Ordenador lento

piltriqui

Nuevo Miembro
Miembro
Buenos días:
Llevo cosa de dos semanas que el ordenador va muy muy lento. Cada vez que quiero cambiar de aplicación se queda pensando y pone que el programa "no responde"
Lo único con lo que lo relacionaba es con que actualicé Windows, así que volví al punto de restauración anterior, pero no se ha solucionado.
Os copio el log de HijackThis a ver si podéis echarme una mano, porque es desesperante
Insertar CODE, HTML o PHP:
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 7 (Ultimate), 6.1.7601.24214, Service Pack: 1
Time:      13.12.2019 - 10:02 (UTC+01:00)
Language:  OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0xC0A)
Elevated:  Yes
Ran by:    ALMUDENA    (group: Administrator) on ALMUDENA-PC, FirstRun: no

Chrome:  78.0.3904.108
Firefox: 70.0.1.7242
Internet Explorer: 11.0.9600.19230
Default: Program is not associated

Boot mode: Normal

Running processes:
Number | Path
   1  C:\GrupoSP\CON2012\Contabilidad.exe
   1  C:\GrupoSP\CON2012\DashboardFrame.exe
   1  C:\GrupoSP\SPPanel\SPPG.EXE
   1  C:\GrupoSP\SPPanel\SagePDFPrinter.exe
   1  C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
   1  C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
   1  C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
   2  C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
   1  C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
   1  C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
   2  C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
   1  C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
   1  C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
   3  C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe
   3  C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
  10  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
   1  C:\Program Files (x86)\JetAdvice\Data Collector\DataCollectorService.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
   1  C:\Program Files\Bonjour\mDNSResponder.exe
   1  C:\Program Files\CCleaner\CCleaner64.exe
   1  C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
   1  C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\HPNetworkCommunicatorCom.exe
   1  C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\ScanToPCActivationApp.exe
   1  C:\Program Files\Intel\iCLS Client\HeciServer.exe
   1  C:\Program Files\Macrium\Reflect\ReflectService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   1  C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
   1  C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
   1  C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
   1  C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
   1  C:\Program Files\Windows Media Player\wmpnetwk.exe
   1  C:\Program Files\iPod\bin\iPodService.exe
   1  C:\Program Files\iTunes\iTunesHelper.exe
   1  C:\Windows\SysWOW64\notepad.exe
   1  C:\Windows\System32\DbxSvc.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dwm.exe
   1  C:\Windows\System32\igfxCUIService.exe
   1  C:\Windows\System32\igfxEM.exe
   1  C:\Windows\System32\igfxHK.exe
   1  C:\Windows\System32\igfxTray.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\lsm.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  15  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskeng.exe
   2  C:\Windows\System32\taskhost.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wuauclt.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\notepad.exe
   1  H:\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = Google
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1B7A2AD1-E69A-430E-BE18-608092834280}: = https://es.search.yahoo.com/search?p={searchTerms}&intl=es&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle - Yahoo Search 
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: [SuggestionsURL_JSON] = https://toolbar.avg.com/acp?q={searchTerms}&o=1 - AVG Secure Search 
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: [URL] = https://mysearch.avg.com/search?cid={DBBC1F59-68E9-4BFB-9CF9-AF4FCBEA2CE3}&mid=eda91a95ebc547cd959fd15256e4c31f-754867eaa81cae89ebb479f95a235cde2bce6abf&lang=es&ds=AVG&coid=avgtbavg&cmpid=1015tb&pr=fr&d=2015-02-17 10:45:38&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms} - AVG Secure Search 
O1 - Hosts: 127.0.0.1 activate.adobe.com 
O1 - Hosts: 127.0.0.1 practivate.adobe.com 
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com 
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com O1 - Hosts: 93.93.112.70 Imanaire.es 
O1 - Hosts: mail.imanaire.es 
O1 - Hosts: 217.148.72.211 caixabank.es 
O1 - Hosts: 178.60.206.69 bancopopular.es 
O1 - Hosts: 193.41.234.29 ing.es 
O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll 
O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll 
O2-32 - HKLM\..\BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll 
O2-32 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll 
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll 
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll 
O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll 
O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll 
O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll 
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe 
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] = C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe 
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR 
O4 - HKCU\..\Run: [HP PageWide Pro 477dw MFP (NET)] = C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\ScanToPCActivationApp.exe -scfn "HP PageWide Pro 477dw MFP (NET)" -AutoStart 1 
O4 - HKLM\..\Run: [AVGUI.exe] = C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe /gui 
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe 
O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe 
O4 - HKLM\..\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe 
O4 - HKLM\..\Session Manager: [BootExecute] = C:\Windows\system32\sdnclean64.exe 
O4 - HKU\.DEFAULT\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 
O4 - MSConfig\startupreg: Acrobat Assistant 8.0 [command] = C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (HKLM) (2015/01/09) 
O4 - MSConfig\startupreg: AdobeAAMUpdater-1.0 [command] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (HKLM) (2015/01/09) 
O4 - MSConfig\startupreg: CCleaner Monitoring [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2015/01/09) O4-32 - HKLM\..\Run: [Acrobat Assistant 8.0] = C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe 
O4-32 - HKLM\..\Run: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup 
O4-32 - HKLM\..\Run: [HP Software Update] = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 
O4-32 - HKLM\..\Run: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe 
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 
O4-32 - HKLM\..\Run: [vProt] = C:\Program Files (x86)\AVG Web TuneUp\vprot.exe 
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll 
O15 - Trusted Zone: https://agenciatributaria.gob.es 
O15 - Trusted Zone: https://amazon.es 
O15 - Trusted Zone: https://fnmt.es 
O15 - Trusted Zone: https://fnmt.gob.es 
O15 - Trusted Zone: https://jcyl.es 
O15 - Trusted Zone: https://sede.seg-social.gob.es 
O15 - Trusted Zone: https://servicios3.jcyl.es 
O15 - Trusted Zone: https://w6.seg-social.es 
O15 - Trusted Zone: https://www.catastro.meh.es 
O15 - Trusted Zone: https://www1.agenciatributaria.gob.es 
O16-32 - DPF: HKLM\..\{2DAB6EF1-66C3-427C-87CD-8DC448C47EAE}\DownloadInformation: (no name)  = https://www5.aeat.es/es13/h/tgvicab.cab 
O16-32 - DPF: HKLM\..\{947B00D2-962D-4A35-9E48-98EE6A442B41}\DownloadInformation: (no name)  https://www1.agenciatributaria.gob.es/ADUA/internet/aded1503.cab O16-32 - DPF: HKLM\..\{B178DBD1-25DF-4187-9BE0-05D123B91B98}\DownloadInformation: WSCryptoSystem Class = https://servicios4.jcyl.es/websigner/cab/WebSigner2.cab 
O16-32 - DPF: HKLM\..\{B785FA3C-1DE9-4D20-8396-613C486FE95E}\DownloadInformation: (no name)  = https://www1.agenciatributaria.gob.es/es13/h/cactivex.cab 
O17 - DHCP DNS 1: 80.58.0.33 O17 - DHCP DNS 2: 80.58.32.97 
O18 - HKLM\Software\Classes\Protocols\Handler\viprotocol: [CLSID] = {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll 
O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing) 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O22 - Task (.job): (disabled) (Ready) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c O22 - Task (.job): (disabled) (Ready) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O23 - Service R2: AVG Antivirus - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe 
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 
O23 - Service R2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
 O23 - Service R2: DbxSvc - C:\Windows\system32\DbxSvc.exe 
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe 
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe 
O23 - Service R2: JetAdvice Data Collector Service - C:\Program Files (x86)\JetAdvice\Data Collector\DataCollectorService.exe 
O23 - Service R2: Macrium Reflect Image Mounting Service - (ReflectService.exe) - C:\Program Files\Macrium\Reflect\ReflectService.exe 
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe 
O23 - Service R2: Servicio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe 
O23 - Service R2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 
O23 - Service R2: WtuSystemSupport - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 
O23 - Service R3: Servicio del iPod - (iPod Service) - C:\Program Files\iPod\bin\iPodService.exe 
O23 - Service R3: avgbIDSAgent - C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe 
O23 - Service S2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe 
O23 - Service S2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 
O23 - Service S2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 
O23 - Service S2: Servicio Actualización de Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc 
O23 - Service S2: Servicio de Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc 
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\elevation_service.exe 
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Remote Packet Capture Protocol v.0 (experimental) - (rpcapd) - C:\Program Files (x86)\WinPcap\rpcapd.exe -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini" 
O23 - Service S3: Servicio Actualización de Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc 
O23 - Service S3: Servicio de Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc -- End of file - Time spent: 141,6 sec. - 38130 bytes, CRC32: FFFFFFFF. 
Sign: ㍏隰
 

piltriqui

Nuevo Miembro
Miembro
LOG DE ESET
Insertar CODE, HTML o PHP:
17:57:00 can not get scanner. e_gle=1001
17:57:00 # product=EOS
# version=8
# esetonlinescanner_esn.exe=3.1.10.0
# country="Spain"
# lang=3082
17:59:22 Updating
17:59:22 Update Init
17:59:47 Update Download
18:01:38 esets_scanner_reload returned 0
18:01:40 g_uiModuleBuild: 43767
18:01:43 Update Finalize
18:01:45 Call m_esets_charon_send
18:01:48 Call m_esets_charon_destroy
18:01:50 Updated modules version: 43767
18:04:14 Scanner engine: 43767
09:17:41 # product=EOS
# version=8
# stats_enabled=0
# rating=0
# feedback=
sh=E0DDBBD89404FCB039193B89528E3854C6E805A4 ft=1 fh=00000000002e53b0 vn="Win32/Bundled.Toolbar.Google.D aplicación potencialmente peligrosa (Ha ocurrido un error mientras se estaba eliminación (Acceso denegado).)" ac=I fn="C:\Program Files (x86)\AVG\Antivirus\setup\aswOfferTool.exe"
sh=E0DDBBD89404FCB039193B89528E3854C6E805A4 ft=1 fh=00000000002e53b0 vn="Win32/Bundled.Toolbar.Google.D aplicación potencialmente peligrosa (Ha ocurrido un error mientras se estaba eliminación (Acceso denegado).)" ac=I fn="C:\Program Files (x86)\AVG\Antivirus\setup\offertool_x64_ais-c24.vpx"
sh=20839E9D158AEA745817FA2671565A6BCA12CD8E ft=1 fh=00000000004d0200 vn="una variante de MSIL/HackKMS.H aplicación potencialmente peligrosa (no se ha podido desinfectar - archivo eliminado)" ac=C fn="C:\Windows\AutoKMS\AutoKMS.exe"
09:17:42 Call m_esets_charon_send
09:17:42 Call m_esets_charon_destroy
09:18:59 can not get scanner. e_gle=1001
09:47:41 # product=EOS
# version=8
# esetonlinescanner_esn.exe=3.1.10.0
# country="Spain"
# lang=3082
09:47:47 can not get scanner. e_gle=1001

LOG DE MALWAREBYTES
Insertar CODE, HTML o PHP:
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 13/12/19
Hora del análisis: 17:19
Archivo de registro: 4e652d56-1dc4-11ea-8660-94de80543fa4.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.781
Versión del paquete de actualización: 1.0.16114
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: ALMUDENA-PC\ALMUDENA

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 281534
Amenazas detectadas: 1
Amenazas en cuarentena: 1
Tiempo transcurrido: 17 min, 31 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Advertencia
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
Adware.ISTBar, C:\$RECYCLE.BIN\S-1-5-21-3334638056-1916943267-3411405140-1000\$RFUF8AI.EXE, En cuarentena, 3345, 30792, 1.0.16114, , ame,

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)
(end)
LOG DE ADWCLEANER
Insertar CODE, HTML o PHP:
# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build:    11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support:  Customer Support & Help Center
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    12-13-2019
# Duration: 00:00:28
# OS:       Windows 7 Professional
# Scanned:  35225
# Detected: 48


***** [ Services ] *****

PUP.Optional.Legacy             WtuSystemSupport

***** [ Folders ] *****

PUP.Adware.Heuristic            C:\ProgramData\AVG_UPDATE_0215TB
PUP.Optional.Legacy             C:\Program Files (x86)\Common Files\AVG Secure Search
PUP.Optional.Legacy             C:\Program Files (x86)\avg web tuneup
PUP.Optional.Legacy             C:\Program Files\Common Files\AVG Secure Search
PUP.Optional.Legacy             C:\ProgramData\AVG Secure Search
PUP.Optional.Legacy             C:\ProgramData\AVG Security Toolbar
PUP.Optional.Legacy             C:\ProgramData\avg web tuneup
PUP.Optional.Legacy             C:\Users\ALMUDENA\AppData\LocalLow\avg web tuneup
PUP.Optional.Legacy             C:\Users\ALMUDENA\AppData\Local\YSearchUtil
PUP.Optional.Legacy             C:\Users\ALMUDENA\AppData\Local\avg web tuneup
PUP.Optional.Legacy             C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
PUP.Optional.Legacy             C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy             HKCU\Software\AVG Tuneup
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\AVG Tuneup
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\ViProtocol.DLL
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\protocols\handler\viprotocol
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\avgsh

***** [ Chromium (and derivatives) ] *****

PUP.Optional.AmazonBrowserBar   Amazon Assistant for Chrome
PUP.Optional.Legacy             Yahoo para Chrome

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

PUP.Optional.Legacy             Search and New Tab by Yahoo
PUP.Optional.Legacy             Search and New Tab by Yahoo

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
 

piltriqui

Nuevo Miembro
Miembro
Esto sigue igual
Insertar CODE, HTML o PHP:
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 7 (Ultimate), 6.1.7601.24214, Service Pack: 1
Time:      16.12.2019 - 10:25 (UTC+01:00)
Language:  OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0xC0A)
Elevated:  Yes
Ran by:    ALMUDENA    (group: Administrator) on ALMUDENA-PC, FirstRun: yes

Chrome:  78.0.3904.108
Firefox: 70.0.1.7242
Internet Explorer: 11.0.9600.19230
Default: Program is not associated

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
   2  C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
   1  C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
   1  C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
   1  C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
   1  C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
   1  C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  19  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
   1  C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
   1  C:\Program Files (x86)\JetAdvice\Data Collector\DataCollectorService.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
   1  C:\Program Files\Bonjour\mDNSResponder.exe
   1  C:\Program Files\CCleaner\CCleaner64.exe
   1  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
   1  C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\HPNetworkCommunicatorCom.exe
   1  C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\ScanToPCActivationApp.exe
   1  C:\Program Files\Intel\iCLS Client\HeciServer.exe
   1  C:\Program Files\Macrium\Reflect\ReflectService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   1  C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
   3  C:\Program Files\Mozilla Firefox\firefox.exe
   1  C:\Program Files\Windows Media Player\wmpnetwk.exe
   1  C:\Program Files\iPod\bin\iPodService.exe
   1  C:\Program Files\iTunes\iTunesHelper.exe
   1  C:\Windows\SysWOW64\WerFault.exe
   1  C:\Windows\System32\DbxSvc.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dwm.exe
   1  C:\Windows\System32\igfxCUIService.exe
   1  C:\Windows\System32\igfxEM.exe
   1  C:\Windows\System32\igfxHK.exe
   1  C:\Windows\System32\igfxTray.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\lsm.exe
   3  C:\Windows\System32\notepad.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  15  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskeng.exe
   2  C:\Windows\System32\taskhost.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wuauclt.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\notepad.exe
   1  H:\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = Google
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1B7A2AD1-E69A-430E-BE18-608092834280}: = https://es.search.yahoo.com/search?p={searchTerms}&intl=es&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle - Yahoo Search 
O1 - Hosts: 127.0.0.1 activate.adobe.com 
O1 - Hosts: 127.0.0.1 practivate.adobe.com
 O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com 
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com 
O1 - Hosts: 93.93.112.70 Imanaire.es 
O1 - Hosts: mail.imanaire.es 
O1 - Hosts: 217.148.72.211 caixabank.es 
O1 - Hosts: 178.60.206.69 bancopopular.es 
O1 - Hosts: 193.41.234.29 ing.es 
O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll 
O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll 
O2-32 - HKLM\..\BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll (file missing) 
O2-32 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll 
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll 
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll 
O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
 O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll 
O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll 
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe 
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] = C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe 
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR 
O4 - HKCU\..\Run: [HP PageWide Pro 477dw MFP (NET)] = C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\ScanToPCActivationApp.exe -scfn "HP PageWide Pro 477dw MFP (NET)" -AutoStart 1 
O4 - HKCU\..\Run: [d07e1e1f] = C:\ProgramData\Intel\Wireless\604d720\acebbia.exe C:\ProgramData\Intel\Wireless\604d720\2322afc.au3
 O4 - HKLM\..\Run: [AVGUI.exe] = C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe /gui 
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe 
O4 - HKLM\..\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe 
O4 - HKLM\..\Session Manager: [BootExecute] = C:\Windows\system32\sdnclean64.exe 
O4 - HKU\.DEFAULT\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 
O4 - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019100446872\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'unknown: S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019100446872') 
O4 - HKU\S-1-5-21-3334638056-1916943267-3411405140-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019100505945\..\Run: [Adobe Acrobat Synchronizer] = C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe (User 'unknown: S-1-5-21-3334638056-1916943267-3411405140-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019100505945') 
O4 - HKU\S-1-5-21-3334638056-1916943267-3411405140-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019100505945\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (User 'unknown: S-1-5-21-3334638056-1916943267-3411405140-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019100505945') 
O4 - HKU\S-1-5-21-3334638056-1916943267-3411405140-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019100505945\..\Run: [HP PageWide Pro 477dw MFP (NET)] = C:\Program Files\HP\HP PageWide Pro 477dw MFP\Bin\ScanToPCActivationApp.exe -scfn "HP PageWide Pro 477dw MFP (NET)" -AutoStart 1 (User 'unknown: S-1-5-21-3334638056-1916943267-3411405140-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019100505945') 
O4 - HKU\S-1-5-21-3334638056-1916943267-3411405140-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019100505945\..\Run: [d07e1e1f] = C:\ProgramData\Intel\Wireless\604d720\acebbia.exe C:\ProgramData\Intel\Wireless\604d720\2322afc.au3 (User 'unknown: S-1-5-21-3334638056-1916943267-3411405140-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019100505945') 
O4 - MSConfig\startupreg: Acrobat Assistant 8.0 [command] = C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (HKLM) (2015/01/09)
 O4 - MSConfig\startupreg: AdobeAAMUpdater-1.0 [command] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (HKLM) (2015/01/09) 
O4 - MSConfig\startupreg: CCleaner Monitoring [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2015/01/09) 
O4-32 - HKLM\..\Run: [Acrobat Assistant 8.0] = C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe 
O4-32 - HKLM\..\Run: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup 
O4-32 - HKLM\..\Run: [HP Software Update] = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 
O4-32 - HKLM\..\Run: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe 
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 
O4-32 - HKLM\..\Run: [vProt] = C:\Program Files (x86)\AVG Web TuneUp\vprot.exe (file missing) 
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll 
O15 - Trusted Zone: https://agenciatributaria.gob.es O15 - Trusted Zone: https://amazon.es 
O15 - Trusted Zone: https://fnmt.es 
O15 - Trusted Zone: https://fnmt.gob.es 
O15 - Trusted Zone: https://jcyl.es 
O15 - Trusted Zone: https://sede.seg-social.gob.es 
O15 - Trusted Zone: https://servicios3.jcyl.es 
O15 - Trusted Zone: https://w6.seg-social.es 
O15 - Trusted Zone: https://www.catastro.meh.es
O15 - Trusted Zone: https://www1.agenciatributaria.gob.es 
O16-32 - DPF: HKLM\..\{2DAB6EF1-66C3-427C-87CD-8DC448C47EAE}\DownloadInformation: (no name)  https://www5.aeat.es/es13/h/tgvicab.cab
O16-32 - DPF: HKLM\..\{947B00D2-962D-4A35-9E48-98EE6A442B41}\DownloadInformation: (no name) https://www1.agenciatributaria.gob.es/ADUA/internet/aded1503.cab 
O16-32 - DPF: HKLM\..\{B178DBD1-25DF-4187-9BE0-05D123B91B98}\DownloadInformation: WSCryptoSystem Class https://servicios4.jcyl.es/websigner/cab/WebSigner2.cab 
O16-32 - DPF: HKLM\..\{B785FA3C-1DE9-4D20-8396-613C486FE95E}\DownloadInformation: (no name) = https://www1.agenciatributaria.gob.es/es13/h/cactivex.cab 
O17 - DHCP DNS 1: 80.58.0.33 
O17 - DHCP DNS 2: 80.58.32.97 O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll 
O22 - Task (.job): (disabled) (Ready) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c O22 - Task (.job): (disabled) (Ready) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler 
O22 - Task (.job): AdwCleaner_onReboot.job - C:\Users\ALMUDENA\Desktop\adwcleaner_8.0.0.exe /r O23 - Service R2: AVG Antivirus - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe 
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service R2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe 
O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe 
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 
O23 - Service R2: DbxSvc - C:\Windows\system32\DbxSvc.exe 
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service R2: Intel(R) Management and Security Application Local ManagementService - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 
O23 - Service R2: JetAdvice Data Collector Service - C:\Program Files (x86)\JetAdvice\Data Collector\DataCollectorService.exe 
O23 - Service R2: Macrium Reflect Image Mounting Service - (ReflectService.exe) - C:\Program Files\Macrium\Reflect\ReflectService.exe 
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe 
O23 - Service R2: Servicio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe 
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 
O23 - Service R3: Servicio del iPod - (iPod Service) - C:\Program Files\iPod\bin\iPodService.exe 
O23 - Service R3: avgbIDSAgent - C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe 
O23 - Service S2: Servicio Actualización de Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc 
O23 - Service S2: Servicio de Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc 
O23 - Service S2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\elevation_service.exe 
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe 
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 
O23 - Service S3: Remote Packet Capture Protocol v.0 (experimental) - (rpcapd) - C:\Program Files (x86)\WinPcap\rpcapd.exe -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini" 
O23 - Service S3: Servicio Actualización de Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc 
O23 - Service S3: Servicio de Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc -- End of file - Time spent: 276,5 sec. - 39674 bytes, CRC32: FFFFFFFF. Sign: ⮍
 

jbex

El que peca y reza empata
Administrador
Estas entradas las añadiste tu?
O1 - Hosts: 93.93.112.70 Imanaire.es
O1 - Hosts: mail.imanaire.es
O1 - Hosts: 217.148.72.211 caixabank.es
O1 - Hosts: 178.60.206.69 bancopopular.es
O1 - Hosts: 193.41.234.29 ing.es
En caso afirmativo pues nada, en caso negativo, las eliminamos, ejecutas marcas y le das a eliminar.
Marca y elimina estas entradas:
Insertar CODE, HTML o PHP:
O4 - HKLM\..\Session Manager: [BootExecute] = C:\Windows\system32\sdnclean64.exe
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1B7A2AD1-E69A-430E-BE18-608092834280}: = https://es.search.yahoo.com/search?p={searchTerms}&intl=es&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle - Yahoo Search
Un saludo
 

piltriqui

Nuevo Miembro
Miembro
Sí. Las añadí yo.
Eliminadas las entradas.
Qué me puedes decir de un ejecutable notepad.exe??
Se arranca solo. ¿Hay manera de eliminarlo? Porque suena a virus.
 

jbex

El que peca y reza empata
Administrador
notepad.exe es el ejecutable del bloc de notas y es legitimo.
Microsoft Safety Scanner es una herramienta de análisis diseñada para buscar y quitar malware de equipos con Windows.
Descargar Microsoft Safety Scanner (64 bits)
Descarga esta herramienta y ábrela.
Selecciona el tipo de análisis que deseas ejecutar e inicia el análisis.
Revisa los resultados del análisis mostrados en pantalla. Para obtener resultados de detección detallados, ve al registro en %systemroot%\debug\msert.log.
Para quitar esta herramienta, elimina el archivo ejecutable (msert. exe de forma predeterminada).
 

jbex

El que peca y reza empata
Administrador
Se me paso comentarte que no veo entrada lanzamiento de Notepad.exe al inicio de Windows, por si acaso envía todos los ejecutables de cada una de las carpetas te señalo en negrita a analizar a Virustotal https://www.virustotal.com/gui/home/upload
C:\Windows\notepad.exe
C:\Windows\SysWOW64\notepad.exe
C:\Windows\System32\notepad.exe
 

piltriqui

Nuevo Miembro
Miembro
Muchas gracias de antemano por toda la ayuda.
He pasado en Microsoft Safety Scanner y nada.
He enviado los ejecutables de notepad.exe y tampoco sale nada, pero el tema es que se arranca solo. Es más, lo cierro a través del Administrador de Tareas pero vuelve a estar ejecutándose al cabo de un tiempo.
 

jbex

El que peca y reza empata
Administrador
La verdad es que es extraño, revisa si esta en el inicio Windows y si lo estuviera deshabilita su arranque.
Un saludo
 

piltriqui

Nuevo Miembro
Miembro
No está en el inicio: ;-(
Bueno, parece que el ordenador va mejor. Muchísimas gracias por todo. Podéis cerrar el hilo.
 

jbex

El que peca y reza empata
Administrador
Una ultima recomendación si me lo permites, crea un nuevo usuario y mira si aun persiste el problema en el nuevo perfil.
En caso te vaya todo bien traslada documentos al nuevo perfil y elimina antiguo.
Un saludo
 
Arriba Pie