Hola, mi pc esta lenta al inicio, no he descargado nada últimamente windows 7
Hola
-
Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.
-
Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) ¿Cómo saber si mi Windows es de 32 o 64 bits?
-
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.
-
En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.
-
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.
En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST
Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.
HoLA mIguel estos son los reportes: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29.11.2018 01 Ran by ROBOT (administrator) on ROBOT-PC (30-11-2018 18:44:22) Running from C:\Users\ROBOT\Desktop Loaded Profiles: ROBOT (Available Profiles: ROBOT) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Español (España, internacional) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-3825092553-2521613898-2810132541-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4556048 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-3825092553-2521613898-2810132541-1000\...\MountPoints2: E - E:\autorun.exe
HKU\S-1-5-21-3825092553-2521613898-2810132541-1000\...\MountPoints2: {7d57c788-2fca-11e8-8ab2-001aa07757f6} - E:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2018-07-25]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
BootExecute: autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{9E05F1AE-6CE4-464B-892D-EE7B5D580041}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-11-02] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2018-11-17] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-06] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: rtlimh6a.default
FF ProfilePath: C:\Users\ROBOT\AppData\Roaming\Mozilla\Firefox\Profiles\rtlimh6a.default [2018-11-30]
FF Extension: (Telemetry coverage) - C:\Users\ROBOT\AppData\Roaming\Mozilla\Firefox\Profiles\rtlimh6a.default\features\{9d37103b-7fef-4834-b6a3-f35b965770d3}\[email protected] [2018-10-10] [Legacy]
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-09] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-11-30]
CHR Extension: (Presentaciones) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-29]
CHR Extension: (Documentos) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-29]
CHR Extension: (Google Drive) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-29]
CHR Extension: (YouTube) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-29]
CHR Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cdfjbkbddpfnoplfhceolpopfoepleco [2018-10-29]
CHR Extension: (Adblock Plus) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-11-14]
CHR Extension: (Hojas de cálculo) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-29]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-29]
CHR Extension: (Chrono Gestor de Descargas) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2018-10-29]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-29]
CHR Extension: (Gmail) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-31]
CHR Profile: C:\Users\ROBOT\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-30]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [6087248 2018-11-08] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1030928 2015-02-27] (Disc Soft Ltd)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [193888 2010-06-01] (Ralink Technology, Corp.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25104 2018-03-24] (Disc Soft Ltd)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2018-04-08] (Glarysoft Ltd)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [856928 2010-05-26] (Ralink Technology Corp.)
S0 uddog; system32\DRIVERS\uddog.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-30 18:44 - 2018-11-30 18:45 - 000009273 _____ C:\Users\ROBOT\Desktop\FRST.txt
2018-11-30 18:44 - 2018-11-30 18:44 - 000000000 ____D C:\FRST
2018-11-30 18:42 - 2018-11-30 18:42 - 001776128 _____ (Farbar) C:\Users\ROBOT\Desktop\FRST.exe
2018-11-30 15:22 - 2018-11-30 15:37 - 000539487 ____H C:\Users\ROBOT\Documents\~WRL0584.tmp
2018-11-30 14:11 - 2018-11-30 14:11 - 000000000 __SHD C:\found.001
2018-11-29 11:25 - 2018-11-29 11:25 - 000000000 ____D C:\Users\ROBOT\AppData\Local\mbam
2018-11-29 11:24 - 2018-11-29 11:24 - 000000000 ____D C:\Users\ROBOT\AppData\Local\mbamtray
2018-11-29 11:22 - 2018-11-29 11:22 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-29 11:22 - 2018-11-29 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-29 11:21 - 2018-11-29 16:58 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2018-11-29 11:21 - 2018-11-29 11:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-29 11:21 - 2018-11-29 11:21 - 000000000 ____D C:\Program Files\Malwarebytes
2018-11-29 10:58 - 2018-11-29 11:00 - 007321808 _____ (Malwarebytes) C:\Users\ROBOT\Downloads\adwcleaner_7.2.5.0.exe
2018-11-23 15:27 - 2018-11-23 15:30 - 000018109 ____H C:\Users\ROBOT\Documents\~WRL2993.tmp
2018-11-19 22:00 - 2018-11-19 22:01 - 000264182 _____ C:\Users\ROBOT\Downloads\CR_Ayuda_por_Desempleo_desc (1).pdf
2018-11-11 20:18 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\Windows\system32\fmcodec.DLL
2018-10-31 12:25 - 2018-10-31 12:25 - 000049152 _____ C:\Windows\system32\config\SOFTWARE.gu
2018-10-31 12:25 - 2018-10-31 12:25 - 000024576 _____ C:\Windows\system32\config\SECURITY.gu
2018-10-31 12:25 - 2018-10-31 12:25 - 000024576 _____ C:\Windows\system32\config\SAM.gu
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-30 18:37 - 2009-07-13 22:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-30 17:20 - 2009-07-13 22:34 - 000028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-30 17:20 - 2009-07-13 22:34 - 000028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-30 11:57 - 2018-05-22 14:36 - 000000000 ____D C:\Users\ROBOT\Desktop\NowSmart Recordings
2018-11-30 11:52 - 2011-04-11 19:30 - 000014432 _____ C:\Windows\system32\perfh00A.dat
2018-11-30 11:52 - 2011-04-11 19:30 - 000004630 _____ C:\Windows\system32\perfc00A.dat
2018-11-30 11:52 - 2010-11-20 15:01 - 000789652 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-30 11:52 - 2009-07-13 20:37 - 000000000 ____D C:\Windows\inf
2018-11-30 11:09 - 2018-05-06 21:49 - 000000000 ____D C:\Users\ROBOT\AppData\Roaming\PhotoScape
2018-11-30 11:09 - 2018-03-24 19:22 - 000000000 ____D C:\Users\ROBOT\AppData\Roaming\DAEMON Tools Lite
2018-11-29 15:10 - 2009-07-13 22:53 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-27 22:16 - 2018-03-24 19:04 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-27 22:15 - 2018-03-24 19:04 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-18 08:26 - 2018-03-25 12:01 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-18 08:23 - 2009-07-13 20:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-11-18 08:10 - 2018-03-25 10:59 - 000000000 ____D C:\Program Files\Microsoft Office
2018-11-16 10:43 - 2018-03-25 12:06 - 000000000 ___RD C:\Users\ROBOT\OneDrive
2018-11-16 10:43 - 2018-03-25 12:05 - 000002156 _____ C:\Users\ROBOT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-11-15 16:35 - 2018-03-26 16:25 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-15 10:13 - 2018-06-08 15:21 - 000000000 ____D C:\Users\ROBOT\Downloads\u
2018-11-14 21:15 - 2018-06-08 15:21 - 000000600 _____ C:\Users\ROBOT\PUTTY.RND
2018-11-12 12:55 - 2018-04-08 15:07 - 000000000 ____D C:\Program Files\Glary Utilities 5
2018-11-11 22:18 - 2018-09-16 14:59 - 000000000 ____D C:\Users\ROBOT\Desktop\User Tracks
2018-11-11 20:18 - 2018-04-20 09:16 - 000002074 _____ C:\Users\Public\Desktop\Music Search MP3.lnk
2018-11-11 20:18 - 2018-04-20 09:16 - 000001148 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2018-11-11 20:18 - 2018-04-20 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2018-11-06 09:30 - 2018-05-29 20:39 - 000000000 ____D C:\Program Files\CCleaner
2018-10-31 12:25 - 2018-03-24 18:54 - 000000000 ____D C:\Users\ROBOT
2018-10-31 12:25 - 2009-07-13 20:03 - 054001664 _____ C:\Windows\system32\config\SOFTWARE.gu.bak
2018-10-31 12:25 - 2009-07-13 20:03 - 013107200 _____ C:\Windows\system32\config\SYSTEM.gu.bak
2018-10-31 12:25 - 2009-07-13 20:03 - 000786432 _____ C:\Windows\system32\config\DEFAULT.gu.bak
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-06 12:15
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29.11.2018 01
Ran by ROBOT (30-11-2018 18:46:22)
Running from C:\Users\ROBOT\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2018-03-25 00:54:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3825092553-2521613898-2810132541-500 - Administrator - Disabled)
Invitado (S-1-5-21-3825092553-2521613898-2810132541-501 - Limited - Disabled)
ROBOT (S-1-5-21-3825092553-2521613898-2810132541-1000 - Administrator - Enabled) => C:\Users\ROBOT
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
aTube Catcher versión 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.2.2 (HKLM\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
Audio Record Wizard (HKLM\...\Audio Record Wizard) (Version: 7.16 - NowSmart)
Blackboard Collaborate Launcher (HKLM\...\{AEED1D32-C837-405A-8009-6660E3883C9E}) (Version: 1.6.4.0 - Blackboard)
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
FormatFactory 3.6.0.0 (HKLM\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
GIMP 2.10.2 (HKLM\...\GIMP-2_is1) (Version: 2.10.2 - The GIMP Team)
Glary Utilities 5.75 (HKLM\...\Glary Utilities 5) (Version: 5.75.0.96 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.11001.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3825092553-2521613898-2810132541-1000\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 62.0.3 (x86 es-MX) (HKLM\...\Mozilla Firefox 62.0.3 (x86 es-MX)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Pro Evolution Soccer 2008 (HKLM\...\{2FDFD600-7338-4738-90D5-FC4ACA08DC36}) (Version: 1.00.0000 - KONAMI) Hidden
Pro Evolution Soccer 2008 (HKLM\...\InstallShield_{2FDFD600-7338-4738-90D5-FC4ACA08DC36}) (Version: 1.00.0000 - KONAMI)
Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.8.0 - Ralink)
SMRecorder 1.3.2 (HKLM\...\SMRecorder) (Version: 1.3.2 - SMRecorder)
The Incredible Hulk (HKLM\...\The Incredible Hulk) (Version: - )
USB Gamepad Controller (HKLM\...\FTQ292) (Version: - )
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2016-06-22] (Glarysoft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2016-06-22] (Glarysoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Intel Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2016-06-22] (Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AA22488-1E86-4D8E-AB41-2A430D294932} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-08] (Microsoft Corporation)
Task: {1AB200BC-C600-467E-BA63-7F9EBF60DED6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-11-17] (Microsoft Corporation)
Task: {1B857910-8EDD-4AFD-B8F8-E5E4FB746F86} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-17] (Microsoft Corporation)
Task: {24D2B35B-75DD-4ED0-82D7-C1F91AF50129} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3825092553-2521613898-2810132541-1000
Task: {27AE0C34-DFFE-4437-A7AA-904D291305EC} - System32\Tasks\{3A38C9FB-7F34-4AC4-B2BE-C529E5BAF5C0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\EA GAMES\NFS Underground\eauninstall.exe" -d "C:\Program Files\EA GAMES\NFS Underground"
Task: {3036D61F-49C7-4D96-B8D7-05ADF66CC8A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Ltd)
Task: {3F12DAF6-60AF-4505-AE73-998351D78290} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-17] (Microsoft Corporation)
Task: {5054A11B-AC7E-40B6-9CAA-2CCD4357897E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-17] (Microsoft Corporation)
Task: {58D5C9E3-8E31-4FA6-80CC-1CD07B12A482} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-03-24] (Google Inc.)
Task: {6F473260-E616-476B-819D-7E027C0BFBE6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {7E2416BD-C774-449F-A11F-7C187ADEAE5E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-17] (Microsoft Corporation)
Task: {A4937130-BF7B-49E1-B456-91AA4C9EC327} - System32\Tasks\GU5SkipUAC => C:\Program Files\Glary Utilities 5\Integrator.exe [2017-05-07] (Glarysoft Ltd)
Task: {A7E6CB72-B8F8-48F2-B9EC-37648C0A5494} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-08] (Microsoft Corporation)
Task: {C10616C4-C120-433A-983A-564945A39B31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-03-24] (Google Inc.)
Task: {D414E8E5-8551-4629-A1FE-DD2BC930F157} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-17] (Microsoft Corporation)
Task: {D5753AC6-AB38-43B3-8C28-6635A77E4573} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-17] (Microsoft Corporation)
Task: {D8528C42-04F9-40BA-B57E-5CB4379DE578} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {E018FEDF-1898-45D2-871C-EB5CFEFB2A32} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [2017-05-07] (Glarysoft Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-07-25 14:44 - 2010-06-14 13:38 - 000984416 _____ () C:\Program Files\Ralink\Common\RaWLAPI.dll
2018-11-27 22:15 - 2018-11-16 00:34 - 002249560 _____ () C:\Program Files\Google\Chrome\Application\70.0.3538.110\swiftshader\libglesv2.dll
2018-11-27 22:15 - 2018-11-16 00:34 - 000125272 _____ () C:\Program Files\Google\Chrome\Application\70.0.3538.110\swiftshader\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3825092553-2521613898-2810132541-1000\...\sharepoint.com -> hxxps://unadmex-files.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:04 - 2018-07-04 13:03 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3825092553-2521613898-2810132541-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ROBOT\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 2
MSCONFIG\Services: MBAMService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4D4DC5E0-128B-4130-A5AA-5D0E1526F8BF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F7B14DBA-E0F5-4738-BE00-3BF618A8A595}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{D1A33003-CF98-46B6-84DE-F67620CC9AD5}C:\users\robot\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe] => (Allow) C:\users\robot\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe
FirewallRules: [UDP Query User{939AE897-FB0E-425B-910A-0E39F5463859}C:\users\robot\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe] => (Allow) C:\users\robot\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_80\bin\javaw.exe
FirewallRules: [{2B22344F-49EB-4CD1-9AE2-7333EE5F9593}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{BBB04343-85BC-40FB-961E-57ACD7D1414B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{81BAEB09-147F-4DA4-BA96-CB3432BF94EC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F2CA3AB2-1408-4634-BEBB-14496076C12C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0413318D-719B-4BFD-ABAF-3190D1B45480}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0E0032EB-A09E-4052-A2CA-D4A47F94F67F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{E90ACBB5-3737-4E71-A72B-968D8CA79FA0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{447B8AE9-C606-49FC-9772-A25A776C2482}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{9CD23089-2699-40D4-8DA8-6B1D9C64EBF9}C:\program files\konami\pro evolution soccer 2008\pes2008.exe] => (Allow) C:\program files\konami\pro evolution soccer 2008\pes2008.exe
FirewallRules: [UDP Query User{81C515A6-F802-416C-B654-CF58B4604DC3}C:\program files\konami\pro evolution soccer 2008\pes2008.exe] => (Allow) C:\program files\konami\pro evolution soccer 2008\pes2008.exe
FirewallRules: [{791E11E4-69A9-41CF-B062-C5F92A1A20DF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Puerto serie PCI
Description: Puerto serie PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controladora simple de comunicaciones PCI
Description: Controladora simple de comunicaciones PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/30/2018 06:38:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (11/30/2018 05:14:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (11/30/2018 02:14:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (11/30/2018 11:08:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (11/30/2018 07:51:09 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/30/2018 07:38:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (11/29/2018 06:34:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (11/29/2018 06:13:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
System errors:
=============
Error: (11/30/2018 06:37:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
cdrom
Error: (11/30/2018 06:37:01 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 06:11:00 p.m. del 30/11/2018 resultó inesperado.
Error: (11/30/2018 05:12:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
cdrom
Error: (11/30/2018 05:12:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 04:20:50 p.m. del 30/11/2018 resultó inesperado.
Error: (11/30/2018 02:13:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
cdrom
Error: (11/30/2018 02:12:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 12:05:02 p.m. del 30/11/2018 resultó inesperado.
Error: (11/30/2018 11:51:03 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
Error: (11/30/2018 11:50:59 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Percentage of memory in use: 89%
Total physical RAM: 996.61 MB
Available physical RAM: 109.13 MB
Total Virtual: 2020.61 MB
Available Virtual: 916.31 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:37.15 GB) (Free:4.51 GB) NTFS
\\?\Volume{f439813d-2fc5-11e8-b4d6-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 37.3 GB) (Disk ID: 4B72C0F6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=37.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================