Cada reporte en 2 páginas.
Gracias
Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :
-
Para hacerlo descarga Delfix en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
En el equipo con los demas programas cerrados:
Inicio >>> Ejecutar >>>Escribes notepad.exe.
Ahora copia y pega estos archivos dentro del Notepad:
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-75123176-3579032652-732502155-1000\...\MountPoints2: {09f80a3b-ccad-11e8-9dc9-94de809cc76f} - "I:\setup.exe"
HKU\S-1-5-21-75123176-3579032652-732502155-1000\...\MountPoints2: {f834082a-431b-11e5-aa6c-94de809cc76f} - "J:\setup.exe"
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-75123176-3579032652-732502155-1000 -> {ADE6B23D-230D-4506-8144-7760124FDD10} URL =
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
CHR HKU\S-1-5-21-75123176-3579032652-732502155-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
S3 --; C:\Users\PC\AppData\Local\Temp\6838203\ic-0.526940dde2ef64.exe /wl 1 [X] <==== ATTENTION
C:\Users\PC\AppData\Local\Temp\6838203
U4 aspnet_state; no ImagePath
S1 SRepairDrv; \??\C:\WINDOWS\GJFix\SRepairDrv [X]
2018-12-01 11:18 - 2018-12-03 18:55 - 000000000 ____D C:\Users\PC\AppData\Roaming\jcecn
2018-09-27 17:39 - 2018-09-27 17:39 - 000000000 _____ () C:\Users\PC\AppData\Local\oobelibMkey.log
2016-03-05 07:47 - 2016-03-05 07:47 - 000041472 _____ () C:\Users\PC\AppData\Local\Saodom.dat
2016-03-05 07:47 - 2016-03-05 07:47 - 000000187 _____ () C:\Users\PC\AppData\Local\Saodom.exe.config
2018-12-02 16:54 - 2018-04-12 00:35 - 000607840 _____ (Microsoft Corporation) C:\Users\PC\AppData\Local\Temp\kernel32.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {06D66318-3289-4794-8541-3AAF4671B4F8} - no filepath
Task: {2AA774CA-DE0B-4909-A21D-A2AF67DC5E6A} - no filepath
Task: {2EE6DF3B-5402-44A2-A595-DB8FDDA2A8F4} - no filepath
Task: {3CF7C428-829E-4463-B314-A4FFDDE4A28E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4F6CE7F9-5E12-4C5A-A893-2CA16C398A6B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {521BA3EA-1B10-4922-A6A2-854A50417077} - no filepath
Task: {64FA3BFF-EF5F-4C47-B9F7-59AC03293324} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {655E5004-039B-4611-815F-124669AB4005} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6813EC10-AE10-49B0-A0D3-3AE329B779FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {744CDBCF-9D84-4A38-B750-116E4C247FE9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8AFFA6A3-C9F5-43D0-BC1F-1AFE74D7EEF1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8C6CBB51-1AB9-4F76-B934-0D1C5EA1EF2F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8F53CE92-2B4C-4605-B178-6D6AB6248EDE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A0F4C4B0-A789-4CFF-9A84-69F82A9D3C85} - no filepath
Task: {AA311D30-0A30-42D1-AF43-48F3C1150106} - no filepath
Task: {D4121542-3AA6-410A-AA1E-B5857725E51B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DF4DDCB1-E333-4785-B784-39C34990AE35} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EAA35BBB-AB35-4709-8E8E-AE3BE85BB400} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {FEDA4702-4238-4BAE-84E0-6E0730BE1F5F} - no filepath
ShortcutWithArgument: C:\Users\PC\Desktop\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\PC\Desktop\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
ShortcutWithArgument: C:\Users\PC\Desktop\YouTube (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=blpcfgokakmgnkcojhhkbfbldkacnbeo
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\quiero poner el icono de gmail en el .._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ijiheagmnahbjiokinlcclhcpfodegpb
AlternateDataStreams: C:\ProgramData\PACE:92EF415E47B2EEEA [217]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
AlternateDataStreams: C:\Users\PC\Configuración local:BJzP9hLc0KVv1nPhoOs3ljrMd [2562]
AlternateDataStreams: C:\Users\PC\AppData\Local:BJzP9hLc0KVv1nPhoOs3ljrMd [2562]
AlternateDataStreams: C:\Users\PC\AppData\Local\Datos de programa:BJzP9hLc0KVv1nPhoOs3ljrMd [2562]
AlternateDataStreams: C:\Users\PC\AppData\Local\Temp:3w2Q227EP525EtGmZA [2448]
AlternateDataStreams: C:\Users\PC\AppData\Local\Temp:7Td97mwhPln9wgZuD3Jg3 [2526]
AlternateDataStreams: C:\Users\PC\Documents\Adobe_Audition.jpg:SummaryInformation [0]
AlternateDataStreams: C:\Users\PC\Documents\Adobe_Audition.jpg:Updt_SummaryInformation [151]
AlternateDataStreams: C:\Users\PC\Documents\Adobe_Audition.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\PC\Documents\manolo-lina.jpg:SummaryInformation [0]
AlternateDataStreams: C:\Users\PC\Documents\manolo-lina.jpg:Updt_SummaryInformation [151]
AlternateDataStreams: C:\Users\PC\Documents\manolo-lina.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<
Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
-
Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)
-
Ejecutas Frst.exe.
-
Presionas el botón Fix y aguardas a que termine.
-
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
Lo pegas en tu próxima respuesta, comentado como va el problema
Hola
Entiendo por lo que he leído, que el fabar lo que tiene que hacer es interactuar con el archivo de texto del notepad que debo crear. Por eso debe estar en el escritorio, que es también donde fabar está descargado. Y al hacer fix, hará que se ejecuten las órdenes del notepad? Son suposiciones, que conste. Pero me gusta conocer un poco el por qué de las acciones en general. Además también se aprende así.
Tal cual lo dices,
Y tengo una pregunta. No sirve iniciar windows en modo seguro haciendo los pasos de siempre que ya incluye windows 10?
eso puedes hacerlo como quieras, yo solo pongo unos pasos, que a cualquier persona, sin conocimientos, le pueda resultar mas fácil…puedes entrar como quieras o te resulte mejor
Ok. Quería salir de la duda, por si los métodos que indicas tenían algún efecto concreto. Pues cuando llegue a casa por la tarde me pondré al lío. A ver si echamos al intruso
Muchas gracias
Una vez realizado el proceso y reiniciado el pc, me pegas el log y todos los problemas habrán desaparecido…
Jajaja… Vaya!! Qué inyección de ánimo!! Se agradece mucho. Y oye, si no se soluciona, pues despacito y buena letra
Se soluciona, fijo y ademas el pc ,veras que va a responder como hace tiempo que no lo hacia…
Eso si, te recomendado después quitar Spybot, que ademas de no servir para nada, te va a consumir recursos innecesarios…
Ojalá. Las libreríasde sonidos que uso para la música, cuesta moverlas una barbaridad incluso con el pc en estado óptimo. Con este puñetero virus, ni te cuento lo difícil que era mantener un poco de calma. Es horrible
Gracias por tu ánimo y seguridad. Esta tarde hablamos de nuevo
Antes que se me olvide. Supongo que entro en modo seguro sin funciones de red, no? Ya sé que es de cajón. Pero por si acaso pregunto
Daria igual , con red o no, pero en este caso, mejor todavía sin red, si
De acuerdo.
Gracias una vez más
Hola
Pues dicho y hecho. Tenías razón en estar tan seguro. De momento no ha aparecido el dichoso jcecn.exe. Imagino que tendremos que esperar 24-48 horas por si las moscas. Así que si te parece, espero hasta mañana y doy el tema por solucionado.
Muchas gracias por tu tiempo y rapidez contestando. Estuve hace bastantes años registrados en vuestra web, y veo que seguís con la misma profesionalidad y seriedad de entonces. Y gracias a tí en concreto. Qué tranquilidad da saber que uno está en buenas manos.
Pego el reporte
Fix result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by PC (04-12-2018 18:58:42) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Safe Mode (minimal)
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-75123176-3579032652-732502155-1000\...\MountPoints2: {09f80a3b-ccad-11e8-9dc9-94de809cc76f} - "I:\setup.exe"
HKU\S-1-5-21-75123176-3579032652-732502155-1000\...\MountPoints2: {f834082a-431b-11e5-aa6c-94de809cc76f} - "J:\setup.exe"
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-75123176-3579032652-732502155-1000 -> {ADE6B23D-230D-4506-8144-7760124FDD10} URL =
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
CHR HKU\S-1-5-21-75123176-3579032652-732502155-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
S3 --; C:\Users\PC\AppData\Local\Temp\6838203\ic-0.526940dde2ef64.exe /wl 1 [X] <==== ATTENTION
C:\Users\PC\AppData\Local\Temp\6838203
U4 aspnet_state; no ImagePath
S1 SRepairDrv; \??\C:\WINDOWS\GJFix\SRepairDrv [X]
2018-12-01 11:18 - 2018-12-03 18:55 - 000000000 ____D C:\Users\PC\AppData\Roaming\jcecn
2018-09-27 17:39 - 2018-09-27 17:39 - 000000000 _____ () C:\Users\PC\AppData\Local\oobelibMkey.log
2016-03-05 07:47 - 2016-03-05 07:47 - 000041472 _____ () C:\Users\PC\AppData\Local\Saodom.dat
2016-03-05 07:47 - 2016-03-05 07:47 - 000000187 _____ () C:\Users\PC\AppData\Local\Saodom.exe.config
2018-12-02 16:54 - 2018-04-12 00:35 - 000607840 _____ (Microsoft Corporation) C:\Users\PC\AppData\Local\Temp\kernel32.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {06D66318-3289-4794-8541-3AAF4671B4F8} - no filepath
Task: {2AA774CA-DE0B-4909-A21D-A2AF67DC5E6A} - no filepath
Task: {2EE6DF3B-5402-44A2-A595-DB8FDDA2A8F4} - no filepath
Task: {3CF7C428-829E-4463-B314-A4FFDDE4A28E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4F6CE7F9-5E12-4C5A-A893-2CA16C398A6B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {521BA3EA-1B10-4922-A6A2-854A50417077} - no filepath
Task: {64FA3BFF-EF5F-4C47-B9F7-59AC03293324} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {655E5004-039B-4611-815F-124669AB4005} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6813EC10-AE10-49B0-A0D3-3AE329B779FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {744CDBCF-9D84-4A38-B750-116E4C247FE9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8AFFA6A3-C9F5-43D0-BC1F-1AFE74D7EEF1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8C6CBB51-1AB9-4F76-B934-0D1C5EA1EF2F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8F53CE92-2B4C-4605-B178-6D6AB6248EDE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A0F4C4B0-A789-4CFF-9A84-69F82A9D3C85} - no filepath
Task: {AA311D30-0A30-42D1-AF43-48F3C1150106} - no filepath
Task: {D4121542-3AA6-410A-AA1E-B5857725E51B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DF4DDCB1-E333-4785-B784-39C34990AE35} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EAA35BBB-AB35-4709-8E8E-AE3BE85BB400} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {FEDA4702-4238-4BAE-84E0-6E0730BE1F5F} - no filepath
ShortcutWithArgument: C:\Users\PC\Desktop\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\PC\Desktop\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
ShortcutWithArgument: C:\Users\PC\Desktop\YouTube (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=blpcfgokakmgnkcojhhkbfbldkacnbeo
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\quiero poner el icono de gmail en el .._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ijiheagmnahbjiokinlcclhcpfodegpb
AlternateDataStreams: C:\ProgramData\PACE:92EF415E47B2EEEA [217]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
AlternateDataStreams: C:\Users\PC\Configuraci�n local:BJzP9hLc0KVv1nPhoOs3ljrMd [2562]
AlternateDataStreams: C:\Users\PC\AppData\Local:BJzP9hLc0KVv1nPhoOs3ljrMd [2562]
AlternateDataStreams: C:\Users\PC\AppData\Local\Datos de programa:BJzP9hLc0KVv1nPhoOs3ljrMd [2562]
AlternateDataStreams: C:\Users\PC\AppData\Local\Temp:3w2Q227EP525EtGmZA [2448]
AlternateDataStreams: C:\Users\PC\AppData\Local\Temp:7Td97mwhPln9wgZuD3Jg3 [2526]
AlternateDataStreams: C:\Users\PC\Documents\Adobe_Audition.jpg:SummaryInformation [0]
AlternateDataStreams: C:\Users\PC\Documents\Adobe_Audition.jpg:Updt_SummaryInformation [151]
AlternateDataStreams: C:\Users\PC\Documents\Adobe_Audition.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\PC\Documents\manolo-lina.jpg:SummaryInformation [0]
AlternateDataStreams: C:\Users\PC\Documents\manolo-lina.jpg:Updt_SummaryInformation [151]
AlternateDataStreams: C:\Users\PC\Documents\manolo-lina.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKU\S-1-5-21-75123176-3579032652-732502155-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{09f80a3b-ccad-11e8-9dc9-94de809cc76f} => removed successfully
HKLM\Software\Classes\CLSID\{09f80a3b-ccad-11e8-9dc9-94de809cc76f} => not found
HKU\S-1-5-21-75123176-3579032652-732502155-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f834082a-431b-11e5-aa6c-94de809cc76f} => removed successfully
HKLM\Software\Classes\CLSID\{f834082a-431b-11e5-aa6c-94de809cc76f} => not found
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
"C:\Windows\system32\GroupPolicy\Machine" => not found
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-75123176-3579032652-732502155-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ADE6B23D-230D-4506-8144-7760124FDD10} => removed successfully
HKLM\Software\Classes\CLSID\{ADE6B23D-230D-4506-8144-7760124FDD10} => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4 => removed successfully
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6 => removed successfully
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
HKU\S-1-5-21-75123176-3579032652-732502155-1000\SOFTWARE\Google\Chrome\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\System\CurrentControlSet\Services\-- => removed successfully
-- => service removed successfully
"C:\Users\PC\AppData\Local\Temp\6838203" => not found
HKLM\System\CurrentControlSet\Services\aspnet_state => removed successfully
aspnet_state => service removed successfully
HKLM\System\CurrentControlSet\Services\SRepairDrv => removed successfully
SRepairDrv => service removed successfully
C:\Users\PC\AppData\Roaming\jcecn => moved successfully
C:\Users\PC\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\PC\AppData\Local\Saodom.dat => moved successfully
C:\Users\PC\AppData\Local\Saodom.exe.config => moved successfully
C:\Users\PC\AppData\Local\Temp\kernel32.dll => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{06D66318-3289-4794-8541-3AAF4671B4F8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06D66318-3289-4794-8541-3AAF4671B4F8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AA774CA-DE0B-4909-A21D-A2AF67DC5E6A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AA774CA-DE0B-4909-A21D-A2AF67DC5E6A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2EE6DF3B-5402-44A2-A595-DB8FDDA2A8F4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EE6DF3B-5402-44A2-A595-DB8FDDA2A8F4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CF7C428-829E-4463-B314-A4FFDDE4A28E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CF7C428-829E-4463-B314-A4FFDDE4A28E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F6CE7F9-5E12-4C5A-A893-2CA16C398A6B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F6CE7F9-5E12-4C5A-A893-2CA16C398A6B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{521BA3EA-1B10-4922-A6A2-854A50417077}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{521BA3EA-1B10-4922-A6A2-854A50417077}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64FA3BFF-EF5F-4C47-B9F7-59AC03293324}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64FA3BFF-EF5F-4C47-B9F7-59AC03293324}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{655E5004-039B-4611-815F-124669AB4005}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{655E5004-039B-4611-815F-124669AB4005}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6813EC10-AE10-49B0-A0D3-3AE329B779FE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6813EC10-AE10-49B0-A0D3-3AE329B779FE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{744CDBCF-9D84-4A38-B750-116E4C247FE9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{744CDBCF-9D84-4A38-B750-116E4C247FE9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AFFA6A3-C9F5-43D0-BC1F-1AFE74D7EEF1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AFFA6A3-C9F5-43D0-BC1F-1AFE74D7EEF1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8C6CBB51-1AB9-4F76-B934-0D1C5EA1EF2F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C6CBB51-1AB9-4F76-B934-0D1C5EA1EF2F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F53CE92-2B4C-4605-B178-6D6AB6248EDE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F53CE92-2B4C-4605-B178-6D6AB6248EDE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0F4C4B0-A789-4CFF-9A84-69F82A9D3C85}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0F4C4B0-A789-4CFF-9A84-69F82A9D3C85}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA311D30-0A30-42D1-AF43-48F3C1150106}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA311D30-0A30-42D1-AF43-48F3C1150106}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4121542-3AA6-410A-AA1E-B5857725E51B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4121542-3AA6-410A-AA1E-B5857725E51B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF4DDCB1-E333-4785-B784-39C34990AE35}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF4DDCB1-E333-4785-B784-39C34990AE35}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EAA35BBB-AB35-4709-8E8E-AE3BE85BB400}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAA35BBB-AB35-4709-8E8E-AE3BE85BB400}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEDA4702-4238-4BAE-84E0-6E0730BE1F5F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEDA4702-4238-4BAE-84E0-6E0730BE1F5F}" => removed successfully
C:\Users\PC\Desktop\chrome.lnk => Shortcut argument removed successfully
C:\Users\PC\Desktop\Gmail.lnk => Shortcut argument removed successfully
C:\Users\PC\Desktop\YouTube (1).lnk => Shortcut argument removed successfully
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk => Shortcut argument removed successfully
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio remoto de Chrome.lnk => Shortcut argument removed successfully
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Gmail.lnk => Shortcut argument removed successfully
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\quiero poner el icono de gmail en el .._.lnk => Shortcut argument removed successfully
C:\ProgramData\PACE => ":92EF415E47B2EEEA" ADS removed successfully
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully
"C:\Users\PC\Configuraci�n local" => ":BJzP9hLc0KVv1nPhoOs3ljrMd" ADS not found.
C:\Users\PC\AppData\Local => ":BJzP9hLc0KVv1nPhoOs3ljrMd" ADS removed successfully
"C:\Users\PC\AppData\Local\Datos de programa" => ":BJzP9hLc0KVv1nPhoOs3ljrMd" ADS not found.
C:\Users\PC\AppData\Local\Temp => ":3w2Q227EP525EtGmZA" ADS removed successfully
C:\Users\PC\AppData\Local\Temp => ":7Td97mwhPln9wgZuD3Jg3" ADS removed successfully
C:\Users\PC\Documents\Adobe_Audition.jpg => ":SummaryInformation" ADS could not remove.
C:\Users\PC\Documents\Adobe_Audition.jpg => ":Updt_SummaryInformation" ADS could not remove.
C:\Users\PC\Documents\Adobe_Audition.jpg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\PC\Documents\manolo-lina.jpg => ":SummaryInformation" ADS could not remove.
C:\Users\PC\Documents\manolo-lina.jpg => ":Updt_SummaryInformation" ADS could not remove.
C:\Users\PC\Documents\manolo-lina.jpg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-75123176-3579032652-732502155-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-75123176-3579032652-732502155-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores
========= End of CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh int ipv4 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
========= netsh int ipv6 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 238761345 B
Java, Flash, Steam htmlcache => 1482 B
Windows/system/drivers => 6328327 B
Edge => 263628 B
Chrome => 717271252 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 35101 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 37851 B
LocalService => 0 B
NetworkService => 35101 B
NetworkService => 0 B
PC => 25569128 B
RecycleBin => 0 B
EmptyTemp: => 951.3 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:59:56 ====Para eliminar las herramientas usadas en la desinfección, realizas:
-
Descargas y Ejecutas >> Delfix, en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)
-
Marca solamente la casilla Remove disinfection tools
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.
Compruebas el pc y comentas si esta solucionado (reiniciarlo una o dos veces mas)
Ok. Así lo haré. Mañana te informo de cómo ha ido todo
Un saludo
Hola
Después de varios reinicios y haber quitado los programas de escaneo, creo que ya podemos dar por solucionado este tema. Imagino que le tengo que dar al botón correspondiente. O no sé si eres tú el que debe darlo por finalizado
De nuevo muchas gracias por tu tiempo y la gran labor de la web
Un saludo
Me alegro de haberte podido ayudar! 
TEMA SOLUCIONADO