• Registrarse
  • Iniciar sesión


  • Resultados 1 al 6 de 6

    ayuda sobre sistema

    hola , les cuento tengo un problema que no puedo abrir ningun programa ni el paint me dejo abrir para sacar una captura de pantalla, cuando voy a abrir algun programa me sale un cartel ...

    1. #1
      Usuario Avatar de worrrsssss
      Registrado
      jul 2014
      Ubicación
      argentina
      Mensajes
      13

      ayuda sobre sistema

      hola , les cuento tengo un problema que no puedo abrir ningun programa ni el paint me dejo abrir para sacar una captura de pantalla, cuando voy a abrir algun programa me sale un cartel que dice "NO SE PUEDEN ABRIR ESTOS ARCHIVOS la configuracion de seguridad de internet impidio la apertura de uno o varios archivos" creo que puede ser una pavada no creo que sea un virus porque recien hace 3 o 4 dias la trajeron del service por una limpieza que le hicimos. Pero ahora me sale ese cartelito que no se como solucionarlo. si me pueden dar una ayuda antes de que tenga que llevarla de nuevo al service se agradece..
      a chrome lo abri de un enlace porque la ventana original no abre..

    2. #2
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.150

      Re: ayuda sobre sistema

      Hola worrrsssss.

      Descarga FRST Version 32Bits o FRST Versión 64Bits en el escritorio.
      *Nota*: Haz clic aquí si no sabes si tu S.O. es de 32bits o 64bits.
      1. Inicia en Modo seguro (a prueba de fallos).
      2. Clic derecho a FRST.exe/FRST64.exe para ejecutarlo (o doble clic si tu S.O. es Windows xp) y acepta la clausula de negación de garantías.
      3. Presiona el botón Scan y espera a que termine la exploración.
      4. Al finalizar el examen se abrirán dos (2) reportes:
        1. FRST.txt
        2. Addition.txt

      Pega el log llamado FRST.txt en un nuevo mensaje.

      Un saludo.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de worrrsssss
      Registrado
      jul 2014
      Ubicación
      argentina
      Mensajes
      13

      Re: ayuda sobre sistema

      bien pude ejecutarlo aca va el reporte:

      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-11-2017
      Ran by YO (administrator) on YO-PC (16-11-2017 13:09:47)
      Running from C:\Windows\System32\config\systemprofile\Downloads
      Loaded Profiles: False (Available Profiles: YO & UpdatusUser) <==== ATTENTION (Temporary Profile?)
      Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Safe Mode (minimal)
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Farbar) C:\Windows\System32\config\systemprofile\Downloads\FRST (1).exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14737664 2016-10-27] (Realtek Semiconductor)
      HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-04] (AVAST Software)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-18\...\Run: [uTorrent] => C:\Windows\System32\config\systemprofile\AppData\Roaming\uTorrent\updates\3.5.0_44090.exe [1982144 2017-09-27] (BitTorrent Inc.)
      HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7814656 2017-10-18] (Piriform Ltd)
      HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Corporation)
      Startup: C:\Users\YO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2014-08-18]
      ShortcutTarget: GameRanger.lnk -> C:\Users\TEMP\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (No File)
      BootExecute: autocheck autochk * SmartDefragBootTime.exe
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
      Tcpip\..\Interfaces\{8DD1B70A-5F3D-44E9-A971-BD127D077B06}: [DhcpNameServer] 192.168.8.1
      Tcpip\..\Interfaces\{D6633B8E-A726-465A-9E38-1125D735956C}: [DhcpNameServer] 192.168.12.2

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
      SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-18] (Oracle Corporation)
      BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-18] (Oracle Corporation)
      Handler: livecall - No CLSID Value -
      Handler: msnim - No CLSID Value -

      FireFox:
      ========
      FF DefaultProfile: 2zd9mr6q.default
      FF ProfilePath: C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\2zd9mr6q.default [2017-11-04]
      FF user.js: detected! => C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\2zd9mr6q.default\user.js [2016-06-28]
      FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\2zd9mr6q.default\Extensions\[email protected] [2016-10-18] [Legacy]
      FF Extension: (Search and New Tab by Yahoo) - C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\2zd9mr6q.default\Extensions\[email protected] [2017-08-17] [Legacy]
      FF Extension: (Nightly Tester Tools) - C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\2zd9mr6q.default\Extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}.xpi [2017-06-26] [Legacy]
      FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PasswordBox\Firefox
      FF Extension: (PasswordBox) - C:\Program Files\PasswordBox\Firefox [2014-01-17] [Legacy] [not signed]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
      FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
      FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
      FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-18] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-18] (Oracle Corporation)
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
      FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
      FF Plugin HKU\.DEFAULT: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\TEMP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]

      Chrome:
      =======
      CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5828816 2017-11-04] (AVAST Software s.r.o.)
      S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-04] (AVAST Software)
      S2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [206112 2017-06-14] (IObit)
      S3 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
      S3 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2017-04-12] ()
      S3 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [107832 2017-04-12] ()
      S3 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
      S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7757552 2017-08-16] (TeamViewer GmbH)
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75416 2016-10-27] (Alcor Micro, Corp.)
      S1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [255624 2017-11-04] (AVAST Software s.r.o.)
      S0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157416 2017-11-04] (AVAST Software s.r.o.)
      S0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276736 2017-11-04] (AVAST Software s.r.o.)
      S0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50384 2017-11-04] (AVAST Software s.r.o.)
      S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42856 2017-11-04] (AVAST Software)
      S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [124952 2017-11-04] (AVAST Software)
      S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [99560 2017-11-04] (AVAST Software)
      S0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70864 2017-11-04] (AVAST Software)
      S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [783648 2017-11-04] (AVAST Software)
      S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [499560 2017-11-04] (AVAST Software)
      S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [149824 2017-11-04] (AVAST Software)
      S0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [297840 2017-11-04] (AVAST Software)
      R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies)
      R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-07-09] (DT Soft Ltd)
      S1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-11-06] (REALiX(tm))
      S3 IUFileFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [20368 2017-06-06] (IObit.com)
      S3 IURegProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IURegProcessFilter.sys [24976 2017-06-13] (IObit.com)
      S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2017-11-03] (Malwarebytes)
      R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18800 2016-03-22] (IObit)
      S0 sptd; C:\Windows\System32\Drivers\sptd.sys [324152 2016-09-14] (Duplex Secure Ltd.)
      S3 BHipsEx; \??\C:\Windows\System32\drivers\BHipsEx.sys [X]
      S3 catchme; \??\C:\Users\YO\AppData\Local\Temp\catchme.sys [X]
      S3 cpuz137; \??\C:\Users\TEMP\AppData\Local\Temp\cpuz137\cpuz137_x32.sys [X]
      S3 cpuz138; \??\C:\Users\TEMP\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X]
      S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
      S3 gdrv; \??\C:\Windows\gdrv.sys [X]
      S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
      S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-16 13:09 - 2017-11-16 13:09 - 000000000 ____D C:\FRST
      2017-11-16 13:08 - 2017-11-16 13:10 - 000159060 _____ C:\Windows\ntbtlog.txt
      2017-11-16 13:08 - 2017-11-16 13:10 - 000159060 _____ C:\Windows\ntbtlog.txt
      2017-11-15 23:26 - 2017-11-15 23:26 - 001788928 _____ (Farbar) C:\Users\TEMP\Desktop\FRST.exe
      2017-11-07 09:27 - 2017-11-07 09:27 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\uTorrent
      2017-11-06 21:46 - 2017-11-10 11:15 - 000000000 ____D C:\Users\TEMP\AppData\Local\Google
      2017-11-06 12:15 - 2017-11-06 19:54 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\IObit
      2017-11-04 09:44 - 2017-11-04 09:45 - 000000000 ____D C:\Users\TEMP\AppData\Local\Adobe
      2017-11-04 09:44 - 2017-11-04 09:44 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\AVAST Software
      2017-11-04 09:44 - 2017-11-04 09:44 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
      2017-11-04 09:44 - 2017-11-04 09:44 - 000000000 ____D C:\Users\TEMP\AppData\LocalLow\Adobe
      2017-11-04 09:44 - 2017-11-04 09:44 - 000000000 ____D C:\Users\TEMP\AppData\Local\CEF
      2017-11-04 09:43 - 2017-11-04 09:43 - 000783648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
      2017-11-04 09:43 - 2017-11-04 09:43 - 000002039 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
      2017-11-04 09:43 - 2017-11-04 09:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
      2017-11-04 09:43 - 2017-11-04 09:42 - 000921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
      2017-11-04 09:43 - 2017-11-04 09:42 - 000921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
      2017-11-04 09:43 - 2017-11-04 09:42 - 000499560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2017-11-04 09:43 - 2017-11-04 09:42 - 000304816 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
      2017-11-04 09:43 - 2017-11-04 09:42 - 000297840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
      2017-11-04 09:43 - 2017-11-04 09:42 - 000276736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
      2017-11-04 09:43 - 2017-11-04 09:42 - 000255624 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
      2017-11-04 09:43 - 2017-11-04 09:42 - 000157416 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
      2017-11-04 09:43 - 2017-11-04 09:42 - 000149824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
      2017-11-04 09:43 - 2017-11-04 09:42 - 000124952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2017-11-04 09:43 - 2017-11-04 09:42 - 000099560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
      2017-11-04 09:43 - 2017-11-04 09:42 - 000070864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
      2017-11-04 09:43 - 2017-11-04 09:42 - 000050384 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
      2017-11-04 09:43 - 2017-11-04 09:42 - 000042856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
      2017-11-04 09:41 - 2017-11-04 09:41 - 000000000 ____D C:\Program Files\AVAST Software
      2017-11-04 09:40 - 2017-11-04 09:40 - 000000929 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-11-04 09:33 - 2017-11-04 09:33 - 000000000 ____D C:\MSfree Inc
      2017-11-04 09:32 - 2017-11-08 10:51 - 000000000 ____D C:\ProgramData\KMSAutoS
      2017-11-04 09:13 - 2017-11-04 09:14 - 010427120 _____ (Piriform Ltd) C:\Users\YO\Downloads\ccsetup536.exe
      2017-11-03 17:43 - 2017-11-03 17:43 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
      2017-11-03 17:40 - 2017-11-03 17:42 - 012666280 _____ (TeamViewer GmbH) C:\Users\YO\Downloads\TeamViewer_Setup.exe
      2017-11-03 17:38 - 2017-11-14 13:22 - 000000000 ____D C:\ProgramData\ProductData
      2017-11-03 17:12 - 2017-11-03 17:12 - 008261584 _____ (Malwarebytes) C:\Users\YO\Downloads\AdwCleaner.exe
      2017-11-03 17:12 - 2017-11-03 17:12 - 001790024 _____ (Malwarebytes) C:\Users\YO\Downloads\JRT (1).exe
      2017-11-02 17:46 - 2017-11-02 17:46 - 000002070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
      2017-11-02 17:46 - 2017-11-02 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-16 13:07 - 2009-07-14 01:34 - 000014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-11-16 13:07 - 2009-07-14 01:34 - 000014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-11-16 13:02 - 2014-08-27 17:47 - 000000358 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job
      2017-11-16 13:02 - 2014-08-27 17:47 - 000000358 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job
      2017-11-16 13:02 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-11-14 22:51 - 2015-05-02 14:02 - 000000000 ____D C:\Users\TEMP\Desktop\MILENA
      2017-11-14 14:50 - 2013-03-09 14:11 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
      2017-11-14 14:50 - 2013-03-09 14:11 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
      2017-11-14 14:50 - 2013-03-09 14:11 - 000000000 ____D C:\Windows\system32\Macromed
      2017-11-11 21:05 - 2013-03-08 11:45 - 000000000 ____D C:\Program Files\TeamViewer
      2017-11-08 23:32 - 2013-03-08 09:57 - 001685736 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-11-08 23:32 - 2009-07-14 05:48 - 000750994 _____ C:\Windows\system32\perfh00A.dat
      2017-11-08 23:32 - 2009-07-14 05:48 - 000160036 _____ C:\Windows\system32\perfc00A.dat
      2017-11-08 23:32 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
      2017-11-08 23:32 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
      2017-11-08 12:20 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\NDF
      2017-11-06 19:56 - 2015-04-03 10:54 - 000023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
      2017-11-04 09:43 - 2013-03-08 14:42 - 000000000 ____D C:\ProgramData\AVAST Software
      2017-11-04 09:41 - 2016-10-25 11:15 - 000000000 ____D C:\Windows\Minidump
      2017-11-04 09:41 - 2016-10-25 11:15 - 000000000 ____D C:\Windows\Minidump
      2017-11-04 09:40 - 2013-03-08 11:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2017-11-04 09:40 - 2013-03-08 11:45 - 000000000 ____D C:\Program Files\CCleaner
      2017-11-04 09:32 - 2015-04-07 09:17 - 000109280 _____ C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
      2017-11-04 09:32 - 2015-04-07 09:17 - 000109280 _____ C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
      2017-11-04 09:28 - 2014-03-09 14:05 - 000000000 ____D C:\Users\YO\Downloads\Nueva carpeta
      2017-11-04 09:09 - 2016-07-12 15:31 - 000000000 ____D C:\Program Files\SuperBoost
      2017-11-04 09:07 - 2013-03-08 14:42 - 000000000 ____D C:\Program Files\IObit
      2017-11-04 09:05 - 2016-10-10 20:36 - 000000000 ____D C:\Program Files\Common Files\McAfee
      2017-11-04 09:05 - 2009-07-14 01:33 - 000408984 _____ C:\Windows\system32\FNTCACHE.DAT
      2017-11-03 18:26 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\rescache
      2017-11-03 18:26 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\rescache
      2017-11-03 17:46 - 2016-10-10 20:22 - 000000000 ____D C:\ProgramData\McAfee
      2017-11-03 17:34 - 2014-07-17 22:31 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
      2017-11-02 18:10 - 2016-07-12 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
      2017-11-02 18:10 - 2013-03-08 14:43 - 000000000 ____D C:\ProgramData\IObit
      2017-11-02 17:58 - 2013-03-08 11:42 - 000000000 ____D C:\Users\YO\AppData\Roaming\AIMP3
      2017-11-02 17:47 - 2015-04-03 10:59 - 000000000 ____D C:\Program Files\Common Files\IObit
      2017-11-02 17:46 - 2017-02-20 13:17 - 000002058 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
      2017-10-17 00:08 - 2015-03-07 00:42 - 000000000 ____D C:\Program Files\Steam

      ==================== Files in the root of some directories =======

      2014-03-20 10:40 - 2014-06-22 23:07 - 000003735 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
      2017-04-12 00:51 - 2017-04-12 02:41 - 000022328 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\PnkBstrK.sys
      2015-04-30 01:06 - 2015-04-30 01:06 - 000007605 _____ () C:\Windows\system32\config\systemprofile\AppData\Local\Resmon.ResmonCfg
      2014-10-03 01:11 - 2014-10-03 01:11 - 000000020 _____ () C:\ProgramData\bc.ini
      2015-04-04 23:52 - 2015-04-04 23:52 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-11-03 17:32

      ==================== End of FRST.txt ============================

    4. #4
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.150

      Re: ayuda sobre sistema

      Hola.

      1.- Usa Eset AV Remover para que elimines los restos de herramientas de seguridad.

      2.- Realiza lo siguiente:
      1. Copia el contenido del siguiente recuadro en el portapapeles (Clic derecho > Copiar)
        Código:
        CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
        CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
        S3 catchme; \??\C:\Users\YO\AppData\Local\Temp\catchme.sys [X]
        S3 cpuz137; \??\C:\Users\TEMP\AppData\Local\Temp\cpuz137\cpuz137_x32.sys [X]
        S3 cpuz138; \??\C:\Users\TEMP\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X]
      2. Abre el block de notas (Inicio >Todos los programas>Accesorios>Block de Notas)
      3. Pega el contenido del recuadro en el notepad y guárdalo en el escritorio con el nombre de: fixlist.txt
      4. Ejecuta FRST.exe (o FRST64.exe) y presiona el botón Fix
      5. Al finalizar la exploración será creado un reporte llamado Fixlog.txt

      Pega el contenido de ese log en un nuevo mensaje.

      *Nota*: Recuerda dejarnos los reportes y comentar como evoluciona el problema para poder seguir con el tema...

      Un saludo.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de worrrsssss
      Registrado
      jul 2014
      Ubicación
      argentina
      Mensajes
      13

      Re: ayuda sobre sistema

      ahora lo que pasa es que aveces abre iconos en el escritorio que aveces no estan.. y cuando pongo modo seguro sale una pantalla de antes que la llevara a arreglar. pero sigo con el mismo problema de no poder abrir archivos... aca va el reporte:


      Fix result of Farbar Recovery Scan Tool (x86) Version: 15-11-2017
      Ran by YO (16-11-2017 23:02:04) Run:1
      Running from C:\Windows\System32\config\systemprofile\Downloads
      Loaded Profiles: False (Available Profiles: YO & UpdatusUser)
      Boot Mode: Safe Mode (minimal)

      ==============================================

      fixlist content:
      *****************
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
      S3 catchme; \??\C:\Users\YO\AppData\Local\Temp\catchme.sys [X]
      S3 cpuz137; \??\C:\Users\TEMP\AppData\Local\Temp\cpuz137\cpuz137_x32.sys [X]
      S3 cpuz138; \??\C:\Users\TEMP\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X]
      *****************

      HKLM\SOFTWARE\Policies\Google => key removed successfully.
      HKLM\SOFTWARE\Google\Chrome\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh => key removed successfully.
      HKLM\System\CurrentControlSet\Services\catchme => key removed successfully.
      catchme => service removed successfully.
      HKLM\System\CurrentControlSet\Services\cpuz137 => key removed successfully.
      cpuz137 => service removed successfully.
      HKLM\System\CurrentControlSet\Services\cpuz138 => key removed successfully.
      cpuz138 => service removed successfully.

      ==== End of Fixlog 23:02:04 ====

    6. #6
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.150

      Re: ayuda sobre sistema

      Hola.

      1.- Ejecuta DelFix en el escritorio de windows.

      *Marca la opción "Create Registry Backup" y desmarca el resto*

      Haces clic en RUN

      2.- Abre el block de notas y escribe lo siguiente:
      Código:
      Windows Registry Editor Version 5.00
      
      
      [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\l]
      Guardalo en el escritorio bajo el nombre de FixReg.reg

      Ejecuta el archivo "fixreg.reg" como administrador y acepta los cambios al registro.

      Reinicia el sistema.

      3.- Realiza un Scandisk y una desfragmentacion al disco duro.

      Un saludo.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.