El pc me va lento desde hace unos años


Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 05-04-2020

Ejecutado por Luismi (10-04-2020 14:29:26)

Ejecutado desde C:\Users\Luismi\Desktop

Windows 7 Home Premium Service Pack 1 (X64) (2012-01-14 13:26:02)

Modo de Inicio: Normal

==========================================================

==================== Cuentas: =============================

Administrador (S-1-5-21-4103612452-4210643129-2213650324-500 - Administrator - Disabled)

Invitado (S-1-5-21-4103612452-4210643129-2213650324-501 - Limited - Disabled)

Luismi (S-1-5-21-4103612452-4210643129-2213650324-1001 - Administrator - Enabled) => C:\Users\Luismi

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Panda Dome (Disabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Panda Dome (Disabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\...\uTorrent) (Version: 3.5.5.45608 - BitTorrent Inc.)

Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.181.14 - Adobe Systems Incorporated)

Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)

Agatha Christie - Peril at End House (HKLM-x32\...\WTA-3664c50e-434b-490b-9e34-0f08e85b571e) (Version: 2.2.0.95 - WildTangent) Hidden

ATI Catalyst Install Manager (HKLM\...\{6153098B-60DB-6A9F-EA0F-B006A96B57D5}) (Version: 3.0.829.0 - ATI Technologies, Inc.)

Bejeweled 3 (HKLM-x32\...\WTA-73784df6-1cc1-493e-ae25-86e5c124fd61) (Version: 2.2.0.97 - WildTangent) Hidden

Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)

Blasterball 3 (HKLM-x32\...\WTA-77090c3f-858b-4a7d-ab8f-d09f8b536ac4) (Version: 2.2.0.97 - WildTangent) Hidden

Bounce Symphony (HKLM-x32\...\WTA-56d36b9d-197a-4c48-badd-530d8a1a08e8) (Version: 2.2.0.97 - WildTangent) Hidden

Cake Mania (HKLM-x32\...\WTA-e4fca5a7-08fb-48f5-99f6-b4d3022169a9) (Version: 2.2.0.95 - WildTangent) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)

CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 80.0.3765.152 - Piriform Software)

CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.6.607.0 - Piriform Software) Hidden

Chronicles of Albian (HKLM-x32\...\WTA-46eb198d-577c-48f8-b95d-ec463e9951b0) (Version: 2.2.0.95 - WildTangent) Hidden

Chuzzle Deluxe (HKLM-x32\...\WTA-7f938866-e11a-4cf9-a60d-20746bdf8816) (Version: 2.2.0.95 - WildTangent) Hidden

Compaq Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company)

Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)

Cradle of Rome 2 (HKLM-x32\...\WTA-95e3e9b4-a94d-48b1-9a2f-251edda6386d) (Version: 2.2.0.95 - WildTangent) Hidden

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4119 - CyberLink Corp.)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)

Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)

Farm Frenzy (HKLM-x32\...\WTA-1c3ec33f-c555-41f0-a656-133a0028b2a9) (Version: 2.2.0.95 - WildTangent) Hidden

FATE (HKLM-x32\...\WTA-9e34cf4e-f84b-40e6-93af-4e7a29ecc861) (Version: 2.2.0.97 - WildTangent) Hidden

Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden

Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-449e328e-16c6-4cf2-b180-5ca0e410bab5) (Version: 2.2.0.95 - WildTangent) Hidden

Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.61 - Janos Mathe)

Hewlett-Packard ACLM.NET v1.1.1.0 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden

HP Documentation (HKLM-x32\...\{68A55875-B6DD-41E8-8CF6-F193D9C47051}) (Version: 1.1.0.0 - Hewlett-Packard)

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)

HP Launch Box (HKLM\...\{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}) (Version: 1.0.11 - Hewlett-Packard Company)

HP On Screen Display (HKLM-x32\...\{D7670221-BF9B-4DFF-B26B-5BE55A87329F}) (Version: 1.2.2 - Hewlett-Packard Company)

HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)

HP Quick Launch (HKLM-x32\...\{BB1C717E-376C-4AA1-8940-81BFC38D9778}) (Version: 2.4.4 - Hewlett-Packard Company)

HP QuickWeb (HKLM-x32\...\{8B52057C-15DB-433E-957C-E279BC7D07E3}) (Version: 3.1.0.9742 - Hewlett-Packard Company)

HP Setup (HKLM-x32\...\{5036764A-435D-40C9-869C-31085A3D741D}) (Version: 8.7.4751.3798 - Hewlett-Packard Company)

HP Software Framework (HKLM-x32\...\{713D7E12-DFD2-436E-9306-FE316DB89B08}) (Version: 4.1.7.1 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)

Jewel Quest Solitaire (HKLM-x32\...\WTA-84a6ba24-e43c-4b7c-8caa-b206b8f83b31) (Version: 2.2.0.95 - WildTangent) Hidden

Jewel Quest: The Sleepless Star - Collector's Edition (HKLM-x32\...\WTA-883d0f73-a97f-4c18-ac73-7d9a23321f4d) (Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)

Mah Jong Medley (HKLM-x32\...\WTA-bc5eb727-57ad-4772-8dc0-fc16d3f1a3ea) (Version: 2.2.0.95 - WildTangent) Hidden

Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)

Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)

Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)

Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Mystery of Mortlake Mansion (HKLM-x32\...\WTA-1a5387b5-b8cd-4352-9281-de9dc17fd15d) (Version: 2.2.0.97 - WildTangent) Hidden

Namco All-Stars: PAC-MAN (HKLM-x32\...\WTA-c84b6357-3d93-4b6f-9e99-ea3a537888bb) (Version: 2.2.0.95 - WildTangent) Hidden

Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden

Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden

Panda Dome (HKLM\...\{D722A8FD-502E-4765-B92C-D6A55652D01C}) (Version: 10.07.35 - Panda Security) Hidden

Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.07.04.0000 - Panda Security)

Penguins! (HKLM-x32\...\WTA-eb6bcfe2-192c-4eed-86e3-5c877b21dbeb) (Version: 2.2.0.95 - WildTangent) Hidden

Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-caa010a9-5581-4237-a3a7-dfe7f106198a) (Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (HKLM-x32\...\WTA-c899375e-f9e2-4f59-8182-0bb67059fad1) (Version: 2.2.0.97 - WildTangent) Hidden

Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.02.01.0 - Ralink)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6287 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)

Recovery Manager (HKLM-x32\...\{DBCD5E64-7379-4648-9444-8A6558DCB614}) (Version: 2.0.0 - Hewlett-Packard) Hidden

Slingo Deluxe (HKLM-x32\...\WTA-29962411-e7ab-46ad-a309-2946d61f1dfe) (Version: 2.2.0.95 - WildTangent) Hidden

Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)

Vacation Quest - The Hawaiian Islands (HKLM-x32\...\WTA-c3d29aab-abae-4603-99b0-43f36ad0e05e) (Version: 2.2.0.97 - WildTangent) Hidden

Virtual Villagers - The Secret City (HKLM-x32\...\WTA-2b247ea5-df07-4eac-b865-c872d01f58e0) (Version: 2.2.0.95 - WildTangent) Hidden

VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)

Zuma Deluxe (HKLM-x32\...\WTA-9830a9ad-ec2b-4afd-a2c8-9f27f5e78bba) (Version: 2.2.0.95 - WildTangent) Hidden

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)

ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-08-09] (EasyBits Software AS -> EasyBits Software Corp.) [Archivo no firmado]

ShellExecuteHooks-x32: Sin Nombre - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> Ningún archivo

ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-06] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-07-05] (Advanced Micro Devices, Inc.) [Archivo no firmado]

ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-06] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::

WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]

WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Módulos cargados (Lista blanca) =============

2011-07-05 12:27 - 2011-07-05 12:27 - 000073728 _____ () [Archivo no firmado] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2011-08-09 13:37 - 2010-04-23 12:00 - 000588472 _____ (EasyBits Software AS -> EasyBits Software AS) [Archivo no firmado] C:\Windows\SysWOW64\ezsvc7x.dll

2011-11-10 08:13 - 2010-12-10 18:07 - 000120832 _____ (Realsil Semiconductor Corp.) [Archivo no firmado] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static

HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luismi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: El medio no está conectado a internet.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{A0BD3287-CB8A-4B68-9C60-4DEC5238E244}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{FBF681E2-AD68-498D-BB84-4E6CCE0F266A}] => (Allow) LPort=2869

FirewallRules: [{222DDD8D-FBD2-438D-9FBD-7E44DE6E8D07}] => (Allow) LPort=1900

FirewallRules: [{C2DDA634-745E-4D8B-9483-5FEB7C68B497}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{05C3D3C6-2535-4C3F-A23F-65F9937528B6}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{DD685818-0149-4E1C-9366-DAB9F4ADE0C4}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe (EasyBits Software AS -> EasyBits Software AS) [Archivo no firmado]

FirewallRules: [{DC593F6C-D645-48C9-AF29-A93848DF6442}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe (EasyBits Software AS -> EasyBits Software AS)

FirewallRules: [{1656B981-C61D-4002-8BB3-3BE6E645EA6B}] => (Allow) C:\Users\Luismi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{D37AD18D-FD4E-4F67-A697-6E30175BBFB3}] => (Allow) C:\Users\Luismi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [TCP Query User{867A37DF-3929-4833-B777-331CD6D3500E}C:\users\luismi\appdata\roaming\utorrent\updates\3.5.5_45311.exe] => (Allow) C:\users\luismi\appdata\roaming\utorrent\updates\3.5.5_45311.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [UDP Query User{CEFEEE34-38A6-47CE-B406-F6A5E34FFA03}C:\users\luismi\appdata\roaming\utorrent\updates\3.5.5_45311.exe] => (Allow) C:\users\luismi\appdata\roaming\utorrent\updates\3.5.5_45311.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{3DAECA73-2A75-4633-B3B8-AB4711541023}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [{4289C447-A335-42FC-9FAB-D16C7A80FE08}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

==================== Puntos de Restauración =========================

30-03-2020 12:29:04 Windows Update

05-04-2020 11:17:20 Windows Update

10-04-2020 13:34:08 AdwCleaner_BeforeCleaning_10/04/2020_13:34:01

10-04-2020 14:10:35 JRT Pre-Junkware Removal

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Teredo Tunneling Pseudo-Interface

Description: Adaptador de tunelización Teredo de Microsoft

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Errores del registro de eventos: ========================

Errores de aplicación:

==================

Error: (04/10/2020 01:37:47 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/10/2020 11:39:01 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.616, marca de tiempo: 0x5e851430

Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x5e8272e4

Código de excepción: 0xc0000005

Desplazamiento de errores: 0x0000000000219d05

Id. del proceso con errores: 0x133c

Hora de inicio de la aplicación con errores: 0x01d60f0fff583383

Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll

Id. del informe: 1b506538-7b0f-11ea-ac13-e4115bff68c6

Error: (04/10/2020 10:13:31 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/09/2020 11:05:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Error al descargar las cadenas del contador de rendimiento para el servicio WmiApRpl (WmiApRpl). El primer valor DWORD de la sección de datos contiene el código de error.

Error: (04/09/2020 11:05:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Las cadenas de rendimiento del valor del Registro de rendimiento están dañadas al procesar el proveedor de contador de extensión Performance. El valor BaseIndex del Registro de rendimiento es el primer valor DWORD, el valor LastCounter es el segundo valor DWORD y el valor LastHelp es el tercer valor DWORD de la sección de datos.

Error: (04/09/2020 11:05:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Las cadenas de rendimiento del valor del Registro de rendimiento están dañadas al procesar el proveedor de contador de extensión Performance. El valor BaseIndex del Registro de rendimiento es el primer valor DWORD, el valor LastCounter es el segundo valor DWORD y el valor LastHelp es el tercer valor DWORD de la sección de datos.

Error: (04/09/2020 11:04:58 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Error al descargar las cadenas del contador de rendimiento para el servicio WmiApRpl (WmiApRpl). El primer valor DWORD de la sección de datos contiene el código de error.

Error: (04/09/2020 11:04:58 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Las cadenas de rendimiento del valor del Registro de rendimiento están dañadas al procesar el proveedor de contador de extensión Performance. El valor BaseIndex del Registro de rendimiento es el primer valor DWORD, el valor LastCounter es el segundo valor DWORD y el valor LastHelp es el tercer valor DWORD de la sección de datos.

Errores del sistema:

=============

Error: (04/10/2020 01:35:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: El servicio HP Support Assistant Service no pudo iniciarse debido al siguiente error:

Ha terminado la canalización.

Error: (04/10/2020 01:34:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (04/10/2020 01:34:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: El servicio HP Support Assistant Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

Error: (04/10/2020 01:34:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (04/10/2020 01:34:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: El servicio Adaptador de rendimiento de WMI terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (04/10/2020 01:34:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: El servicio HP Software Framework Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/10/2020 01:34:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: El servicio Windows Live ID Sign-in Assistant terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (04/10/2020 01:34:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: El servicio HPWMISVC se terminó de manera inesperada. Esto ha sucedido 1 veces.

Windows Defender:

===================================

Date: 2019-08-28 16:21:52.124

Description:

Windows Defender encontró un error al intentar actualizar el motor.

Nueva versión de motor:1.1.16200.1

Versión de motor anterior:1.1.7903.0

Origen de actualización:Usuario

Usuario:NT AUTHORITY\SYSTEM

Código de error:0x8050800c

Descripción de error:Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico.

CodeIntegrity:

===================================

Date: 2019-08-29 00:32:41.253

Description:

Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-08-29 00:32:41.237

Description:

Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-08-29 00:32:41.237

Description:

Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-08-29 00:32:41.190

Description:

Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Panda Security\Panda Security Protection\Drivers\psinprot\PSINProt.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-08-29 00:32:41.190

Description:

Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Panda Security\Panda Security Protection\Drivers\psinprot\PSINProt.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-08-29 00:32:41.175

Description:

Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Panda Security\Panda Security Protection\Drivers\psinprot\PSINProt.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-08-29 00:32:41.159

Description:

Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Panda Security\Panda Security Protection\Drivers\psinproc\PSINProc.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-08-29 00:32:41.144

Description:

Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Panda Security\Panda Security Protection\Drivers\psinproc\PSINProc.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Información de la memoria ===========================

BIOS: Hewlett-Packard F.35 10/26/2011

Placa base: Hewlett-Packard 3577

Procesador: AMD E-300 APU with Radeon(tm) HD Graphics

Porcentaje de memoria en uso: 75%

RAM física total: 3690.91 MB

RAM física disponible: 903.14 MB

Virtual total: 7379.96 MB

Virtual disponible: 4426.77 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:278.57 GB) (Free:216.68 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]

Drive d: (Recovery) (Fixed) (Total:15.36 GB) (Free:1.68 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]

Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

\\?\Volume{ac574da6-3ea8-11e1-8a0e-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 2A021EB1)

Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=278.6 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=15.4 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== Final de Addition.txt =======================

gracias, saludos

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\...\Policies\system: [DisableChangePassword] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\80.0.3765.152\Installer\chrmstp.exe [2020-04-06] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Task: {11BAB7E6-9B55-422B-9F43-A27DFCA35906} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-04-06] (AVAST Software s.r.o. -> Piriform Software)
Task: {D633CD9C-90B2-4354-80DD-DA96A7E8BC96} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2043472 2020-03-19] (Piriform Software Ltd -> Piriform Software)
Task: {FACD273D-6945-45E8-BD2B-BFA7209E5F1F} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2043472 2020-03-19] (Piriform Software Ltd -> Piriform Software)
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1185-111090-7840-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1185-111090-7840-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1185-111090-7840-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> Sin Nombre - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Ningún archivo
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [2020-04-06] (AVAST Software s.r.o. -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [2020-04-06] (AVAST Software s.r.o. -> Piriform Software)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Ningún archivo]
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-04-06] (AVAST Software s.r.o. -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-04-06] (AVAST Software s.r.o. -> Piriform Software)
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
ShellExecuteHooks-x32: Sin Nombre - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> Ningún archivo
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX/Corregir y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Hola de nuevo, gracias por la ayuda guiada, está siendo muy clara. Aquí aporto el contenido. Me sigue yendo ralentizado navegando por internet

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 11-04-2020
Ejecutado por Luismi (12-04-2020 13:30:43) Run:1
Ejecutado desde C:\Users\Luismi\Desktop
Perfiles cargados: Luismi (Perfiles disponibles: Luismi)
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\...\Policies\system: [DisableChangePassword] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\80.0.3765.152\Installer\chrmstp.exe [2020-04-06] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Task: {11BAB7E6-9B55-422B-9F43-A27DFCA35906} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-04-06] (AVAST Software s.r.o. -> Piriform Software)
Task: {D633CD9C-90B2-4354-80DD-DA96A7E8BC96} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2043472 2020-03-19] (Piriform Software Ltd -> Piriform Software)
Task: {FACD273D-6945-45E8-BD2B-BFA7209E5F1F} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2043472 2020-03-19] (Piriform Software Ltd -> Piriform Software)
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1185-111090-7840-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1185-111090-7840-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1185-111090-7840-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-4103612452-4210643129-2213650324-1001 -> Sin Nombre - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Ning�n archivo
FF Plugin: @microsoft.com/GENUINE -> disabled [Ning�n archivo]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Ning�n archivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ning�n archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [2020-04-06] (AVAST Software s.r.o. -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [2020-04-06] (AVAST Software s.r.o. -> Piriform Software)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Ning�n archivo]
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-04-06] (AVAST Software s.r.o. -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-04-06] (AVAST Software s.r.o. -> Piriform Software)
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
ShellExecuteHooks-x32: Sin Nombre - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> Ning�n archivo
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks" => eliminado correctamente
"HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation" => eliminado correctamente
"HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword" => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{052EB454-9F19-CB42-7875-807F79F311C4} => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11BAB7E6-9B55-422B-9F43-A27DFCA35906}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11BAB7E6-9B55-422B-9F43-A27DFCA35906}" => eliminado correctamente
C:\Windows\System32\Tasks\CCleanerUpdateTaskMachineUA => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerUpdateTaskMachineUA" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D633CD9C-90B2-4354-80DD-DA96A7E8BC96}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D633CD9C-90B2-4354-80DD-DA96A7E8BC96}" => eliminado correctamente
C:\Windows\System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Browser Heartbeat Task (Hourly)" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FACD273D-6945-45E8-BD2B-BFA7209E5F1F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FACD273D-6945-45E8-BD2B-BFA7209E5F1F}" => eliminado correctamente
C:\Windows\System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Browser Heartbeat Task (Logon)" => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} => eliminado correctamente
"HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => eliminado correctamente
HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} => eliminado correctamente
HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} => eliminado correctamente
HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => eliminado correctamente
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f}" => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} => eliminado correctamente
"HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => eliminado correctamente
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => eliminado correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [2020-04-06] (AVAST Software s.r.o." => no encontrado
C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll => movido correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [2020-04-06] (AVAST Software s.r.o." => no encontrado
"C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll" => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 => eliminado correctamente
HKLM\System\CurrentControlSet\Services\ccleaner => eliminado correctamente
ccleaner => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\ccleanerm => eliminado correctamente
ccleanerm => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\GamesAppService => eliminado correctamente
GamesAppService => servicio eliminado correctamente
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => no encontrado
HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-4103612452-4210643129-2213650324-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::24d2:73e0:cfa:f9ad%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.43
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.{1E2CA499-66A6-4BA5-A428-CB3EE5B063F4}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{A5CE0524-0DC0-4C4E-9EC4-D2FDA145A823}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 110997706 B
Java, Flash, Steam htmlcache => 456 B
Windows/system/drivers => 29457 B
Edge => 0 B
Chrome => 55162430 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 60238860 B
systemprofile32 => 60381094 B
LocalService => 60381094 B
NetworkService => 60383752 B
Luismi => 70917326 B

RecycleBin => 574267 B
EmptyTemp: => 464.9 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 13:31:24 ====

Saludos :slightly_smiling_face:

Hola.

Que navegador usas habitualmente…??

Te ocurre solo con uno o con cualquier navegador…??

Uso el Chrome, tengo el internet Explorer pero me va peor incluso

Hola.

Pues pasemos a verificar como tienes el disco duro de tu equipo, para hacerlo sigue el 3er. MÉTODO: descrito en esta Faq de ayuda :arrow_right: ¿Cómo usar CHKDSK para realizar una comprobación del disco?, que es válida también para un Windows 10.

Una vez terminado el proceso, que puede/debe durar bastante rato, debes poner el informe que se habrá guardado por parte de Windows y que tienes que encontrar siguiendo estos pasos :arrow_right: ¿Cuándo y cómo usar el visor de eventos (eventvwr.msc)?

Fíjate bien en como es el informe que viene en ese tema, para que busques algo similar y NO pongas cualquier otra cosa.

Nos pones el informe y comentas como sigue el problema del equipo.

Saludos.

Hola de nuevo, aquí va

Nombre de registro:Application
Origen:        Microsoft-Windows-Wininit
Fecha:         16/04/2020 14:42:47
Id. del evento:1001
Categoría de la tarea:Ninguno
Nivel:         Información
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        Luismi-HP
Descripción:


Comprobando el sistema de archivos en C:
El tipo del sistema de archivos es NTFS.

Uno de los discos necesita ser comprobado para ver coherencias.
Se puede cancelar la comprobación de disco, pero se recomienda
que continúe.
Windows comprobará ahora el disco.                       

CHKDSK está comprobando archivos (etapa 1 de 5)...
  214272 registros de archivos procesados.                               

Comprobación de archivos completada.
  792 registros de archivos grandes procesados.                       

  0 registros de archivos no válidos procesados.                    

  0 registros de EA procesados.                                           

  74 registros de análisis procesados.                               

CHKDSK está comprobando índices (etapa 2 de 5)...
  281828 entradas de índice procesadas.                                        

Comprobación de índices completada.
  0 archivos no indizados examinados.                               

  0 archivos no indizados recuperados.                              

CHKDSK está comprobando descriptores de seguridad (etapa 3 de 5)...
  214272 SD/SID de archivo procesados.                                        

Liberando 69 entradas de índice no usadas del índice $SII del archivo 0x9.
Liberando 69 entradas de índice no usadas del índice $SDH del archivo 0x9.
Liberando 69 descriptores de seguridad no usados.
Comprobación de descriptores de seguridad completada.
  33779 archivos de datos procesados.                                   

CHKDSK está comprobando el diario USN...
  35436864 bytes de USN procesados.                                            

Se ha completado la comprobación del diario USN.
CHKDSK está comprobando los datos de archivo (etapa 4 de 5)...
  214256 archivos procesados.                                                

Comprobación de datos de archivo completada.
CHKDSK está comprobando el espacio disponible (etapa 5 de 5)...
  55743804 clústeres disponibles procesados.                               

La comprobación del espacio disponible se completó.
Windows ha comprobado el sistema de archivos y no encontró problemas.

 292097023 KB de espacio total en disco.
  68710916 KB en 141993 archivos.
     86108 KB en 33780 índices.
         0 KB en sectores defectuosos.
    324783 KB en uso por el sistema.
El archivo de registro ha ocupado      65536 kilobytes.
 222975216 KB disponibles en disco.

      4096 bytes en cada unidad de asignación.
  73024255 unidades de asignación en disco en total.
  55743804 unidades de asignación disponibles en disco.

Información interna:
00 45 03 00 a9 ae 02 00 38 09 05 00 00 00 00 00  .E......8.......
7b 01 00 00 4a 00 00 00 00 00 00 00 00 00 00 00  {...J...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows ha finalizado la comprobación del disco.
Espere mientras se reinicia el sistema.

Saludos , gracias

Hola.

Bien… y como notas el equipo en relacion al problema que tenias…??

Hola, sigue igual de lento. A veces también me tarda en abrir programas como el Word por ejemplo, bastante, unos 5 minutos Saludos

Hola @Lmls.

Veamos… es muy probable que el problema que estás teniendo sea por problemas de hardware y/o por los años que YA tiene ese equipo de uso, además de ser un equipo muy justo de recursos. :flushed:

De todas maneras vamos a realizar una nueva verificación con otra herramienta. :+1:

__

:white_check_mark: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descarga la herramienta :arrow_right: ComboFix y guárdala en el escritorio. :arrow_left: Muy Importante.

:o: Nota :o: Antes de ejecutar ComboFix asegurarse de :

:white_check_mark: Cerrar TODOS los programas y/o ventanas abiertas. :negative_squared_cross_mark:

:white_check_mark: Si está utilizando Windows Vista o Windows 7/8. Haga click derecho sobre el archivo ComboFix.exe y seleccionar Ejecutar como Administrador. :negative_squared_cross_mark:

PASO 1:

  • Ejecutar el archivo ComboFix.exe
  • Aceptar los términos de licencia.
  • Si ComboFix avisa que hay una versión nueva del programa deberás descargala.
  • Si ComboFix pide instalar la Consola de Recuperación (Recovery Console) hay que instalarla.

PASO 2:

  • Copiar y pegar el reporte que ComboFix generó. Si no aparece lo encontraras en C:\ComboFix.txt
  • Comentar cómo sigue su sistema, en relación al problema planteado.

Importante :

  • Mientras esté trabajando ComboFix no ejecutar ningún software hasta que termine.
  • No reiniciar su PC, ComboFix lo hará de ser necesario.
  • Mientras ComboFix esté trabajando, no mover el mouse ya que pararía su proceso.

Saludos.

Hola de nuevo, aquí va:

ComboFix 19-11-04.01 - Luismi 22/04/2020  20:09:12.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.34.3082.18.3691.2094 [GMT 2:00]
Running from: c:\users\Luismi\Desktop\ComboFix.exe
AV: Panda Dome *Disabled/Updated* {CF440CD9-5435-10B1-04E0-7768B6F10320}
SP: Panda Dome *Disabled/Updated* {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\logs\scecomp.log
.
.
(((((((((((((((((((((((((   Files Created from 2020-03-22 to 2020-04-22  )))))))))))))))))))))))))))))))
.
.
2020-04-22 20:28 . 2020-04-22 20:28	--------	d-----w-	c:\users\Default\AppData\Local\temp
2020-04-21 11:40 . 2020-04-21 11:40	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3C2CE785-291E-4710-883D-2B7C99FE2E6C}\offreg.3872.dll
2020-04-20 12:32 . 2020-03-24 19:59	14743880	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3C2CE785-291E-4710-883D-2B7C99FE2E6C}\mpengine.dll
2020-04-19 19:58 . 2020-04-20 19:48	--------	d-----w-	c:\users\Luismi\AppData\Local\Spotify
2020-04-19 19:57 . 2020-04-20 19:48	--------	d-----w-	c:\users\Luismi\AppData\Roaming\Spotify
2020-04-19 19:49 . 2015-12-20 18:50	3180544	----a-w-	c:\windows\system32\rdpcorets.dll
2020-04-19 19:49 . 2015-12-20 14:08	243200	----a-w-	c:\windows\system32\rdpudd.dll
2020-04-19 19:49 . 2015-12-20 18:50	16384	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2020-04-19 19:49 . 2014-01-09 02:22	5694464	----a-w-	c:\windows\SysWow64\mstscax.dll
2020-04-19 19:49 . 2014-01-03 22:44	6574592	----a-w-	c:\windows\system32\mstscax.dll
2020-04-19 19:47 . 2014-12-11 17:47	87040	----a-w-	c:\windows\system32\TSWbPrxy.exe
2020-04-19 19:05 . 2017-05-22 10:29	72280	----a-w-	c:\windows\system32\drivers\PSKMAD.sys
2020-04-18 21:24 . 2012-08-23 14:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2020-04-18 21:24 . 2012-08-23 14:08	30208	----a-w-	c:\windows\system32\drivers\TsUsbGD.sys
2020-04-18 21:24 . 2012-08-23 11:12	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2020-04-18 21:24 . 2012-08-23 10:51	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2020-04-18 21:04 . 2020-01-30 02:30	834560	----a-w-	c:\windows\SysWow64\user32.dll
2020-04-18 21:04 . 2020-01-30 02:23	1010688	----a-w-	c:\windows\system32\user32.dll
2020-04-18 20:21 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZEL.DLL
2020-04-18 20:21 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZE.DLL
2020-04-18 20:21 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\kbdgeoqw.dll
2020-04-18 20:21 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\kbdgeoqw.dll
2020-04-18 20:21 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\KBDAZEL.DLL
2020-04-18 12:24 . 2020-04-18 12:25	--------	d-----w-	c:\users\Luismi\AppData\Local\Windows Live Writer
2020-04-18 12:24 . 2020-04-18 12:24	--------	d-----w-	c:\users\Luismi\AppData\Roaming\Windows Live Writer
2020-04-12 11:11 . 2020-04-12 11:11	--------	d-----w-	c:\windows\ERUNT
2020-04-10 12:25 . 2020-04-12 11:33	--------	d-----w-	C:\FRST
2020-04-10 09:39 . 2020-04-10 09:39	--------	d-----w-	c:\users\Luismi\AppData\Local\CrashDumps
2020-04-06 19:58 . 2020-04-06 19:59	--------	d-----w-	c:\program files\WinRAR
2020-04-06 18:28 . 2020-04-18 13:04	--------	d-----w-	c:\users\Luismi\AppData\Roaming\vlc
2020-04-06 18:22 . 2020-04-06 18:22	--------	d-----w-	c:\program files\VideoLAN
2020-04-06 09:55 . 2020-04-10 11:34	--------	d-----w-	C:\AdwCleaner
2020-04-06 09:45 . 2020-04-06 09:45	--------	d-----w-	c:\users\Luismi\AppData\Local\cache
2020-04-06 09:45 . 2020-04-06 09:45	--------	d-----w-	c:\users\Luismi\AppData\Local\mbam
2020-04-06 09:43 . 2020-04-06 09:43	153312	----a-w-	c:\windows\system32\drivers\mbae64.sys
2020-04-06 09:43 . 2020-04-06 09:43	--------	d-----w-	c:\programdata\Malwarebytes
2020-04-06 09:42 . 2020-04-06 09:42	--------	d-----w-	c:\program files\Malwarebytes
2020-04-06 09:38 . 2020-04-06 09:38	--------	d-----w-	c:\users\Luismi\AppData\Local\CCleaner Browser
2020-04-06 09:38 . 2020-04-06 09:38	--------	d-----w-	c:\programdata\CCleaner Browser
2020-04-06 09:36 . 2020-04-16 13:06	--------	d-----w-	c:\program files (x86)\CCleaner Browser
2020-04-06 09:33 . 2020-04-06 09:33	--------	d-----w-	c:\program files\CCleaner
2020-04-01 15:38 . 2020-04-01 15:38	--------	d-----w-	c:\users\Luismi\AppData\Roaming\Hard Disk Sentinel
2020-04-01 15:38 . 2020-04-02 20:01	--------	d-----w-	c:\program files (x86)\Hard Disk Sentinel
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2020-04-01 23:49 . 2010-11-21 03:27	744808	------w-	c:\windows\system32\MpSigStub.exe
2020-03-22 17:37 . 2020-03-22 17:37	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2020-03-22 17:36 . 2020-03-22 17:36	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2020-03-22 17:36 . 2020-03-22 17:36	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2020-03-22 17:36 . 2020-03-22 17:36	235008	----a-w-	c:\windows\system32\elshyph.dll
2020-03-22 17:36 . 2020-03-22 17:36	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2020-03-22 17:36 . 2020-03-22 17:36	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2020-03-22 17:36 . 2020-03-22 17:36	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2020-03-22 17:36 . 2020-03-22 17:36	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2020-03-22 17:36 . 2020-03-22 17:36	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2020-03-22 17:36 . 2020-03-22 17:36	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2020-03-22 17:36 . 2020-03-22 17:36	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2020-03-22 17:36 . 2020-03-22 17:36	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2020-03-22 17:36 . 2020-03-22 17:36	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2020-03-22 17:36 . 2020-03-22 17:36	942592	----a-w-	c:\windows\system32\jsIntl.dll
2020-03-22 17:36 . 2020-03-22 17:36	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2020-03-22 17:36 . 2020-03-22 17:36	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2020-03-22 17:36 . 2020-03-22 17:36	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2020-03-22 17:36 . 2020-03-22 17:36	81408	----a-w-	c:\windows\system32\icardie.dll
2020-03-22 17:36 . 2020-03-22 17:36	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2020-03-22 17:36 . 2020-03-22 17:36	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2020-03-22 17:36 . 2020-03-22 17:36	48640	----a-w-	c:\windows\system32\mshtmler.dll
2020-03-22 17:36 . 2020-03-22 17:36	30208	----a-w-	c:\windows\system32\licmgr10.dll
2020-03-22 17:36 . 2020-03-22 17:36	247808	----a-w-	c:\windows\system32\msls31.dll
2020-03-22 17:36 . 2020-03-22 17:36	235520	----a-w-	c:\windows\system32\url.dll
2020-03-22 17:36 . 2020-03-22 17:36	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2020-03-22 17:36 . 2020-03-22 17:36	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2020-03-22 17:36 . 2020-03-22 17:36	105984	----a-w-	c:\windows\system32\iesysprep.dll
2020-03-22 17:36 . 2020-03-22 17:36	62464	----a-w-	c:\windows\system32\pngfilt.dll
2020-03-22 17:36 . 2020-03-22 17:36	48128	----a-w-	c:\windows\system32\imgutil.dll
2020-03-22 17:36 . 2020-03-22 17:36	167424	----a-w-	c:\windows\system32\iexpress.exe
2020-03-22 17:36 . 2020-03-22 17:36	143872	----a-w-	c:\windows\system32\wextract.exe
2020-03-22 17:36 . 2020-03-22 17:36	13824	----a-w-	c:\windows\system32\mshta.exe
2020-03-22 17:36 . 2020-03-22 17:36	135680	----a-w-	c:\windows\system32\iepeers.dll
2020-03-20 05:36 . 2019-09-09 12:40	121542864	-c--a-w-	c:\windows\system32\MRT.exe
2020-03-08 13:22 . 2010-06-24 09:33	34496	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"="c:\program files\CCleaner\CCleaner64.exe" [2020-03-19 22245560]
"Spotify"="c:\users\Luismi\AppData\Roaming\Spotify\Spotify.exe" [2020-04-19 22932200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-05 336384]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-06-28 168504]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-06-14 587320]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-06-13 336440]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-05-17 61112]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"PSUAMain"="c:\program files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" [2018-12-19 153808]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2020-03-08 1444880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 CCleanerBrowserElevationService;CCleaner Browser Elevation Service;c:\program files (x86)\CCleaner Browser\Application\80.1.3902.165\elevation_service.exe;c:\program files (x86)\CCleaner Browser\Application\80.1.3902.165\elevation_service.exe [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files (x86)\Google\Chrome\Application\81.0.4044.113\elevation_service.exe;c:\program files (x86)\Google\Chrome\Application\81.0.4044.113\elevation_service.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Panda VPN Service;Panda VPN Service;c:\program files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe;c:\program files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WiaRpc;Eventos de adquisición de imágenes estáticas;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSAlpc.sys [x]
S1 NNSDNS;NNSDNS;c:\windows\system32\DRIVERS\NNSDns.sys;c:\windows\SYSNATIVE\DRIVERS\NNSDns.sys [x]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttp.sys [x]
S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttps.sys [x]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys;c:\windows\SYSNATIVE\DRIVERS\NNSIds.sys [x]
S1 NNSNAHSL;NNSNAHSL;c:\windows\system32\DRIVERS\NNSNAHSL.sys;c:\windows\SYSNATIVE\DRIVERS\NNSNAHSL.sys [x]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPicc.sys [x]
S1 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPihsw.sys [x]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPop3.sys [x]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys;c:\windows\SYSNATIVE\DRIVERS\NNSProt.sys [x]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPrv.sys [x]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSSmtp.sys [x]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys;c:\windows\SYSNATIVE\DRIVERS\NNSStrm.sys [x]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSTlsc.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys;c:\windows\SYSNATIVE\DRIVERS\psinknc.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 NanoServiceMain;Panda Protection Service;c:\program files (x86)\Panda Security\Panda Security Protection\PSANHost.exe;c:\program files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [x]
S2 PandaAgent;Panda Devices Agent;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [x]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys;c:\windows\SYSNATIVE\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProt.sys [x]
S2 PSINReg;PSINReg;c:\windows\system32\DRIVERS\PSINReg.sys;c:\windows\SYSNATIVE\DRIVERS\PSINReg.sys [x]
S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Security Protection\PSUAService.exe;c:\program files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - MBAMSwissArmy
*Deregistered* - PSKMAD
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalSystemNetworkRestricted
WiaRpc
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-11 6602856]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-06-27 42808]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalSystemNetworkRestricted
WiaRpc
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.es/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 80.58.61.250 80.58.61.254
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2020-04-22  22:35:43
ComboFix-quarantined-files.txt  2020-04-22 20:35
.
Pre-Run: 218.451.542.016 bytes libres
Post-Run: 218.312.450.048 bytes libres
.
- - End Of File - - 5EBDC650CCF79AF818BD50B0963BD7F0
A36C5E4F47E84449FF07ED3517B43A31

Muchas gracias Saludos

Bien y ahora sigue estos pasos :

:one: Abre el Notepad (Bloc de notas) :

  • En Windows XP Ve a Inicio >> Selecciona Ejecutar >> Escribe dentro Notepad.
  • En Windows Vista y/o Windows 7/8 Ve a Inicio >> Todos los programas >> Accesorios >> Selecciona Ejecutar >> Escribe dentro Notepad.

:two: Ahora copia y pega la información, del interior del siguiente recuadro, dentro del Notepad.

KillAll::
ClearJavaCache::
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

:three: Guarda este archivo con el nombre CFScript.txt dentro del Escritorio.

:four: Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como muestra la animación de aquí abajo. Esto activara ComboFix nuevamente.

CFScript

Súbenos el nuevo informe de ComboFix para poder revisarlo.

Saludos.

Hola, aquí va:

ComboFix 19-11-04.01 - Luismi 25/04/2020  20:53:08.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.34.3082.18.3691.2094 [GMT 2:00]
Running from: c:\users\Luismi\Desktop\ComboFix.exe
Command switches used :: c:\users\Luismi\Desktop\CFScript.txt
AV: Panda Dome *Disabled/Updated* {CF440CD9-5435-10B1-04E0-7768B6F10320}
SP: Panda Dome *Disabled/Updated* {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2020-03-25 to 2020-04-25  )))))))))))))))))))))))))))))))
.
.
2020-04-25 19:14 . 2020-04-25 19:14	214496	----a-w-	c:\windows\system32\drivers\MbamChameleon.sys
2020-04-25 19:14 . 2020-04-25 19:14	248968	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2020-04-25 19:14 . 2017-05-22 10:29	72280	----a-w-	c:\windows\system32\drivers\PSKMAD.sys
2020-04-25 19:11 . 2020-04-25 19:11	--------	d-----w-	c:\users\Default\AppData\Local\temp
2020-04-23 10:53 . 2020-03-24 19:59	14743880	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{799F648F-DEB4-4DE1-8F87-1300B4671981}\mpengine.dll
2020-04-19 19:58 . 2020-04-20 19:48	--------	d-----w-	c:\users\Luismi\AppData\Local\Spotify
2020-04-19 19:57 . 2020-04-20 19:48	--------	d-----w-	c:\users\Luismi\AppData\Roaming\Spotify
2020-04-19 19:49 . 2015-12-20 18:50	3180544	----a-w-	c:\windows\system32\rdpcorets.dll
2020-04-19 19:49 . 2015-12-20 14:08	243200	----a-w-	c:\windows\system32\rdpudd.dll
2020-04-19 19:49 . 2015-12-20 18:50	16384	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2020-04-19 19:49 . 2014-01-09 02:22	5694464	----a-w-	c:\windows\SysWow64\mstscax.dll
2020-04-19 19:49 . 2014-01-03 22:44	6574592	----a-w-	c:\windows\system32\mstscax.dll
2020-04-19 19:47 . 2014-12-11 17:47	87040	----a-w-	c:\windows\system32\TSWbPrxy.exe
2020-04-18 21:24 . 2012-08-23 14:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2020-04-18 21:24 . 2012-08-23 14:08	30208	----a-w-	c:\windows\system32\drivers\TsUsbGD.sys
2020-04-18 21:24 . 2012-08-23 11:12	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2020-04-18 21:24 . 2012-08-23 10:51	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2020-04-18 21:04 . 2020-01-30 02:30	834560	----a-w-	c:\windows\SysWow64\user32.dll
2020-04-18 21:04 . 2020-01-30 02:23	1010688	----a-w-	c:\windows\system32\user32.dll
2020-04-18 20:21 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZEL.DLL
2020-04-18 20:21 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZE.DLL
2020-04-18 20:21 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\kbdgeoqw.dll
2020-04-18 20:21 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\kbdgeoqw.dll
2020-04-18 20:21 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\KBDAZEL.DLL
2020-04-18 12:24 . 2020-04-18 12:25	--------	d-----w-	c:\users\Luismi\AppData\Local\Windows Live Writer
2020-04-18 12:24 . 2020-04-18 12:24	--------	d-----w-	c:\users\Luismi\AppData\Roaming\Windows Live Writer
2020-04-12 11:11 . 2020-04-12 11:11	--------	d-----w-	c:\windows\ERUNT
2020-04-10 12:25 . 2020-04-12 11:33	--------	d-----w-	C:\FRST
2020-04-10 09:39 . 2020-04-10 09:39	--------	d-----w-	c:\users\Luismi\AppData\Local\CrashDumps
2020-04-06 19:58 . 2020-04-06 19:59	--------	d-----w-	c:\program files\WinRAR
2020-04-06 18:28 . 2020-04-18 13:04	--------	d-----w-	c:\users\Luismi\AppData\Roaming\vlc
2020-04-06 18:22 . 2020-04-06 18:22	--------	d-----w-	c:\program files\VideoLAN
2020-04-06 09:55 . 2020-04-10 11:34	--------	d-----w-	C:\AdwCleaner
2020-04-06 09:45 . 2020-04-06 09:45	--------	d-----w-	c:\users\Luismi\AppData\Local\cache
2020-04-06 09:45 . 2020-04-06 09:45	--------	d-----w-	c:\users\Luismi\AppData\Local\mbam
2020-04-06 09:43 . 2020-04-06 09:43	153312	----a-w-	c:\windows\system32\drivers\mbae64.sys
2020-04-06 09:43 . 2020-04-06 09:43	--------	d-----w-	c:\programdata\Malwarebytes
2020-04-06 09:42 . 2020-04-06 09:42	--------	d-----w-	c:\program files\Malwarebytes
2020-04-06 09:38 . 2020-04-06 09:38	--------	d-----w-	c:\users\Luismi\AppData\Local\CCleaner Browser
2020-04-06 09:38 . 2020-04-06 09:38	--------	d-----w-	c:\programdata\CCleaner Browser
2020-04-06 09:36 . 2020-04-16 13:06	--------	d-----w-	c:\program files (x86)\CCleaner Browser
2020-04-06 09:33 . 2020-04-06 09:33	--------	d-----w-	c:\program files\CCleaner
2020-04-01 15:38 . 2020-04-01 15:38	--------	d-----w-	c:\users\Luismi\AppData\Roaming\Hard Disk Sentinel
2020-04-01 15:38 . 2020-04-02 20:01	--------	d-----w-	c:\program files (x86)\Hard Disk Sentinel
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2020-04-01 23:49 . 2010-11-21 03:27	744808	------w-	c:\windows\system32\MpSigStub.exe
2020-03-22 17:37 . 2020-03-22 17:37	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2020-03-22 17:36 . 2020-03-22 17:36	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2020-03-22 17:36 . 2020-03-22 17:36	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2020-03-22 17:36 . 2020-03-22 17:36	235008	----a-w-	c:\windows\system32\elshyph.dll
2020-03-22 17:36 . 2020-03-22 17:36	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2020-03-22 17:36 . 2020-03-22 17:36	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2020-03-22 17:36 . 2020-03-22 17:36	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2020-03-22 17:36 . 2020-03-22 17:36	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2020-03-22 17:36 . 2020-03-22 17:36	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2020-03-22 17:36 . 2020-03-22 17:36	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2020-03-22 17:36 . 2020-03-22 17:36	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2020-03-22 17:36 . 2020-03-22 17:36	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2020-03-22 17:36 . 2020-03-22 17:36	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2020-03-22 17:36 . 2020-03-22 17:36	942592	----a-w-	c:\windows\system32\jsIntl.dll
2020-03-22 17:36 . 2020-03-22 17:36	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2020-03-22 17:36 . 2020-03-22 17:36	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2020-03-22 17:36 . 2020-03-22 17:36	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2020-03-22 17:36 . 2020-03-22 17:36	81408	----a-w-	c:\windows\system32\icardie.dll
2020-03-22 17:36 . 2020-03-22 17:36	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2020-03-22 17:36 . 2020-03-22 17:36	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2020-03-22 17:36 . 2020-03-22 17:36	48640	----a-w-	c:\windows\system32\mshtmler.dll
2020-03-22 17:36 . 2020-03-22 17:36	30208	----a-w-	c:\windows\system32\licmgr10.dll
2020-03-22 17:36 . 2020-03-22 17:36	247808	----a-w-	c:\windows\system32\msls31.dll
2020-03-22 17:36 . 2020-03-22 17:36	235520	----a-w-	c:\windows\system32\url.dll
2020-03-22 17:36 . 2020-03-22 17:36	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2020-03-22 17:36 . 2020-03-22 17:36	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2020-03-22 17:36 . 2020-03-22 17:36	105984	----a-w-	c:\windows\system32\iesysprep.dll
2020-03-22 17:36 . 2020-03-22 17:36	62464	----a-w-	c:\windows\system32\pngfilt.dll
2020-03-22 17:36 . 2020-03-22 17:36	48128	----a-w-	c:\windows\system32\imgutil.dll
2020-03-22 17:36 . 2020-03-22 17:36	167424	----a-w-	c:\windows\system32\iexpress.exe
2020-03-22 17:36 . 2020-03-22 17:36	143872	----a-w-	c:\windows\system32\wextract.exe
2020-03-22 17:36 . 2020-03-22 17:36	13824	----a-w-	c:\windows\system32\mshta.exe
2020-03-22 17:36 . 2020-03-22 17:36	135680	----a-w-	c:\windows\system32\iepeers.dll
2020-03-20 05:36 . 2019-09-09 12:40	121542864	-c--a-w-	c:\windows\system32\MRT.exe
2020-03-08 13:22 . 2010-06-24 09:33	34496	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"="c:\program files\CCleaner\CCleaner64.exe" [2020-03-19 22245560]
"Spotify"="c:\users\Luismi\AppData\Roaming\Spotify\Spotify.exe" [2020-04-19 22932200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-05 336384]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-06-28 168504]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-06-14 587320]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-06-13 336440]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-05-17 61112]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"PSUAMain"="c:\program files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" [2018-12-19 153808]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2020-03-08 1444880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 CCleanerBrowserElevationService;CCleaner Browser Elevation Service;c:\program files (x86)\CCleaner Browser\Application\80.1.3902.165\elevation_service.exe;c:\program files (x86)\CCleaner Browser\Application\80.1.3902.165\elevation_service.exe [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files (x86)\Google\Chrome\Application\81.0.4044.122\elevation_service.exe;c:\program files (x86)\Google\Chrome\Application\81.0.4044.122\elevation_service.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Panda VPN Service;Panda VPN Service;c:\program files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe;c:\program files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WiaRpc;Eventos de adquisición de imágenes estáticas;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSAlpc.sys [x]
S1 NNSDNS;NNSDNS;c:\windows\system32\DRIVERS\NNSDns.sys;c:\windows\SYSNATIVE\DRIVERS\NNSDns.sys [x]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttp.sys [x]
S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttps.sys [x]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys;c:\windows\SYSNATIVE\DRIVERS\NNSIds.sys [x]
S1 NNSNAHSL;NNSNAHSL;c:\windows\system32\DRIVERS\NNSNAHSL.sys;c:\windows\SYSNATIVE\DRIVERS\NNSNAHSL.sys [x]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPicc.sys [x]
S1 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPihsw.sys [x]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPop3.sys [x]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys;c:\windows\SYSNATIVE\DRIVERS\NNSProt.sys [x]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPrv.sys [x]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSSmtp.sys [x]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys;c:\windows\SYSNATIVE\DRIVERS\NNSStrm.sys [x]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSTlsc.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys;c:\windows\SYSNATIVE\DRIVERS\psinknc.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 MBAMChameleon;MBAMChameleon;c:\windows\System32\Drivers\MbamChameleon.sys;c:\windows\SYSNATIVE\Drivers\MbamChameleon.sys [x]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe [x]
S2 NanoServiceMain;Panda Protection Service;c:\program files (x86)\Panda Security\Panda Security Protection\PSANHost.exe;c:\program files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [x]
S2 PandaAgent;Panda Devices Agent;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [x]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys;c:\windows\SYSNATIVE\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProt.sys [x]
S2 PSINReg;PSINReg;c:\windows\system32\DRIVERS\PSINReg.sys;c:\windows\SYSNATIVE\DRIVERS\PSINReg.sys [x]
S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Security Protection\PSUAService.exe;c:\program files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\Drivers\mbamswissarmy.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMCHAMELEON
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
*Deregistered* - PSKMAD
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalSystemNetworkRestricted
WiaRpc
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-11 6602856]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-06-27 42808]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalSystemNetworkRestricted
WiaRpc
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.es/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 80.58.61.250 80.58.61.254
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe
.
.
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Hard Disk Sentinel\HDSentinel.exe
c:\program files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
c:\program files (x86)\CCleaner Browser\Update\1.6.607.0\CCleanerBrowserCrashHandler.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
.
**************************************************************************
.
Completion time: 2020-04-25  21:24:50 - machine was rebooted
ComboFix-quarantined-files.txt  2020-04-25 19:24
ComboFix2.txt  2020-04-22 20:35
.
Pre-Run: 209.414.119.424 bytes libres
Post-Run: 209.567.236.096 bytes libres
.
- - End Of File - - 7FB1997F751136CCFBD0BF75FA614F95
A36C5E4F47E84449FF07ED3517B43A31

Saludos

Bien… y ahora Para eliminar las heramientas usadas:

  • Descarga :arrow_forward: DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Marca todas las casillas.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), copia y pega ese informe en tu próxima respuesta.

Y nos comentas como sigue el problema inicialmente planteado. :face_with_monocle:

Saludos.

Hola de nuevo, aquí pongo el informe. Son dos reportes porque tuve que repetir, había agrupado algunas herramientas dentro de una carpeta. El pc sigue igual de lento, será entonces los años que tiene y los recursos

# DelFix v1.013 - Logfile created 26/04/2020 at 18:09:05
# Updated 17/04/2016 by Xplode
# Username : Luismi - LUISMI-HP
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\Users\Luismi\Desktop\ComboFix.exe
Deleted : C:\Users\Luismi\Desktop\ComboFix.txt
Deleted : C:\Users\Luismi\Downloads\adwcleaner_8.0.4 (1).exe
Deleted : C:\Users\Luismi\Downloads\adwcleaner_8.0.4 (2).exe
Deleted : C:\Users\Luismi\Downloads\JRT (1).exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #41 [Windows Update | 03/30/2020 10:29:04]
Deleted : RP #42 [Windows Update | 04/05/2020 09:17:20]
Deleted : RP #43 [AdwCleaner_BeforeCleaning_10/04/2020_13:34:01 | 04/10/2020 11:34:08]
Deleted : RP #44 [JRT Pre-Junkware Removal | 04/10/2020 12:10:35]
Deleted : RP #45 [Windows Update | 04/11/2020 11:29:20]
Deleted : RP #46 [Windows Update | 04/16/2020 12:54:00]
Deleted : RP #47 [Windows Update | 04/18/2020 21:08:33]
Deleted : RP #48 [Windows Update | 04/19/2020 10:57:46]
Deleted : RP #49 [Windows Update | 04/19/2020 12:12:45]
Deleted : RP #50 [Windows Update | 04/20/2020 12:08:58]
Deleted : RP #51 [Windows Update | 04/21/2020 09:14:04]
Deleted : RP #52 [Windows Update | 04/22/2020 10:06:17]
Deleted : RP #53 [Windows Update | 04/23/2020 10:10:43]
Deleted : RP #54 [Windows Update | 04/24/2020 19:52:48]
Deleted : RP #55 [Windows Update | 04/26/2020 10:20:37]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
# DelFix v1.013 - Logfile created 26/04/2020 at 18:15:34
# Updated 17/04/2016 by Xplode
# Username : Luismi - LUISMI-HP
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\Users\Luismi\Desktop\adwcleaner_8.0.4.exe
Deleted : C:\Users\Luismi\Desktop\FRST64.exe
Deleted : C:\Users\Luismi\Desktop\JRT.exe

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #56 [End of disinfection | 04/26/2020 16:10:15]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Saludos

Hola @Lmls, perdona el retraso en contestar NO me llegaron las notificaciones. :roll_eyes:

Poco mas queda por hacer lo único que podrías hacer serian estos pasos :arrow_right: Liberar Espacio en Discos y Particiones , realiza los primeros pasos del manual que son los específicos para W7. :face_with_monocle:

Saludos.

Hola de nuevo, Liberé espacio ya pero sigue igual. Estoy pensando en comprar un PC nuevo. Para pedir información o consejo debo cambiar de hilo, verdad? Saludos

Hola.

Efectivamente. :+1:

Dinos entonces… SI podemos dar este tema por acabado. :thinking:

Saludos.

Sí, se puede dar por acabado. Gracias por la ayuda guiada, es facil seguir los pasos Saludos :+1: :+1:

1 me gusta

Perfecto @Lmls y ahora ya damos el tema por acabado. :+1:


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos.

Tema Terminado.

Saludos, Javier.

1 me gusta