Pc algo lento desde hace unos dias, que puede ser?

M

Martzius

Miembro
Miembro
Buenos dias, de antemano agradecer su trabajo. El pc me va algo lento desde hace unos dias, me pueden echar una mano?

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Código: 
Platform:  x64 Windows 7 (Ultimate), 6.1.7601.24519, Service Pack: 1

Time:      27.09.2019 - 11:14 (UTC+02:00)

Language:  OS: English (0x409). Display: Spanish (0xC0A). Non-Unicode: Spanish (0xC0A)

Elevated:  Yes

Ran by:    Marcos    (group: Administrator) on MARCOS-PC, FirstRun: yes


Opera:   63.0.3368.94

Chrome:  77.0.3865.90

Firefox: 66.0.3.7038

Internet Explorer: 11.0.9600.19463

Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)


Boot mode: Normal


Running processes:

Number | Path

   1  C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe

   1  C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

   1  C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe

   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

   1  C:\Program Files (x86)\Common Files\Overwolf\0.135.0.24\OverwolfHelper.exe

   1  C:\Program Files (x86)\Common Files\Overwolf\0.135.0.24\OverwolfHelper64.exe

   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe

  17  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

   4  C:\Program Files (x86)\Overwolf\0.135.0.24\OverwolfBrowser.exe

   1  C:\Program Files (x86)\Overwolf\Overwolf.exe

   1  C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe

   1  C:\Program Files (x86)\Steam\Steam.exe

   5  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

   1  C:\Program Files\Microsoft Security Client\MsMpEng.exe

   1  C:\Program Files\Microsoft Security Client\NisSrv.exe

   1  C:\Program Files\Microsoft Security Client\msseces.exe

   2  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe

   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe

   1  C:\Program Files\Windows Media Player\wmpnetwk.exe

   1  C:\Users\Marcos\AppData\Local\FluxSoftware\Flux\flux.exe

   1  C:\Users\Marcos\Downloads\HiJackThis.exe

   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

   1  C:\Windows\System32\SearchFilterHost.exe

   1  C:\Windows\System32\SearchIndexer.exe

   1  C:\Windows\System32\SearchProtocolHost.exe

   1  C:\Windows\System32\audiodg.exe

   1  C:\Windows\System32\conhost.exe

   2  C:\Windows\System32\csrss.exe

   1  C:\Windows\System32\dwm.exe

   1  C:\Windows\System32\igfxCUIService.exe

   1  C:\Windows\System32\igfxEM.exe

   1  C:\Windows\System32\lsass.exe

   1  C:\Windows\System32\lsm.exe

   1  C:\Windows\System32\rundll32.exe

   1  C:\Windows\System32\services.exe

   1  C:\Windows\System32\smss.exe

   1  C:\Windows\System32\spoolsv.exe

  13  C:\Windows\System32\svchost.exe

   1  C:\Windows\System32\taskhost.exe

   2  C:\Windows\System32\wbem\WmiPrvSE.exe

   1  C:\Windows\System32\wininit.exe

   1  C:\Windows\System32\winlogon.exe

   1  C:\Windows\explorer.exe


O4 - HKCU\..\Run: [Discord] = C:\Users\Marcos\AppData\Local\Discord\app-0.0.301\Discord.exe  (file missing)

O4 - HKCU\..\Run: [Overwolf] = C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent

O4 - HKCU\..\Run: [Simple Sticky Notes] = C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe

O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent

O4 - HKCU\..\Run: [f.lux] = C:\Users\Marcos\AppData\Local\FluxSoftware\Flux\flux.exe /noshow

O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] = C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Marcos\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"

O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] = C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Marcos\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"

O4 - HKCU\..\RunOnce: [Uninstall 19.152.0801.0008\amd64] = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marcos\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64"

O4 - HKCU\..\RunOnce: [Uninstall 19.152.0801.0008] = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marcos\AppData\Local\Microsoft\OneDrive\19.152.0801.0008"

O4 - HKLM\..\Run: [MSC] = c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey

O4 - MSConfig\startupreg: AceStream [command] = C:\Users\Marcos\AppData\Roaming\ACEStream\engine\ace_engine.exe (HKCU) (2019/01/10) (file missing)

O4 - MSConfig\startupreg: Avira SystrayStartTrigger [command] = C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe (HKLM) (2019/08/22)

O4 - MSConfig\startupreg: FACEIT [command] = C:\Users\Marcos\AppData\Local\FACEITApp\update.exe --processStart "FACEIT.exe" (HKCU) (2019/08/22)

O4 - MSConfig\startupreg: GrooveMonitor [command] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (HKLM) (2019/05/19)

O4 - MSConfig\startupreg: HP OfficeJet 4650 series (NET) [command] = C:\Program Files\HP\HP OfficeJet 4650 series\Bin\ScanToPCActivationApp.exe -deviceID "TH66U490KY0662:NW" -scfn "HP OfficeJet 4650 series (NET)" -AutoStart 1 (HKCU) (2019/02/16) (file missing)

O4 - MSConfig\startupreg: Spotify [command] = C:\Users\Marcos\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (HKCU) (2019/01/06)

O4 - MSConfig\startupreg: com.blitz.app [command] = C:\Users\Marcos\AppData\Local\Blitz\Update.exe --processStart "Blitz.exe" --process-start-args "--hidden" (HKCU) (2019/08/22)

O4 - MSConfig\startupreg: uTorrent [command] = C:\Users\Marcos\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (HKCU) (2019/01/06)

O4-32 - HKLM\..\Run: [Avira SystrayStartTrigger] = C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe

O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)

O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)

O17 - DHCP DNS 1: 192.168.0.1

O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)

O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)

O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service R2: Avira Phantom VPN - (AviraPhantomVPN) - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe

O23 - Service R2: Avira Service Host - (Avira.ServiceHost) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe

O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll

O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe

O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"

O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService

O23 - Service S2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

O23 - Service S2: Servicio de Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc

O23 - Service S3: FACEITService - C:/Program Files/FACEIT AC/FACEITService.exe

O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe

O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe

O23 - Service S3: Microsoft Office Diagnostics Service - (odserv) - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

O23 - Service S3: Microsoft Office Groove Audit Service - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"

O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom SCM

O23 - Service S3: Servicio de Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc

22878 bytes, CRC32: FFFFFFFF. Sign: �坚

--
End of file - Time spent: 15 sec. -[/CODE][/SPOILER]
 
Última edición por un moderador:
Kbite

Kbite

Aprender y compartir
Administrador
Hola Martzius.

En el log no se aprecia nada fuera de lo normal, pero deberías hacer una limpieza a fondo del sistema para ver si algo se detecta y se elimina, sigue estos pasos y nos dejas en tu respuesta los informes que se solicitan para su análisis: Limpieza de spyware

No será necesario el log de HijackThis pues ya lo tenemos disponible.

Saludos, Kbite
 
jbex

jbex

El que peca y reza empata
Administrador
A lo comentado por Kbite añadirte que las entradas O4 son todo lo que inicia con Windows y se queda en segundo plano.
Podrías limpiar todo aquello que no necesites, para que no este activo y consumiendo recursos.
Un saludo
 
Debes iniciar sesión o registrarte para responder aquí.
Arriba Pie