Hola.
Que el equipo este mas lento despues de estar descargando mucha información puede ser normal, y mas teniendo en cuenta que TU equipo tiene 12 años de vida.
Después de horas de uso continuado y estresante tanto para la conexión de Internet, la memoria, el procesador y/o el disco duro unidad C: donde se ubica Windows NO es algo que nos deba extrañar.
Pero… para asegurarnos que NO quede nada raro en tu equipo, ahora sigue las indicaciones de este Manual de HitmanPro y cuando termines nos pones el informe y REINICIAS el equipo.
Saludos.
Este es el informe q arroja Hitman PRO.
HitmanPro 3.8.18.312
www.hitmanpro.com
Computer name . . . . : GRUPODERED
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : GRUPODERED\Usuario
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (31 days left)
Scan date . . . . . . : 2020-05-23 17:23:38
Scan mode . . . . . . : Normal
Scan duration . . . . : 4m 35s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : Yes
Threats . . . . . . . : 1
Traces . . . . . . . : 15
Objects scanned . . . : 1.988.011
Files scanned . . . . : 124.841
Remnants scanned . . : 595.866 files / 1.267.304 keys
Malware _____________________________________________________________________
C:\Windows\AutoKMS\AutoKMS.exe -> Deleted
Size . . . . . . . : 3.738.624 bytes
Age . . . . . . . : 768.0 days (2018-04-16 17:33:37)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 3D1D4CE1DB1EA2563C361CBD66A5471F10D84D344C057D753459F311A187AC2F
Needs elevation . : Yes
Product . . . . . : AutoKMS
LanguageID . . . . : 0
> Kaspersky . . . . : HackTool.MSIL.KMSAuto.d
> SurfRight . . . . : App/Generic-PB
Fuzzy . . . . . . : 116.0
Startup
C:\Windows\system32\Tasks\AutoKMS
Suspicious files ____________________________________________________________
C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\tweaking_rati.exe
Size . . . . . . . : 46.048 bytes
Age . . . . . . . : 2.8 days (2020-05-20 22:35:42)
Entropy . . . . . : 5.0
SHA-256 . . . . . : 8D1EE9D3F122DDEDBF80C213D868FAECF8D68352160CB9C3023A59CF03149BDC
Product . . . . . : Tweaking.com - Run As TrustedInstaller
Publisher . . . . : Tweaking.com
Description . . . : Tweaking.com - Run As TrustedInstaller
Version . . . . . : 2.1.0.0
Copyright . . . . : 2014
RSA Key Size . . . : 2048
LanguageID . . . . : 1033
Authenticode . . . : Invalid
Fuzzy . . . . . . : 22.0
Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
Time indicates that the file appeared recently on this computer.
C:\Users\Usuario\Desktop\FRST64.exe
Size . . . . . . . : 2.286.080 bytes
Age . . . . . . . : 7.0 days (2020-05-16 16:43:20)
Entropy . . . . . : 7.6
SHA-256 . . . . . : E453A641E96BA8DB3E94D670E102E128B25353D52489E4926C4A10B0E3792192
Needs elevation . : Yes
Fuzzy . . . . . . : 23.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
References
HKU\S-1-5-21-407569174-766377459-50882906-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Usuario\Desktop\FRST64.exe
C:\Users\Usuario\Downloads\FRST64.exe
Size . . . . . . . : 2.286.080 bytes
Age . . . . . . . : 7.0 days (2020-05-16 16:42:02)
Entropy . . . . . : 7.6
SHA-256 . . . . . : E453A641E96BA8DB3E94D670E102E128B25353D52489E4926C4A10B0E3792192
Needs elevation . : Yes
Fuzzy . . . . . . : 23.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
References
HKU\S-1-5-21-407569174-766377459-50882906-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Usuario\Downloads\FRST64.exe
Potential Unwanted Programs _________________________________________________
HKLM\SOFTWARE\Classes\Interface\{3C4ABAB8-F6D3-4BC3-922D-43715A228CC2}\ (RocketPC) -> Deleted
HKLM\SOFTWARE\Classes\TypeLib\{8D732308-066E-4E85-9D5C-4410EB6BFDBC}\ (RocketPC) -> Deleted
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{3C4ABAB8-F6D3-4BC3-922D-43715A228CC2}\ (RocketPC) -> Deleted
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{8D732308-066E-4E85-9D5C-4410EB6BFDBC}\ (RocketPC) -> PendingDelete
HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1\ (YahooToolbar) -> Deleted
HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar\ (YahooToolbar) -> Deleted
HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1\ (YahooToolbar) -> Deleted
HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin\ (YahooToolbar) -> Deleted
Perfecto @hanigaan1974 excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.
Para hacerlo descarga DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos.
Tema Solucionado.
Saludos, Javier.
1 me gusta