4. #14
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.436

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Me faltan los reportes más importantes: Frst.txt y Addition.Txt
      Y no olvides comentarme cómo sigue funcionando el equipo.

      Saludos
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #15
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
      Ran by VASCOS (administrator) on JOSEVAS (06-01-2018 16:16:23)
      Running from C:\Users\VASCOS\Desktop
      Loaded Profiles: VASCOS (Available Profiles: VASCOS)
      Platform: Windows 10 Pro 10240.17236 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: FF)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
      () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1604.21020.0_x64__8wekyb3d8bbwe\Calculator.exe
      (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25071.0_x64__8wekyb3d8bbwe\Video.UI.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-13] (Piriform Ltd)
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\Policies\Explorer: [NoSaveSettings] 0
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
      HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
      HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
      BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      GroupPolicy\User: Restriction <==== ATTENTION
      GroupPolicyScripts: Restriction <==== ATTENTION
      GroupPolicyScripts-x32: Restriction <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 0.0.0.0
      Tcpip\..\Interfaces\{0c696b33-81af-45d9-a29f-73ee6a5d20de}: [DhcpNameServer] 192.168.1.254 0.0.0.0
      Tcpip\..\Interfaces\{a74c3a7b-363e-4463-8766-6d79e2c242a6}: [DhcpNameServer] 192.168.1.254 0.0.0.0

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.co.msn.com/
      BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
      BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
      BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
      DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

      FireFox:
      ========
      FF ProfilePath: C:\Users\VASCOS\AppData\Roaming\Mozilla\Firefox\Profiles\zjv9w8fk.default-1474085608708 [2018-01-06]
      FF Homepage: Mozilla\Firefox\Profiles\zjv9w8fk.default-1474085608708 -> hxxp://www.google.com
      FF Extension: (Disable JavaScript Shared Memory) - C:\Users\VASCOS\AppData\Roaming\Mozilla\Firefox\Profiles\zjv9w8fk.default-1474085608708\features\{7bb4741a-f1ae-4798-b8cb-e88aa7590b66}\[email protected] [2018-01-03] [Legacy]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-16] ()
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
      FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2014-03-18] (Verimatrix, Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin HKU\S-1-5-21-2934898292-73728795-2388589752-1001: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2014-03-18] (Verimatrix, Inc.)

      Chrome:
      =======
      CHR DefaultProfile: Default
      CHR DefaultSearchURL: Default -> hxxps://pandasecurity.mystart.com/results.php?pr=vmn&id=pandasafeweb&v=1_0_chromeextension_unknown__&searchfeed=web&hsimp=yhs-panda1&ent=ch_ss&q={searchTerms}
      CHR DefaultSearchKeyword: Default -> safeWeb
      CHR Profile: C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default [2017-12-27]
      CHR Extension: (Presentaciones) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
      CHR Extension: (Documentos) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
      CHR Extension: (Google Drive) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
      CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-07-27]
      CHR Extension: (YouTube) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
      CHR Extension: (Búsqueda de Google) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
      CHR Extension: (Hojas de cálculo) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
      CHR Extension: (Skype) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-30]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
      CHR Extension: (Gmail) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
      CHR Extension: (Chrome Media Router) - C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-29]
      CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <not found>
      CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
      S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
      S4 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-10-17] (Dropbox, Inc.)
      S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
      S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
      S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-06-01] (Nero AG)
      S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
      S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
      R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
      R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-11-19] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [11944 2015-06-12] (Advanced Micro Devices Inc.)
      S3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2017-11-01] (The OpenVPN Project)
      R3 cykbfltrService; C:\WINDOWS\system32\DRIVERS\cykbfltr.sys [19968 2017-10-23] (Cypress Semiconductor, Inc.)
      S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-08-24] (Samsung Electronics Co., Ltd.)
      R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-09] (REALiX(tm))
      S3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
      S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-01-03] (Malwarebytes)
      R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-10-23] (NVIDIA Corporation)
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1009128 2017-10-23] (Realtek )
      S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-08-24] (Samsung Electronics Co., Ltd.)
      S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
      S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
      S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
      R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
      R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
      S3 dbx; system32\DRIVERS\dbx.sys [X]
      S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-01-06 16:16 - 2018-01-06 16:17 - 000013854 _____ C:\Users\VASCOS\Desktop\FRST.txt
      2018-01-06 16:16 - 2018-01-06 16:16 - 000000000 ____D C:\FRST
      2018-01-06 16:07 - 2018-01-06 16:07 - 000016148 _____ C:\WINDOWS\system32\JOSEVAS_VASCOS_HistoryPrediction.bin
      2018-01-06 12:49 - 2018-01-06 12:49 - 000000000 ____D C:\Program Files (x86)\ESET
      2018-01-06 12:26 - 2018-01-06 12:27 - 090031521 _____ C:\Users\VASCOS\Desktop\cureit LOG.txt
      2018-01-06 09:42 - 2018-01-06 09:42 - 000000000 ____D C:\Users\VASCOS\AppData\Local\ElevatedDiagnostics
      2018-01-06 09:38 - 2018-01-06 09:53 - 000135406 _____ C:\WINDOWS\ntbtlog.txt
      2018-01-06 09:35 - 2018-01-06 09:35 - 000000239 _____ C:\Users\VASCOS\Desktop\DelFix.txt
      2018-01-05 19:26 - 2018-01-05 19:27 - 000349320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2018-01-04 20:54 - 2018-01-06 09:49 - 163950344 _____ C:\Users\VASCOS\Desktop\cureit.exe
      2018-01-04 20:51 - 2018-01-04 20:51 - 002870984 _____ (ESET) C:\Users\VASCOS\Desktop\esetsmartinstaller_esn.exe
      2018-01-04 20:51 - 2018-01-04 20:51 - 002393088 _____ (Farbar) C:\Users\VASCOS\Desktop\FRST64.exe
      2018-01-03 21:32 - 2018-01-03 21:32 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
      2017-12-30 20:24 - 2017-12-30 20:24 - 000422121 ____T C:\Users\VASCOS\Documents\30 dic pago.pdf
      2017-12-30 20:23 - 2017-12-30 20:23 - 000299003 ____T C:\Users\VASCOS\Documents\Dic30.pdf
      2017-12-18 14:20 - 2017-12-18 14:20 - 000000000 ____D C:\_OTL
      2017-12-18 11:38 - 2018-01-06 09:39 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
      2017-12-17 22:49 - 2018-01-06 09:34 - 000000239 _____ C:\DelFix.txt
      2017-12-17 22:49 - 2017-12-17 22:49 - 000000000 ____D C:\WINDOWS\ERUNT
      2017-12-17 22:44 - 2017-12-18 11:36 - 000000000 ____D C:\WINDOWS\pss
      2017-12-17 13:23 - 2017-12-18 14:16 - 000001044 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-12-17 12:52 - 2017-12-17 12:52 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-12-17 12:52 - 2017-12-17 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-12-17 12:52 - 2017-12-17 12:52 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-12-17 11:58 - 2017-12-17 11:58 - 000000000 ____D C:\WINDOWS\ERDNT
      2017-12-17 11:57 - 2017-12-17 11:57 - 000000993 _____ C:\Users\VASCOS\Desktop\NTREGOPT.lnk
      2017-12-17 11:57 - 2017-12-17 11:57 - 000000974 _____ C:\Users\VASCOS\Desktop\ERUNT.lnk
      2017-12-17 11:57 - 2017-12-17 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
      2017-12-17 11:57 - 2017-12-17 11:57 - 000000000 ____D C:\Program Files (x86)\ERUNT
      2017-12-11 18:28 - 2017-10-26 15:03 - 000388608 _____ (Trend Micro Inc.) C:\Users\VASCOS\Desktop\HijackThis.exe
      2017-12-07 13:19 - 2017-12-07 13:19 - 000000000 ___RD C:\Users\VASCOS\Documents\Scanned Documents
      2017-12-07 13:19 - 2017-12-07 13:19 - 000000000 ____D C:\Users\VASCOS\Documents\Fax

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-01-06 16:15 - 2017-01-05 11:46 - 000000000 ____D C:\Users\VASCOS\AppData\LocalLow\Mozilla
      2018-01-06 12:42 - 2015-08-11 12:06 - 000000000 ____D C:\Users\VASCOS
      2018-01-06 12:40 - 2015-07-10 07:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2018-01-06 12:39 - 2015-07-10 04:05 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
      2018-01-06 08:50 - 2016-08-02 22:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2018-01-05 20:00 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
      2018-01-05 20:00 - 2013-12-09 22:04 - 000000000 ___RD C:\Users\VASCOS\Desktop\ACCESOS
      2018-01-05 19:44 - 2013-12-09 19:16 - 000000000 ____D C:\Users\VASCOS\Documents\Archivos de Outlook
      2018-01-05 19:34 - 2017-05-22 20:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2018-01-05 19:33 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\AppReadiness
      2018-01-05 19:32 - 2015-07-10 06:04 - 000000000 ___HD C:\Program Files\WindowsApps
      2018-01-04 20:16 - 2015-08-25 20:30 - 000000000 ___RD C:\Users\VASCOS\Desktop\FACTURAS
      2017-12-29 21:43 - 2014-01-15 12:13 - 000000000 ____D C:\ProgramData\TEMP
      2017-12-29 21:43 - 2014-01-15 12:13 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
      2017-12-29 21:39 - 2017-07-26 22:17 - 000000000 ____D C:\FSTool
      2017-12-29 19:58 - 2017-11-16 21:14 - 000000000 ____D C:\AdwCleaner
      2017-12-27 21:12 - 2015-03-15 16:09 - 000000078 _____ C:\Users\VASCOS\AppData\default.pls
      2017-12-27 21:00 - 2015-08-11 12:02 - 000000000 ____D C:\ProgramData\NVIDIA
      2017-12-24 18:18 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\system32\NDF
      2017-12-24 17:41 - 2017-10-24 12:07 - 000004212 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
      2017-12-22 20:30 - 2016-07-31 21:25 - 000000000 ____D C:\temp
      2017-12-22 20:07 - 2017-11-03 12:28 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
      2017-12-22 20:06 - 2017-11-03 12:27 - 000000000 ____D C:\Users\VASCOS\AppData\Local\AvgSetupLog
      2017-12-19 08:56 - 2015-07-10 06:02 - 000000000 ____D C:\WINDOWS\INF
      2017-12-18 13:16 - 2016-03-12 19:59 - 000000000 ____D C:\Users\VASCOS\AppData\Local\MSfree Inc
      2017-12-18 13:06 - 2015-08-11 12:20 - 001850064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2017-12-18 13:06 - 2015-07-10 11:26 - 000820080 _____ C:\WINDOWS\system32\perfh00A.dat
      2017-12-18 13:06 - 2015-07-10 11:26 - 000161080 _____ C:\WINDOWS\system32\perfc00A.dat
      2017-12-18 12:36 - 2016-10-23 20:27 - 000000000 ____D C:\Users\VASCOS\Desktop\2017
      2017-12-17 13:24 - 2015-08-28 16:20 - 000000000 ____D C:\WINDOWS\Minidump
      2017-12-11 18:39 - 2017-10-26 15:20 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
      2017-12-11 18:39 - 2014-01-02 22:28 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

      ==================== Files in the root of some directories =======

      2014-07-09 10:32 - 2016-10-18 19:15 - 000007657 _____ () C:\Users\VASCOS\AppData\Local\resmon.resmoncfg
      2015-03-17 19:38 - 2015-03-17 19:39 - 000000404 _____ () C:\Users\VASCOS\AppData\Local\Temp-log.txt

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-07-24 14:20

      ==================== End of FRST.txt ============================

    6. #16
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
      Ran by VASCOS (06-01-2018 16:17:48)
      Running from C:\Users\VASCOS\Desktop
      Windows 10 Pro 10240.17236 (X64) (2015-08-11 17:40:50)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-2934898292-73728795-2388589752-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-2934898292-73728795-2388589752-503 - Limited - Disabled)
      Invitado (S-1-5-21-2934898292-73728795-2388589752-501 - Limited - Disabled)
      VASCOS (S-1-5-21-2934898292-73728795-2388589752-1001 - Administrator - Enabled) => C:\Users\VASCOS

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      Actualización de NVIDIA 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
      AdAwareInstaller (HKLM\...\{EBE1D498-A767-489E-A0DD-F317A8B83579}) (Version: 11.0.4555.0 - Lavasoft) Hidden
      AdAwareUpdater (HKLM\...\{0A087CE7-F643-4FE8-A5D2-0BBAF4A7B032}) (Version: 11.0.4555.0 - Lavasoft) Hidden
      Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
      AntimalwareEngine (HKLM\...\{600DEB42-433A-40AF-BC14-082E40577BF2}) (Version: 2.6.0.0 - Lavasoft) Hidden
      aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
      AVG (HKLM\...\{E61E6143-4937-43FC-8C12-06B8A987484D}) (Version: 1.211.3 - AVG Technologies) Hidden
      CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
      Dropbox (HKLM-x32\...\Dropbox) (Version: 37.4.29 - Dropbox, Inc.)
      Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
      Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
      ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
      ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
      Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
      FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
      FMW 1 (HKLM\...\{36133E9F-B129-4206-9FB4-13F707787542}) (Version: 1.226.3 - AVG Technologies) Hidden
      FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
      Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
      Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
      Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\OneDriveSetup.exe) (Version: 17.3.7073.1013 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
      Mozilla Firefox 57.0.4 (x64 es-ES) (HKLM\...\Mozilla Firefox 57.0.4 (x64 es-ES)) (Version: 57.0.4 - Mozilla)
      Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
      Nero 7 Essentials (HKLM-x32\...\{66EBD70F-A42C-475F-AEDF-277378151034}) (Version: 7.02.9491 - Nero AG)
      NVIDIA Controlador de 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
      NVIDIA Controlador de audio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
      NVIDIA Controlador de gráficos 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
      NVIDIA Controlador de la controladora 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
      NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
      NVIDIA Software del sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
      Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
      Panel de control de NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
      Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
      Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
      Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
      Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
      Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
      SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.1000 - NVIDIA Corporation) Hidden
      SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
      Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
      Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
      SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
      TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
      Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{28C1EB1A-45AC-4B12-887F-98EE0AA0D6DD}) (Version: - Microsoft)
      Update for Skype for Business 2015 (KB3161988) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E1C47F57-5CCA-4077-96A6-7BFD2A026ECD}) (Version: - Microsoft)
      Update for Skype for Business 2015 (KB3161988) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E1C47F57-5CCA-4077-96A6-7BFD2A026ECD}) (Version: - Microsoft)
      Update for Skype for Business 2015 (KB3161988) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{E1C47F57-5CCA-4077-96A6-7BFD2A026ECD}) (Version: - Microsoft)
      ViewRight Web PC 3.5.2.0 (HKLM-x32\...\{6556D478-C3CC-4E21-A923-80B4DA0703BA}) (Version: 3.5.2.0 - Verimatrix, Inc.)
      VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
      WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {031843D6-48CA-44C0-8095-A12C56A78794} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
      Task: {054BB4D9-2E1C-466B-8A1A-0340C8C7673E} - \Uninstaller_SkipUac_Administrator -> No File <==== ATTENTION
      Task: {0BD516FA-2773-49C5-8CB9-1A60A8DC8E71} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
      Task: {12EF2A5C-9E82-4390-8E81-67A11CBD9248} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
      Task: {16B7AF06-2653-4705-9247-3E5F9465DC08} - \{5CC0F61E-4DC3-4EFC-AD10-D42A5CA15D39} -> No File <==== ATTENTION
      Task: {1B07CA38-2D9B-4B40-81BA-1FBCEF0CA330} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
      Task: {253DB9A6-DE40-48EE-A1A7-BECB0CFCBF5B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
      Task: {2B7BFBE9-D7BA-4122-B847-340DCE2DF3F0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
      Task: {2F849090-B889-4BED-BC65-B0F298501922} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
      Task: {3B0FC258-D132-4599-A0F4-6DE991DC8150} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
      Task: {3CAE39D0-807D-4C05-9BDD-83FA14A7F198} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW
      Task: {401BBB80-6AB7-4915-A85C-E76CD7E1F57A} - no filepath
      Task: {4112A847-B630-41EF-9D06-1B29AF72F897} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      Task: {450032EF-A749-4511-89BE-A1FB8E881428} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\remsh.exe
      Task: {461852B3-11B0-4111-B0EF-D08B1DF9932A} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
      Task: {64D1F829-6178-4866-8ABB-5011D5BBD924} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
      Task: {694320A0-637F-4670-B7D8-12F31B6EDBFF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
      Task: {6C864B75-BE01-4EE6-8E77-904F8FF924EE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
      Task: {6CD79B57-9228-4905-A33A-3E295F4E4176} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
      Task: {6DB921B8-4D84-4CC8-ADB7-E0429797F35F} - no filepath
      Task: {6FB76D1E-8D9E-4FEC-BC6B-7929F5108B5B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-16] (Adobe Systems Incorporated)
      Task: {716DB1B2-4206-44FF-A10A-BAEBC49C2A5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      Task: {76A94BBB-C417-4221-8EEC-9AA34DC97149} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
      Task: {79EAFBD8-D512-4B25-9DA5-C6EE171A07FB} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
      Task: {7E14F18D-0B5C-4FC6-A8AA-78075C29EB48} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-13] (Piriform Ltd)
      Task: {890A6244-82AA-4F5A-988C-F101C51952CC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
      Task: {934828F1-1708-444B-B5BC-7A00DB951EE0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
      Task: {9892D36C-305F-454B-987B-077BE2569CF6} - \Game_Booster_AutoUpdate -> No File <==== ATTENTION
      Task: {A34CFA60-0E00-4B38-AA1E-5D4982A1C530} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-13] (Piriform Ltd)
      Task: {A540F410-7817-475B-BC30-94414CDFC233} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
      Task: {BC2BCBC3-3490-43AB-8B0F-FC2211A9819E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
      Task: {C02EB919-E5CE-4205-8198-3D68C46F21A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
      Task: {E573319F-C72A-4E4B-AACA-F25BCF93011C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
      Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
      Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2015-07-10 06:00 - 2015-07-10 06:00 - 000028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
      2015-08-11 05:53 - 2015-08-11 05:53 - 000032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
      2016-11-10 16:18 - 2016-10-25 02:15 - 000404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
      2016-12-18 21:09 - 2016-11-19 05:24 - 002495776 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
      2015-09-30 20:44 - 2015-09-17 00:48 - 000429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
      2015-07-10 05:59 - 2015-07-10 05:59 - 000143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
      2016-12-18 21:09 - 2016-11-19 01:09 - 006569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
      2016-12-18 21:09 - 2016-11-19 01:06 - 000471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2016-12-18 21:09 - 2016-11-19 01:06 - 001808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
      2015-09-30 20:44 - 2015-09-17 00:43 - 002274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
      2015-07-10 06:00 - 2015-07-10 11:34 - 000210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
      2016-06-27 20:43 - 2016-06-27 20:43 - 003621888 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1604.21020.0_x64__8wekyb3d8bbwe\Calculator.exe
      2015-12-14 20:20 - 2015-12-14 20:20 - 000258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1604.21020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dsbmdl => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)

      IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
      IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
      IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
      IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
      IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
      IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
      IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
      IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> 1-2005-search.com
      IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
      IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> 1000gratisproben.com
      IE restricted site: HKU\.DEFAULT\...\1001namen.com -> 1001 Namen
      IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
      IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
      IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
      IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
      IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
      IE restricted site: HKU\.DEFAULT\...\123fporn.info -> Dangers related to **** sites | **** related viruses
      IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> 123haustiereundmehr - Delighting 123haustiereundmehr Buffs
      IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> 123Movies Best Movies
      IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

      There are 7839 more sites.

      IE trusted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\ma-config.com -> hxxp://ma-config.com
      IE trusted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\touslesdrivers.com -> hxxp://touslesdrivers.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\007guard.com -> install.007guard.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\008i.com -> 008i.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\008k.com -> 008k.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\00hq.com -> www.00hq.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\010402.com -> 010402.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\0190-dialers.com -> 0190-dialers.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\01i.info -> 01i.info
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\0411dd.com -> 0411dd.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\0511zfhl.com -> 0511zfhl.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\05p.com -> 05p.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\0632qyw.com -> 0632qyw.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\0calories.net -> 0calories.net
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\0cj.net -> 0cj.net
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\0scan.com -> 0scan.com
      IE restricted site: HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\1-2005-search.com -> 1-2005-search.com

      There are 12704 more sites.


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2013-08-22 08:25 - 2017-12-18 14:21 - 000000098 _____ C:\WINDOWS\system32\Drivers\etc\hosts

      127.0.0.1 localhost

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VASCOS\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{1fc85c87-64f4-460f-8296-764be7c97ff4}.jpg
      DNS Servers: 192.168.1.254
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      HKLM\...\StartupApproved\Run: => "ShadowPlay"
      HKLM\...\StartupApproved\Run: => "Nvtmru"
      HKLM\...\StartupApproved\Run: => "NvBackend"
      HKLM\...\StartupApproved\Run: => "RTHDVCPL"
      HKLM\...\StartupApproved\Run32: => "PSUAMain"
      HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
      HKLM\...\StartupApproved\Run32: => "Dropbox"
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\StartupApproved\StartupFolder: => "ERUNT AutoBackup.lnk"
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\StartupApproved\Run: => "Google Update"
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_0DBFEF4A9F930E0A02FE0E56ABF11EB8"
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\StartupApproved\Run: => "OneDrive"
      HKU\S-1-5-21-2934898292-73728795-2388589752-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{09B7129B-2A30-4D48-938E-D9B2A789CBB0}] => (Block) C:\program files (x86)\skype\phone\skype.exe
      FirewallRules: [{A63EB18B-2DCE-49EF-836E-417B72FA3169}] => (Block) C:\program files (x86)\skype\phone\skype.exe
      FirewallRules: [UDP Query User{A8964A52-153F-4300-8B11-D258E5EA5EF4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
      FirewallRules: [TCP Query User{679B9589-AACE-4C6A-91E7-12C5EFB142A2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
      FirewallRules: [{E9AB21C9-8392-43B3-AA2B-F5088D7A816D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{7B1FF11F-CB3D-4D2B-8237-B0E2CF11FE6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{CF0E656D-DA47-461E-B498-C0D16513DE91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
      FirewallRules: [{B5E1D674-D5A8-46B8-A055-CFE65C1BF0C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
      FirewallRules: [{20199A8F-1022-49CA-AB12-16A98DF2CACC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
      FirewallRules: [{91F7F820-4655-4455-9BDE-827844D14C3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
      FirewallRules: [{A2FCC5E5-BB1E-45FC-AB59-9AB28EB7680F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{65B58110-B369-44CA-888C-43A6970727D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{588CAACF-F094-4E3F-9BF1-265AFE8A5BDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
      FirewallRules: [{9885BE19-6C40-400C-A027-39216E0C55A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
      FirewallRules: [{5DAF0BC4-1126-4CF4-830D-4BA846F481E3}] => (Allow) LPort=48114
      FirewallRules: [{5D517768-CEB5-4095-B255-8D84B7483BEF}] => (Allow) LPort=48113
      FirewallRules: [{FB04BE9C-4759-48EA-9A46-CA94AD606D96}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [{2209247A-97B6-4489-9A88-9AB2BD6F2B32}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [{3AE3F14D-1BD0-430F-9D2C-D739D5CEE7AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{BC38A263-8D47-4DE9-9F03-0F19F85664F5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{46657A93-417E-406B-973E-D09BF268BAB9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{ED6D6FAF-AD5F-4BD5-A80E-551CC723BACB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{A2CE66E7-2CAF-49F7-81DB-A50A10D57F33}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{18353A0E-4E5C-4A9A-8AF7-260C55F1BF88}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{5E195C82-5A96-471A-9C95-EEA00D660B52}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [{ACFE099C-204B-4198-BD9E-8B38D0FC6C6E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [TCP Query User{7F895366-5BED-4E88-888B-58017F6E4E70}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
      FirewallRules: [UDP Query User{82F76871-C558-4173-9B08-BA65E8D881BF}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
      FirewallRules: [{DC8BEE7A-CE01-4629-894B-7223CE1033E1}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
      FirewallRules: [{7F0C591D-87AB-4E5E-8D0E-E1AAD7E19286}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
      FirewallRules: [{49C8C1C4-1951-491D-BC78-CA023D2AC5AA}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
      FirewallRules: [{501FF208-070E-4868-8D64-B90AE8A8DA5C}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
      FirewallRules: [{967273A6-2D6E-4CB7-A3FF-94FE986652D3}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe
      FirewallRules: [TCP Query User{74061E80-8563-4531-A2AF-FBF91C2F4D9D}K:\programas\ktp activador\kms_tools_portable_06_12_2016\kms_tools_portable_06_12_2016\kms tools portable 06_12_2016\programs\office 2013-2016 c2r install v5.9.2\files\bin\kmss.exe] => (Allow) K:\programas\ktp activador\kms_tools_portable_06_12_2016\kms_tools_portable_06_12_2016\kms tools portable 06_12_2016\programs\office 2013-2016 c2r install v5.9.2\files\bin\kmss.exe
      FirewallRules: [UDP Query User{79EF1351-1364-46AC-A6FF-0D909F858093}K:\programas\ktp activador\kms_tools_portable_06_12_2016\kms_tools_portable_06_12_2016\kms tools portable 06_12_2016\programs\office 2013-2016 c2r install v5.9.2\files\bin\kmss.exe] => (Allow) K:\programas\ktp activador\kms_tools_portable_06_12_2016\kms_tools_portable_06_12_2016\kms tools portable 06_12_2016\programs\office 2013-2016 c2r install v5.9.2\files\bin\kmss.exe
      FirewallRules: [{DDB3158D-921A-4F73-A7F7-469036197FF3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

      ==================== Restore Points =========================


      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================

      System errors:
      =============

      ==================== Memory info ===========================

      Processor: AMD Phenom(tm) II X4 965 Processor
      Percentage of memory in use: 29%
      Total physical RAM: 4094.18 MB
      Available physical RAM: 2890.77 MB
      Total Virtual: 4798.18 MB
      Available Virtual: 3549.48 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:292.43 GB) (Free:199.43 GB) NTFS
      Drive d: () (Fixed) (Total:638.54 GB) (Free:565.06 GB) NTFS
      Drive e: (FISCAPENS) (Fixed) (Total:11.72 GB) (Free:11.48 GB) NTFS
      Drive f: (MÚSICA I) (Fixed) (Total:126.96 GB) (Free:86.95 GB) NTFS
      Drive g: (GNERALES) (Fixed) (Total:51.23 GB) (Free:46.55 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2BD2C32A)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=292.4 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
      Partition 4: (Not Active) - (Size=638.5 GB) - (Type=07 NTFS)

      ========================================================
      Disk: 1 (Size: 189.9 GB) (Disk ID: 00000001)
      Partition 1: (Active) - (Size=11.7 GB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=178.2 GB) - (Type=OF Extended)

      ==================== End of Addition.txt ============================

    7. #17
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Hola Miguel, el PC a mejorado en cuanto a la rápidez cuando se inicia, pero sigue el problema con EL PUNTO DE RESTAURACION, el CCleaner me informa que el último está desactivado por la seguridad del sistema. No he podido habilitarlo, espero tus consejos.

    8. #18
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.436

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro:

      • Para hacerlo descarga >> DelFix.exe en tu escritorio.

        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

        • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación, ve a:

      Inicio >>> Ejecutar >>>Escribes notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      GroupPolicy\User: Restriction <==== ATTENTION
      GroupPolicyScripts: Restriction <==== ATTENTION
      GroupPolicyScripts-x32: Restriction <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      FF Extension: (Disable JavaScript Shared Memory) - C:\Users\VASCOS\AppData\Roaming\Mozilla\Firefox\Profiles\zjv9w8fk.default-1474085608708\features\{7bb4741a-f1ae-4798-b8cb-e88aa7590b66}\[email protected] [2018-01-03] [Legacy]
      CHR DefaultSearchURL: Default -> hxxps://pandasecurity.mystart.com/results.php?pr=vmn&id=pandasafeweb&v=1_0_chromeextension_unknown__&searchfeed=web&hsimp=yhs-panda1&ent=ch_ss&q={searchTerms}
      CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <not found>
      Task: {031843D6-48CA-44C0-8095-A12C56A78794} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
      Task: {054BB4D9-2E1C-466B-8A1A-0340C8C7673E} - \Uninstaller_SkipUac_Administrator -> No File <==== ATTENTION
      Task: {0BD516FA-2773-49C5-8CB9-1A60A8DC8E71} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
      Task: {12EF2A5C-9E82-4390-8E81-67A11CBD9248} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
      Task: {16B7AF06-2653-4705-9247-3E5F9465DC08} - \{5CC0F61E-4DC3-4EFC-AD10-D42A5CA15D39} -> No File <==== ATTENTION
      Task: {1B07CA38-2D9B-4B40-81BA-1FBCEF0CA330} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
      Task: {253DB9A6-DE40-48EE-A1A7-BECB0CFCBF5B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
      Task: {2F849090-B889-4BED-BC65-B0F298501922} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
      Task: {401BBB80-6AB7-4915-A85C-E76CD7E1F57A} - no filepath
      Task: {64D1F829-6178-4866-8ABB-5011D5BBD924} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
      Task: {694320A0-637F-4670-B7D8-12F31B6EDBFF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
      Task: {6CD79B57-9228-4905-A33A-3E295F4E4176} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
      Task: {6DB921B8-4D84-4CC8-ADB7-E0429797F35F} - no filepath
      Task: {76A94BBB-C417-4221-8EEC-9AA34DC97149} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
      Task: {79EAFBD8-D512-4B25-9DA5-C6EE171A07FB} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
      Task: {890A6244-82AA-4F5A-988C-F101C51952CC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
      Task: {9892D36C-305F-454B-987B-077BE2569CF6} - \Game_Booster_AutoUpdate -> No File <==== ATTENTION
      Task: {C02EB919-E5CE-4205-8198-3D68C46F21A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
      Task: {E573319F-C72A-4E4B-AACA-F25BCF93011C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
      AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
      HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
      
      CMD:  ipconfig /release 
      CMD:  ipconfig /renew 
      CMD:  ipconfig /flushdns 
      CMD:  ipconfig /registerdns
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.
      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.


      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Reinicias el equipo y comentas cómo sigue funcionando todo (si se ha corregido el problema de los puntos de restauración).
      Saludos.
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #19
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Gracias, haré lo que me dices y te informaré.

    10. #20
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.436

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Ok... por aquí estaremos para ver la evolución del equipo
      Estamos en contacto
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.