Hola @Mercedes_Rasemer
1.- Desinstala con Revo Uninstaller en su Modo Avanzado:
- UnHackMe software y Partizan antirootkit or Partizan
2.- Ejecutaste FRST desde un ligar incorrecto:
- Running from C:\Users\MERCE\Downloads
Corta el ejecutable y pegalo en tu escritorio <<< Esto es Muy Importante.
3.- Luego sigue estos pasos:
Muy Importante >>> Realizar una copia de Seguridad de su Registro.
- Descarga DelFix en el escritorio de Windows.
- Clic Derecho, “Ejecutar como Administrador”.
- En la ventana principal, marca solamente la casilla “Create Registry Backup”.
- Clic en Run.
Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…
4.- Desactiva Temporalmente tu antivirus.
5.- Abre un nuevo archivo Notepad y copia y pega este contenido:
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1436006365-1081912264-1087991425-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2616320 2010-11-20] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {04B64741-6D6F-40DD-8B1F-F1751080055D} - \WPD\SqmUpload_S-1-5-21-1436006365-1081912264-1087991425-1000 -> No File <==== ATTENTION
Task: {05EE699F-AB25-42D8-8781-558C5D1D2FAD} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION
Task: {0D9B5D92-3A22-486D-A887-3AA21597CF27} - \Microsoft\Windows\Time Synchronization\SynchronizeTime -> No File <==== ATTENTION
Task: {0E12083C-0335-49DB-9542-BA1EC6D83ECC} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION
Task: {18E6D428-D26C-4169-BEDF-3B5BDDC952F6} - \Microsoft\Windows\Application Experience\ProgramDataUpdater -> No File <==== ATTENTION
Task: {1EC9510D-A439-4950-9399-B6399EDF9EA7} - \Microsoft\Windows\Autochk\Proxy -> No File <==== ATTENTION
Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {5C2C622F-70E9-4194-A7DA-033E827365AD} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange -> No File <==== ATTENTION
Task: {60158C7A-6808-42CD-95EE-AFD9A57925DB} - \Microsoft\Windows\AppID\PolicyConverter -> No File <==== ATTENTION
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {6B7AC694-8D6D-481B-9DD8-2A3A741ADA6D} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem -> No File <==== ATTENTION
Task: {9334C323-F100-4656-9BA0-E4AA69C0F9C2} - \Microsoft\Windows\SystemRestore\SR -> No File <==== ATTENTION
Task: {A6394592-54CE-4E93-8D64-1A068F462632} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator -> No File <==== ATTENTION
Task: {B9BEE219-C29E-4310-819C-147A5A0E045E} - \Microsoft\Windows\Defrag\ScheduledDefrag -> No File <==== ATTENTION
Task: {C7058C41-7F20-4885-A47A-CF1E50E2E54A} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver -> No File <==== ATTENTION
Task: {C90440A0-6D8F-423F-8F42-83EEF05CE708} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck -> No File <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - \Microsoft\Windows\UPnP\UPnPHostConfig -> No File <==== ATTENTION
Task: {DE8699D2-8A05-42F7-8A85-5162AF47D26A} - \Microsoft\Windows\Windows Error Reporting\QueueReporting -> No File <==== ATTENTION
Task: {E8164C0D-216C-4B6B-9EB8-31BF958B8014} - \Microsoft\Windows\NetTrace\GatherNetworkInfo -> No File <==== ATTENTION
Task: {EE6C5CD7-55D6-482A-B0C3-67596D1B6D0E} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector -> No File <==== ATTENTION
Task: {F93C7104-998A-4A38-B935-775A3138B3C3} - \Microsoft\Windows\Location\Notifications -> No File <==== ATTENTION
Tcpip\Parameters: [DhcpNameServer] 201.251.3.130 201.251.3.131
Tcpip\..\Interfaces\{05DF79A5-5E43-4AD4-B97F-A1C84056D1BB}: [DhcpNameServer] 201.251.3.130 201.251.3.131
Toolbar: HKU\S-1-5-21-1436006365-1081912264-1087991425-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
2019-07-29 04:44 - 2019-07-29 11:33 - 000000000 ____D C:\ProgramData\RogueKiller
2019-07-29 04:44 - 2019-07-29 11:33 - 000000000 ____D C:\Program Files\RogueKiller
2019-07-28 15:04 - 2019-07-28 15:04 - 000000000 ____D C:\Program Files\Safer Networking
2019-07-27 22:43 - 2016-03-11 14:53 - 000380928 _____ C:\Users\MERCE\Downloads\gmer.exe
2019-07-26 21:13 - 2019-07-28 19:42 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2019-07-26 21:13 - 2019-07-28 18:36 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-07-26 20:11 - 2019-07-26 20:58 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\MERCE\Downloads\spybotsd-2.7.64.0.exe
2019-07-21 20:28 - 2019-07-27 23:46 - 000000000 ____D C:\ProgramData\AVG
HKLM\...\scrfile\shell\open\command: "%1" <==== ATTENTION
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777935}}] => (Allow) C:\Program Files\UnHackMe\wu.exe (Greatis Software LLC -> Greais Software)
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA9}}] => (Allow) C:\Program Files\UnHackMe\wu.exe (Greatis Software LLC -> Greais Software)
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777934}}] => (Allow) C:\Program Files\UnHackMe\regruninfo.exe (Greatis Software LLC -> Greatis Software)
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA8}}] => (Allow) C:\Program Files\UnHackMe\regruninfo.exe (Greatis Software LLC -> Greatis Software)
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
- Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.
Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.
- Ejecutas Frst.exe.
- Presionas el botón Fix y aguardas a que termine.
- La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
- Lo pegas en tu próxima respuesta.
Luego de reiniciar, nos comentas como sigue el equipo y que problemas persisten.
Salu2.