Troyano Floflix

Karina_Monserrat_Lop · 12 Octubre, 2020 19:54

Buenas tardes le adjunto el resultado de la corrección, le comento que el problema persiste, aun sale error 0xc0000005 al igual que aun aparece el explorador de windows dejo de funcionar luego sale explorador de windows reiniciando saludos

Resultados de la corrección de Farbar Recovery Scan Tool (x86) Versión: 20-09-2020
Ejecutado por MIGUEL (12-10-2020 11:58:22) Run:1
Ejecutado desde C:\Users\MIGUEL\Desktop
Perfiles cargados: MIGUEL
Modo de Inicio: Safe Mode (minimal)

==============================================

fixlist contenido:
*****************
CloseProcesses:
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\...\MountPoints2: D - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\...\MountPoints2: {48e9fac1-17da-11e7-bce4-d6af78bb8972} - D:\Setup.exe
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\...\MountPoints2: {855bd446-daeb-11e9-9437-9d6b03cad13d} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\...\MountPoints2: {d9a8b4a8-d925-11e3-a9f6-3859f9f2376a} - E:\LGAutoRun.exe
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\...\MountPoints2: {fdb0b46c-544c-11e2-a20a-3859f9f2376a} - D:\Autorun.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files\Google\Chrome\Application\77.0.3865.120\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
AppInit_DLLs: C:\PROGRA~1\COMMON~1\System\symsrv.dll => C:\Program Files\Common Files\System\symsrv.dll [69337 2020-09-30] (Microsoft Corporation) <==== ATENCI�N
BootExecute: autocheck autochk /k:C * 
GroupPolicy: Restricci�n ? <==== ATENCI�N
CHR HKLM\SOFTWARE\Policies\Google: Restricci�n <==== ATENCI�N
S2 edgeupdate; "C:\Program Files\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc [X]
S3 edgeupdatem; "C:\Program Files\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /medsvc [X]
S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\77.0.3865.120\elevation_service.exe" [X]
S3 MozillaMaintenance; "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [X]
S2 Oasis2Service; "C:\Program Files\DDNi\Oasis2Service 1.0\Oasis2Service.exe" [X]
S3 SpfService; "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe" [X]
S2 VAIO Event Service; "C:\Program Files\Sony\VAIO Event Service\VESMgr.exe" [X]
S3 VcmIAlzMgr; "C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [X]
S3 VcmINSMgr; "C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe" [X]
S3 VCService; "C:\Program Files\Sony\VAIO Care\VCService.exe" [X]
S2 VSNService; "C:\Program Files\Sony\VAIO Smart Network\VSNService.exe" [X]
2020-09-29 09:57 - 2020-09-29 10:05 - 000000000 ____D C:\a43a12a983ef559c1a7f1adc93
2020-09-17 15:32 - 2020-09-18 12:38 - 000000000 ___HD C:\Windows\msdownld.tmp
2020-09-30 06:59 - 2009-07-13 21:37 - 000000000 ____D C:\Program Files\Common Files\System
2019-11-23 16:49 - 2019-11-23 19:57 - 006922240 _____ () C:\Program Files\GUT9637.tmp
2017-04-07 20:00 - 2017-04-07 20:00 - 007680000 _____ () C:\Program Files\GUTC6D8.tmp
2019-10-21 09:07 - 2019-10-21 09:07 - 000117247 _____ () C:\Users\MIGUEL\AppData\Roaming\Bemomohi
2019-12-20 14:04 - 2019-12-20 14:04 - 000302776 _____ () C:\Users\MIGUEL\AppData\Roaming\Dobamatehug
2019-10-12 11:06 - 2019-10-12 11:06 - 000241436 _____ () C:\Users\MIGUEL\AppData\Roaming\Gemupisepehu
2019-11-21 13:01 - 2019-11-21 13:01 - 000201533 _____ () C:\Users\MIGUEL\AppData\Roaming\Kapak
2019-09-06 00:01 - 2019-09-06 00:01 - 000157496 _____ () C:\Users\MIGUEL\AppData\Roaming\Kebunuge
2019-10-30 11:01 - 2019-10-30 11:01 - 000295435 _____ () C:\Users\MIGUEL\AppData\Roaming\Ketamaroto
2020-01-04 13:01 - 2020-01-04 13:01 - 000165104 _____ () C:\Users\MIGUEL\AppData\Roaming\Kobegagi
2019-09-22 14:01 - 2019-09-22 14:01 - 000296500 _____ () C:\Users\MIGUEL\AppData\Roaming\Mumorehebufu
2020-03-31 20:01 - 2020-03-31 20:01 - 000135885 _____ () C:\Users\MIGUEL\AppData\Roaming\Natikuburah
2019-10-04 11:01 - 2019-10-04 11:01 - 000202696 _____ () C:\Users\MIGUEL\AppData\Roaming\Nokakedoma
2019-10-06 11:06 - 2019-10-06 11:06 - 000139002 _____ () C:\Users\MIGUEL\AppData\Roaming\Ragodap
2019-09-14 13:01 - 2019-09-14 13:01 - 000221033 _____ () C:\Users\MIGUEL\AppData\Roaming\Ratolopede
2020-01-14 16:01 - 2020-01-14 16:01 - 000131176 _____ () C:\Users\MIGUEL\AppData\Roaming\Rememupeta
2020-05-27 20:01 - 2020-05-27 20:01 - 000151239 _____ () C:\Users\MIGUEL\AppData\Roaming\Tonaneruheso
ContextMenuHandlers2: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} =>  -> Ning�n archivo
ContextMenuHandlers3: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} =>  -> Ning�n archivo
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131613650170251101&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://prodigy.msn.com/
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131613650170563102&GUID=00000000-0000-0000-0000-000000000000
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> {8acdd076-7141-4655-8487-c35174c89c93} URL = 
SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-1759255200-2635567169-74197307-1001 -> DefaultScope {CBF352E7-50CC-4BC6-B3C6-70E6F91C68BC} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1759255200-2635567169-74197307-1001 -> {CBF352E7-50CC-4BC6-B3C6-70E6F91C68BC} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1759255200-2635567169-74197307-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
Toolbar: HKU\S-1-5-21-1759255200-2635567169-74197307-1001 -> Sin Nombre - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Ning�n archivo
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
FirewallRules: [{220DCDBC-62A2-4A40-B59A-92F1EE3B9B34}] => (Allow) C:\Users\MIGUEL\AppData\Local\Chromium\Application\chrome.exe => Ning�n archivo
FirewallRules: [{33505E57-284C-43AD-979F-EB64957934E6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe => Ning�n archivo
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:

*****************

Procesos cerrados correctamente.
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D => eliminado correctamente
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48e9fac1-17da-11e7-bce4-d6af78bb8972} => eliminado correctamente
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{855bd446-daeb-11e9-9437-9d6b03cad13d} => eliminado correctamente
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9a8b4a8-d925-11e3-a9f6-3859f9f2376a} => eliminado correctamente
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fdb0b46c-544c-11e2-a20a-3859f9f2376a} => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
"C:\PROGRA~1\COMMON~1\System\symsrv.dll" => Información del valor eliminado correctamente
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => valor restaurado correctamente
C:\Windows\system32\GroupPolicy\Machine => movido correctamente
C:\Windows\system32\GroupPolicy\GPT.ini => movido correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
HKLM\System\CurrentControlSet\Services\edgeupdate => eliminado correctamente
edgeupdate => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\edgeupdatem => eliminado correctamente
edgeupdatem => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\GoogleChromeElevationService => eliminado correctamente
GoogleChromeElevationService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\MozillaMaintenance => eliminado correctamente
MozillaMaintenance => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\Oasis2Service => eliminado correctamente
Oasis2Service => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\SpfService => eliminado correctamente
SpfService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VAIO Event Service => eliminado correctamente
VAIO Event Service => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VcmIAlzMgr => eliminado correctamente
VcmIAlzMgr => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VcmINSMgr => eliminado correctamente
VcmINSMgr => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VCService => eliminado correctamente
VCService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VSNService => eliminado correctamente
VSNService => servicio eliminado correctamente
C:\a43a12a983ef559c1a7f1adc93 => movido correctamente
C:\Windows\msdownld.tmp => movido correctamente
C:\Program Files\Common Files\System => movido correctamente
C:\Program Files\GUT9637.tmp => movido correctamente
C:\Program Files\GUTC6D8.tmp => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Bemomohi => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Dobamatehug => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Gemupisepehu => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Kapak => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Kebunuge => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Ketamaroto => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Kobegagi => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Mumorehebufu => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Natikuburah => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Nokakedoma => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Ragodap => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Ratolopede => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Rememupeta => movido correctamente
C:\Users\MIGUEL\AppData\Roaming\Tonaneruheso => movido correctamente
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AddtoVAIOGate => eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\AddtoVAIOGate => eliminado correctamente
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => eliminado correctamente
"BVTFilter" => eliminado correctamente
"BVTConsumer" => eliminado correctamente
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS eliminado correctamente
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
"HKU\S-1-5-21-1759255200-2635567169-74197307-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => eliminado correctamente
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1b31c9d2-7135-442b-bb93-7c002172adc6} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8acdd076-7141-4655-8487-c35174c89c93} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{f79e5d1c-5148-469e-9f98-a11d8d7863f4} => eliminado correctamente
"HKU\S-1-5-21-1759255200-2635567169-74197307-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CBF352E7-50CC-4BC6-B3C6-70E6F91C68BC} => eliminado correctamente
HKU\S-1-5-21-1759255200-2635567169-74197307-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{f79e5d1c-5148-469e-9f98-a11d8d7863f4} => eliminado correctamente
"HKU\S-1-5-21-1759255200-2635567169-74197307-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => eliminado correctamente
HKLM\Software\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} => eliminado correctamente
HKLM\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} => no encontrado
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => eliminado correctamente
HKLM\Software\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{220DCDBC-62A2-4A40-B59A-92F1EE3B9B34}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{33505E57-284C-43AD-979F-EB64957934E6}" => eliminado correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final de CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1759255200-2635567169-74197307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1759255200-2635567169-74197307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11586120 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 330172049 B
Edge => 0 B
Chrome => 16255750 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 10606612 B
LocalService => 10894701 B
NetworkService => 15413578 B
MIGUEL => 470324593 B
COMERCIALISADORA => 2517353629 B
FAM LC => 2518959206 B
Invitado => 2528740453 B

RecycleBin => 2623162910 B
EmptyTemp: => 10.3 GB datos temporales Eliminados.

================================


El sistema necesita reiniciarse.

==== Final  Fixlog 12:02:40 ====

SanMar · 12 Octubre, 2020 19:58

Hola @Karina_Monserrat_Lop

Dinos si tienes acceso a otro equipo con Windows 7 SP1 de 32 bits

1.- Descargue la herramienta SystemLook a su escritorio segun la arquitectura de su Sistema Operativo: >>> Como saber si mi Windows es de 32 o 64 bits?.

SystemLook >>> Para sistemas de 32 Bits.
SystemLook_x64 >>> Para sistemas de 64 Bits.

2.- Haga doble clic al archivo SystemLook.exe para ejecutarlo.

Si usa Windows 7/8 o 10, presione clic derecho y seleccione Ejecutar como Administrador

Copie y pegue tal cual el texto del recuadro de aquí abajo en la ventana del programa y pulse en Look.

:filefind  
*explorer.exe*

Debe quedar como lo muestra la siguiente imagen de ejemplo:

Systemlook

Espere hasta que finalice la búsqueda. (Esta puede demorarse)
Al terminar se abrirá el bloc de notas, con un reporte que debe copiar y pegar en su próxima respuesta.

Nota: Ese reporte también se guardará con el nombre SystemLook.txt en su escritorio.

¿Como Pegar Reportes en el Foro?

Salu2

Karina_Monserrat_Lop · 13 Octubre, 2020 15:18

Buen día le comento que no cuento con otro equipo con windows 7 y le adjunto el reporte saludos :

SystemLook 30.07.11 by jpshortstuff
    Log created at 09:51 on 13/10/2020 by MIGUEL
`Administrator - Elevation successful`

========== filefind ==========

Searching for "*explorer.exe*"
C:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\CML_explorer.exe	--a---- 78054 bytes	[02:59 17/10/2015]	[03:47 24/09/2007] D2CE4CC29028EBE063492AA4DB1FFE57
C:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\FractalExplorer.exe	--a---- 96298 bytes	[02:59 17/10/2015]	[03:46 24/09/2007] F92E366EB18A7A16E2DD14C9788CB4FE
C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_explorer.exe	--a---- 210208 bytes	[23:45 29/07/2010]	[23:45 29/07/2010] 060230B944AD445D8473319CBA5BB963
C:\Users\FAM LC\AppData\Local\CrashDumps\btsendto_explorer.exe.5864.dmp	--a---- 6518693 bytes	[14:31 23/09/2020]	[14:31 23/09/2020] A6A0082CFB8207789A387900C8E1345D
C:\Users\FAM LC\AppData\Local\CrashDumps\explorer.exe.2900.dmp	--a---- 1419127 bytes	[01:37 01/10/2020]	[01:37 01/10/2020] E48605FAA86D1D6667D80C1ADDB8043B
C:\Users\FAM LC\AppData\Local\CrashDumps\explorer.exe.3348.dmp	--a---- 3082362 bytes	[01:32 01/10/2020]	[01:32 01/10/2020] 9AB2FF8D4E941C231AAB849DCB9845AA
C:\Users\FAM LC\AppData\Local\CrashDumps\explorer.exe.4188.dmp	--a---- 1420045 bytes	[01:32 01/10/2020]	[01:32 01/10/2020] 78243DA647FE0B85F42645B6DA6821B5
C:\Users\FAM LC\AppData\Local\CrashDumps\explorer.exe.4620.dmp	--a---- 3146667 bytes	[01:35 01/10/2020]	[01:35 01/10/2020] D2AB84F0A99294A003666B8395B33B37
C:\Users\FAM LC\AppData\Local\CrashDumps\explorer.exe.4820.dmp	--a---- 3279342 bytes	[01:35 01/10/2020]	[01:35 01/10/2020] 83853745811721E47E18BE21C1CCCEFA
C:\Users\FAM LC\AppData\Local\CrashDumps\explorer.exe.4884.dmp	--a---- 1193787 bytes	[01:33 01/10/2020]	[01:33 01/10/2020] B79CA557399381D245A338E21DFBE9E9
C:\Users\FAM LC\AppData\Local\CrashDumps\explorer.exe.5496.dmp	--a---- 1420815 bytes	[01:33 01/10/2020]	[01:33 01/10/2020] 86A91CA17DC1B288F3A24C69472F0801
C:\Users\FAM LC\AppData\Local\CrashDumps\explorer.exe.5660.dmp	--a---- 3282294 bytes	[01:37 01/10/2020]	[01:37 01/10/2020] A7D6940A3FDE7A144186F15CDD5C16DF
C:\Users\MIGUEL\AppData\Local\CrashDumps\explorer.exe.1876.dmp	--a---- 1529439 bytes	[19:46 12/10/2020]	[19:46 12/10/2020] (Unable to calculate MD5)
C:\Users\MIGUEL\AppData\Local\CrashDumps\explorer.exe.2564.dmp	--a---- 1178888 bytes	[14:50 13/10/2020]	[14:50 13/10/2020] FA644681E6A7EF3E784B26E2ADBFE38B
C:\Users\MIGUEL\AppData\Local\CrashDumps\explorer.exe.2884.dmp	--a---- 1268512 bytes	[14:53 13/10/2020]	[14:53 13/10/2020] 32D1D8EE81C9FBEC2C364CF54F0F5F9F
C:\Users\MIGUEL\AppData\Local\CrashDumps\explorer.exe.3068.dmp	--a---- 3502416 bytes	[14:51 13/10/2020]	[14:51 13/10/2020] FF99924C6C104DBF49CEAE6169AFC913
C:\Users\MIGUEL\AppData\Local\CrashDumps\explorer.exe.3080.dmp	--a---- 1412440 bytes	[19:48 12/10/2020]	[19:48 12/10/2020] (Unable to calculate MD5)
C:\Users\MIGUEL\AppData\Local\CrashDumps\explorer.exe.4268.dmp	--a---- 1403607 bytes	[19:29 12/10/2020]	[19:29 12/10/2020] (Unable to calculate MD5)
C:\Users\MIGUEL\AppData\Local\CrashDumps\explorer.exe.4596.dmp	--a---- 1425041 bytes	[19:41 12/10/2020]	[19:41 12/10/2020] (Unable to calculate MD5)
C:\Users\MIGUEL\AppData\Local\CrashDumps\explorer.exe.6140.dmp	--a---- 1381214 bytes	[19:43 12/10/2020]	[19:43 12/10/2020] (Unable to calculate MD5)
C:\Windows\explorer.exe	--a---- 2972672 bytes	[00:18 01/04/2017]	[14:55 29/08/2016] 6DDCA324434FFA506CF7DC4E51DB7935
C:\Windows\es-ES\explorer.exe.mui	--a---- 25600 bytes	[18:49 18/08/2011]	[18:49 18/08/2011] F88DD287C97E5E67185B1BC9A8C86062
C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_es-es_05943a24d51c520a\explorer.exe.mui	--a---- 25600 bytes	[18:49 18/08/2011]	[18:49 18/08/2011] F88DD287C97E5E67185B1BC9A8C86062
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe	--a---- 2616320 bytes	[21:29 20/11/2010]	[21:29 20/11/2010] 40D777B7A95E00593EB1568C68514493
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe	--a---- 2616320 bytes	[18:47 27/05/2011]	[18:47 27/05/2011] 8B88EBBB05A0E56B7DCC708498C02B3E
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe	--a---- 2616320 bytes	[18:47 27/05/2011]	[18:47 27/05/2011] 0FB9C74046656D1579A64660AD67B746
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_5432df58f129e196\explorer.exe	--a---- 2972672 bytes	[00:18 01/04/2017]	[14:55 29/08/2016] 6DDCA324434FFA506CF7DC4E51DB7935

-= EOF =-

Karina_Monserrat_Lop · 13 Octubre, 2020 19:16

Se me había olvidar que aún sigue apateciendo el explorador de windows dejo de funcionar

SanMar · 14 Octubre, 2020 05:02

Hola @Karina_Monserrat_Lop

Unas consultas:

a.- Recuerdas cuando empezó el problema? Descargaste y/o ejecutaste algo nuevo. o pirata?

b.- En Modo Seguro tienes el problema del crasheo de explorer.exe (Explorador de Windows)?

Prueba lo siguiente:

1. Inicia tu ordenador en Modo Seguro, pero de la siguiente manera;

Windows 7.

Y desde ese Modo intentas ejecutar Malwarebytes, no olvides eliminar todo lo que detecte.

2.- Realiza un análisis completo del Disco duro siguiendo la guía:

Análisis y Escaneo del Disco Duro Usar el Método 3.

IMPORTANTE: Si** el porcentaje de Avance parece pararse, NO Canceles el proceso**. Déjalo continuar si es necesario durante 24 horas más. .

Una vez que termine el chequeo busca el reporte de acuerdo a los siguientes pasos:

Nos pegas los resultados.

Salu2