Autoit Error 0, ayuda por favor

AdwCleaner


# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-03-21.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-25-2019
# Duration: 00:00:08
# OS:       Windows 7 Ultimate
# Cleaned:  35
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files\Common Files\IObit\Advanced SystemCare
Deleted       C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Users\Canaimita\AppData\LocalLow\IObit\Advanced SystemCare
Deleted       C:\Users\Canaimita\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\ProgramData\IOBIT\Driver Booster
Deleted       C:\Users\Canaimita\AppData\Roaming\IOBIT\Driver Booster
Deleted       C:\Program Files\DriverTurbo
Deleted       C:\ProgramData\{B96EB44A-7860-4F13-BC9A-0A73CA5F11C2}
Deleted       C:\Users\Canaimita\AppData\Local\DriverToolkit
Deleted       C:\ProgramData\apn

***** [ Files ] *****

Deleted       C:\Windows\System32\roboot.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\SOFTWARE\e7328ed01211c2f425aaa8fd3b206514
Deleted       HKLM\Software\IObit\RealTimeProtector
Deleted       HKCU\Software\IObit\Advanced SystemCare
Deleted       HKLM\Software\IObit\Advanced SystemCare
Deleted       HKLM\Software\IOBIT\ASC
Deleted       HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted       HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKU\S-1-5-18\Software\ByteFence
Deleted       HKU\.DEFAULT\Software\ByteFence
Deleted       HKLM\Software\Wow6432Node\ByteFence
Deleted       HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted       HKLM\Software\IObit\Driver Booster
Deleted       HKCU\Software\csastats
Not Deleted   HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{D8278076-BC68-4484-9233-6E7F1628B56C}
Deleted       HKLM\Software\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E0D44671-3DE1-45B4-B335-1F2EE98C8735}|DhcpNameServer - "10.1.192.13"
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|DhcpNameServer - "10.1.192.13"
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\Softonic

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4430 octets] - [25/03/2019 13:05:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

MALWAREBYTE:


Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 25/3/19
Hora del análisis: 11:38
Archivo de registro: 175be8d8-4f14-11e9-b82c-00accd338151.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.563
Versión del paquete de actualización: 1.0.9838
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: Canaimita-PC\Canaimita

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 202705
Amenazas detectadas: 55
Amenazas en cuarentena: 47
Tiempo transcurrido: 11 min, 32 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 18
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\SYSTWEAK\ssd, En cuarentena, [1537], [190782],1.0.9838
PUP.Optional.SearchBetter, HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AF303824-3881-40E2-AC67-EE89E5FFD257}, En cuarentena, [2253], [252532],1.0.9838
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, En cuarentena, [820], [186876],1.0.9838
PUP.Optional.Solvusoft, HKLM\SOFTWARE\CLASSES\APPLICATIONS\WinThrusterSetup.exe, En cuarentena, [2934], [335182],1.0.9838
PUP.Optional.RegCleanPro, HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\REG\Clean, En cuarentena, [4496], [347493],1.0.9838
PUP.Optional.SysTweak, HKLM\SOFTWARE\Systweak, En cuarentena, [1487], [327155],1.0.9838
PUP.Optional.DriverToolkit, HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\DriverToolkit, En cuarentena, [991], [512874],1.0.9838
PUP.Optional.SysTweak, HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\systweak, En cuarentena, [1487], [327156],1.0.9838
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En cuarentena, [2056], [183362],1.0.9838
PUP.Optional.SearchManager, HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [2056], [183362],1.0.9838
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\SYSTWEAK\ssd, En cuarentena, [1537], [190781],1.0.9838
PUP.Optional.InstallCore, HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\CSASTATS\ic, En cuarentena, [423], [586068],1.0.9838
PUP.Optional.WinYahoo, HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, [237], [247049],1.0.9838
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, [237], [247049],1.0.9838
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\MICROSOFT\TRACING\RegCleanPro_RASAPI32, En cuarentena, [4496], [253898],1.0.9838
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\MICROSOFT\TRACING\RegCleanPro_RASMANCS, En cuarentena, [4496], [253898],1.0.9838
PUP.Optional.CleanMyPC, HKLM\SOFTWARE\REG\Clean, En cuarentena, [3249], [348488],1.0.9838
PUP.Optional.Iminent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, En cuarentena, [96], [168093],1.0.9838

Valor del registro: 4
PUP.Optional.SearchBetter, HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AF303824-3881-40E2-AC67-EE89E5FFD257}|URL, En cuarentena, [2253], [252532],1.0.9838
PUP.Optional.SearchManager, HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 5\extensions.settings|PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En cuarentena, [2056], [183362],1.0.9838
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, [237], [247049],1.0.9838
PUP.Optional.Iminent, HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, En cuarentena, [96], [168093],1.0.9838

Datos del registro: 1
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, [237], [293458],1.0.9838

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 8
PUP.Optional.OpenCandy, C:\Users\Canaimita\AppData\Roaming\OpenCandy\B9FC5BBD00984ED48761788C4DB218BF, En cuarentena, [1123], [173202],1.0.9838
PUP.Optional.OpenCandy, C:\USERS\CANAIMITA\APPDATA\ROAMING\OPENCANDY, En cuarentena, [1123], [173202],1.0.9838
PUP.Optional.APNToolBar.Gen, C:\PROGRAMDATA\APN\APN-STUB, En cuarentena, [820], [175062],1.0.9838
PUP.Optional.RegCleanerPro, C:\USERS\INVITADO\APPDATA\ROAMING\SYSTWEAK\REGCLEAN PRO, En cuarentena, [1536], [179180],1.0.9838
PUP.Optional.SysTweak, C:\USERS\CANAIMITA\APPDATA\ROAMING\SYSTWEAK, En cuarentena, [1487], [327152],1.0.9838
PUP.Optional.SysTweak, C:\USERS\INVITADO\APPDATA\ROAMING\SYSTWEAK, En cuarentena, [1487], [327152],1.0.9838
RiskWare.BitCoinMiner, C:\Users\Canaimita\AppData\Local\minergate\log, En cuarentena, [739], [411853],1.0.9838
RiskWare.BitCoinMiner, C:\USERS\CANAIMITA\APPDATA\LOCAL\MINERGATE, En cuarentena, [739], [411853],1.0.9838

Archivo: 24
PUP.Optional.OpenCandy, C:\Users\Canaimita\AppData\Roaming\OpenCandy\B9FC5BBD00984ED48761788C4DB218BF\Opera_NI_stable.exe, En cuarentena, [1123], [173202],1.0.9838
RiskWare.BitCoinMiner, C:\Users\Canaimita\AppData\Local\minergate\log\bcn.log, En cuarentena, [739], [411853],1.0.9838
RiskWare.BitCoinMiner, C:\Users\Canaimita\AppData\Local\minergate\log\fcn.log, En cuarentena, [739], [411853],1.0.9838
RiskWare.BitCoinMiner, C:\Users\Canaimita\AppData\Local\minergate\log\minergate.log, En cuarentena, [739], [411853],1.0.9838
RiskWare.BitCoinMiner, C:\Users\Canaimita\AppData\Local\minergate\log\xmr.log, En cuarentena, [739], [411853],1.0.9838
RiskWare.BitCoinMiner, C:\Users\Canaimita\AppData\Local\minergate\[email protected], En cuarentena, [739], [411853],1.0.9838
RiskWare.BitCoinMiner, C:\Users\Canaimita\AppData\Local\minergate\[email protected], En cuarentena, [739], [411853],1.0.9838
RiskWare.BitCoinMiner, C:\Users\Canaimita\AppData\Local\minergate\miners.ini, En cuarentena, [739], [411853],1.0.9838
RiskWare.BitCoinMiner, C:\Users\Canaimita\AppData\Local\minergate\pools.config, En cuarentena, [739], [411853],1.0.9838
PUP.Optional.SearchManager, C:\USERS\CANAIMITA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 5\Secure Preferences, Sustituido, [2056], [183362],1.0.9838
PUP.Optional.AdvancedSystemCare, C:\PROGRAMDATA\IOBIT\DRIVER BOOSTER\DOWNLOADER\DB\ADVANCED SYSTEMCARE.EXE, En cuarentena, [3808], [396386],1.0.9838
PUP.Optional.AdvancedSystemCare, C:\PROGRAMDATA\IOBIT\DRIVER BOOSTER\DOWNLOADER\DB5\ASCSETUP.EXE, En cuarentena, [3808], [396386],1.0.9838
PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAMDATA\AVG10\SETUPBACKUP\TUNEUPX.CAB, En cuarentena, [3595], [464521],1.0.9838
PUP.Optional.DriverTurbo, C:\PROGRAM FILES\DRIVERTURBO\DRIVERTURBOSFX.EXE, En cuarentena, [3907], [570276],1.0.9838
PUP.Optional.SearchManager.BITSRST, C:\USERS\CANAIMITA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 5\Secure Preferences, Sustituido, [266], [628563],1.0.9838
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Error durante la eliminación, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Error durante la eliminación, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Error durante la eliminación, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Error durante la eliminación, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Error durante la eliminación, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Error durante la eliminación, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Error durante la eliminación, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Error durante la eliminación, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\USERS\CANAIMITA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 5\Secure Preferences, Sustituido, [266], [628563],1.0.9838

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

El foro me indica que no puedo publicar porque no puedo tener mas de dos enlaces en un post si soy un usuario nuevo.

Saludos

Hola

Si, es así, al haberte respondido ahora ya puedes subir los.

Un saludo

Me sigue indicando lo mismo: Lo sentimos, pero los usuarios nuevos solo pueden mencionar a 2 usuarios en un post. Lo sentimos, los nuevos usuarios solo pueden poner 2 enlaces en un post.

Hola

Adjunta los archivos en tu respuesta como se indica aquí :

Un saludo

FRST.txt (59,0 KB)

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-03-2019
Ran by Canaimita (25-03-2019 15:29:14)
Running from C:\Users\Canaimita\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2014-07-03 05:43:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1797319538-611075417-2455431110-500 - Administrator - Disabled)
Canaimita (S-1-5-21-1797319538-611075417-2455431110-1000 - Administrator - Enabled) => C:\Users\Canaimita
HomeGroupUser$ (S-1-5-21-1797319538-611075417-2455431110-1002 - Limited - Enabled)
Invitado (S-1-5-21-1797319538-611075417-2455431110-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Shockwave Player + Authorware Web Player (HKLM\...\Adobe Shockwave Player + Authorware Web Player) (Version: v12.0.7.148 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.5 (HKLM\...\{ECCA150B-31A5-412E-B8D0-4CB5DDA900D3}) (Version: 11.5.9.615 - Adobe Systems, Inc)
Adobe Shockwave Player 12.3 (HKLM\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AVG 2011 (HKLM\...\{A276502A-8979-44FB-8090-90CF72F22ABC}) (Version: 10.0.1204 - AVG Technologies) Hidden
AVG 2011 (HKLM\...\{F4C68898-EBA5-46A9-82B3-2D30426086BF}) (Version: 10.0.1435 - AVG Technologies) Hidden
Brave (HKLM\...\BraveSoftware Brave-Browser) (Version: 73.0.61.52 - Los creadores de Brave)
CaptchaTypers (worker) (HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\CaptchaTypers) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
CyberLink BD_3D Advisor 2.0 (HKLM\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
Foxit Reader  6.1.2.1224 (HKLM\...\Foxit Reader) (Version: v 6.1.2.1224 - oszone.net)
Google Chrome (HKLM\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 201 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50524.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
osu! (HKLM\...\{76e62ca6-c9c6-4833-915f-267626cec7ac}) (Version: latest - ppy Pty Ltd)
Plantas Contra Zombis (HKLM\...\Plantas Contra Zombis) (Version:  - )
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Telegram Desktop version 1.6.1 (HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.6.1 - Telegram Messenger LLP)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora(Build 7.8.9) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1797319538-611075417-2455431110-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1797319538-611075417-2455431110-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1797319538-611075417-2455431110-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1797319538-611075417-2455431110-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1797319538-611075417-2455431110-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1797319538-611075417-2455431110-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
ContextMenuHandlers1: [AVG9 Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} =>  -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2013-12-10] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\Winrar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\Winrar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2018-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\Winrar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {053CEF03-3534-4FDC-B9B7-25BECCD64CA7} - System32\Tasks\{FF5BA85E-9534-4A2B-B317-1B5BE1C6B74B} => C:\Windows\system32\pcalua.exe -a C:\Users\CANAIM~1\AppData\Local\Temp\jre-8u151-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {0C959C79-6996-4604-9145-988A74536B0D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {1D6E51C6-233F-4630-90C3-2745EB167109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {1E154FB7-12D7-4287-A789-42E4B7953441} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {20F32FAD-3CA6-47AE-9DA5-F1D347BF18D4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1797319538-611075417-2455431110-1000
Task: {2DC99929-565A-4DCA-B822-7C455A2B7277} - System32\Tasks\{63425911-82DA-4E85-9F2C-A415CB0F04D1} => "c:\program files\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.20.0.104&LastError=12002
Task: {2F784182-9550-48F3-AB99-98589D9289F9} - System32\Tasks\{E0824825-3A85-493A-ACE4-D6296B4B4AE4} => C:\Program Files\Plantas Contra Zombis\Desinstalar.exe () [File not signed]
Task: {38969392-D6A3-4DE8-92B0-62A15228D7F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6B19BCA2-937C-4049-AA0E-662030E023E3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6FB2CBD7-2775-416E-BDFB-CC3FE7CEFF2C} - System32\Tasks\{37D2017A-3A84-45BF-91B4-84449D4564D7} => C:\Windows\system32\pcalua.exe -a C:\Users\Canaimita\Downloads\jre-8u144-windows-i586-iftw.exe -d C:\Users\Canaimita\Downloads
Task: {75B66287-06B2-433E-BE64-468D8C5EE30C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7C608B44-13CB-42AB-96B2-775FFDEBC607} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {8F81404E-4E4A-4F3B-A9CC-EEF5FA4B6448} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {938A67D7-2277-4580-A61E-72597F4CA297} - System32\Tasks\{D0A7CC3E-B579-4180-A3A1-07D11E24B57E} => C:\Windows\system32\pcalua.exe -a C:\Users\Canaimita\Downloads\chromeinstall-8u144.exe -d C:\Users\Canaimita\Downloads
Task: {AA2BFAC4-59F8-47DD-B361-9BC0ADD919EE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B45A547D-5736-4920-8F46-5A65FE3D41AB} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {C6DE05A4-3AF2-4E01-A38F-088FF9944DF3} - System32\Tasks\{60326B13-6355-4996-8E80-B40DB6DEEB8C} => C:\Windows\system32\pcalua.exe -a C:\Users\Canaimita\Downloads\chromeinstall-8u101.exe -d C:\Users\Canaimita\Downloads
Task: {E8C3BE2F-B58D-49D8-B016-9AD819B1056C} - System32\Tasks\{DCBBBEC6-A5BE-4CA7-BE4E-B610D6FB1A7E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {F24F91A9-FCD3-4F40-A559-9750FF031C27} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Canaimita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Presearch.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 5" --app-id=cakppacehfeghjoiefiejlboennoajba
ShortcutWithArgument: C:\Users\Canaimita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ff13ca23fee04978\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Canaimita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Canaimita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) ==============

2019-03-25 11:35 - 2019-03-13 09:22 - 003084800 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 005139968 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 005010944 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 002950144 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 002234880 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 004571648 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000438272 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 001181184 _____ () C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000124928 _____ () C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000026112 _____ () C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000020992 _____ () C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000259584 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000729088 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000073216 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000179712 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000101888 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-03-25 11:35 - 2019-03-13 09:22 - 000035328 _____ () C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2018-12-04 15:50 - 2018-12-04 15:50 - 000120931 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\plug_ins\IA32.api
2018-12-04 15:50 - 2018-12-04 15:50 - 000449123 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\plug_ins\SaveAsRTF.api
2018-12-04 15:50 - 2018-12-04 15:50 - 000154211 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\plug_ins\Updater.api

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:04 - 2019-02-21 22:53 - 000000936 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 validation.sls.microsoft.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\7-Zip;C:\Program Files\Intel\OpenCL SDK\2.0\bin\x86
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Canaimita\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: Nokia Internet Modem => "C:\Program Files\Nokia\Nokia Internet Modem\WellPhone2.exe" /background

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{26A29E0E-32E3-486D-94E9-9863F8E0AE1B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2D82340E-98CB-4E35-B96C-6E90467E5039}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{36223344-4646-40C3-B016-6D8543C17257}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{DD00C7BC-B48F-4E85-A0A7-205DC49899EE}C:\users\canaimita\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\canaimita\appdata\roaming\telegram desktop\telegram.exe (Telegram Messenger LLP -> Telegram Messenger LLP)
FirewallRules: [UDP Query User{1664AEA1-B2BD-49F5-AEC5-C6831A38F9D3}C:\users\canaimita\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\canaimita\appdata\roaming\telegram desktop\telegram.exe (Telegram Messenger LLP -> Telegram Messenger LLP)
FirewallRules: [{996B16C9-2ABB-42D1-8BFC-C34FB4249AF0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{71D2FB0A-DFD3-4DBD-B017-ECEA1F9D6D3B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2D692A3D-C91F-41F2-9423-42351F021C42}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{2A046C42-B6C6-46C3-8F16-6DF89D21A226}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

25-03-2019 12:58:56 End of disinfection

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/25/2019 01:13:31 PM) (Source: ESENT) (EventID: 485) (User: )
Description: DllHost (5700) WebCacheLocal: Al intentar eliminar el archivo "C:\Users\Canaimita\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log" se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación de eliminación de archivo se cerrará con el error -1032 (0xfffffbf8).

Error: (03/25/2019 01:13:20 PM) (Source: ESENT) (EventID: 454) (User: )
Description: DllHost (5700) WebCacheLocal: Error inesperado al recuperar o restaurar la base de datos -551.

Error: (03/25/2019 01:13:20 PM) (Source: ESENT) (EventID: 517) (User: )
Description: DllHost (5700) WebCacheLocal: Error -551 al recuperar la base de datos: se encontraron referencias a la base de datos 'C:\Users\Canaimita\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat', que no coincide con el conjunto de registros actual. El motor de base de datos no permitirá que se complete la recuperación de esta instancia hasta que se restablezca la base de datos no coincidente. Si la base de datos ya no está disponible o no es necesaria, encontrará los procedimientos para recuperarse de este error en Microsoft Knowledge Base o en el vínculo "más información" en la parte inferior de este mensaje.

Error: (03/25/2019 01:13:20 PM) (Source: ESENT) (EventID: 465) (User: )
Description: DllHost (5700) WebCacheLocal: Se detectaron daños durante la recuperación parcial en el archivo de registro C:\Users\Canaimita\AppData\Local\Microsoft\Windows\WebCache\V01.log. El registro de suma de comprobación no válido se encuentra en la posición END. Los datos que no coinciden con el modelo de relleno del archivo de registro aparecen por primera vez en el sector 24 (0x00000018). El archivo de registro está dañado y no se puede utilizar.

Error: (03/25/2019 01:13:20 PM) (Source: ESENT) (EventID: 465) (User: )
Description: DllHost (5700) WebCacheLocal: Se detectaron daños durante la recuperación parcial en el archivo de registro C:\Users\Canaimita\AppData\Local\Microsoft\Windows\WebCache\V01.log. El registro de suma de comprobación no válido se encuentra en la posición END. Los datos que no coinciden con el modelo de relleno del archivo de registro aparecen por primera vez en el sector 24 (0x00000018). El archivo de registro está dañado y no se puede utilizar.

Error: (03/25/2019 01:13:19 PM) (Source: ESENT) (EventID: 465) (User: )
Description: DllHost (5700) WebCacheLocal: Se detectaron daños durante la recuperación parcial en el archivo de registro C:\Users\Canaimita\AppData\Local\Microsoft\Windows\WebCache\V01.log. El registro de suma de comprobación no válido se encuentra en la posición END. Los datos que no coinciden con el modelo de relleno del archivo de registro aparecen por primera vez en el sector 24 (0x00000018). El archivo de registro está dañado y no se puede utilizar.

Error: (03/25/2019 01:12:42 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner (4344) Al intentar abrir el archivo "C:\Users\Canaimita\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acceso de sólo lectura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).

Error: (03/25/2019 12:58:56 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {151b0cf1-b60f-4932-921d-0aab80439c2d}


System errors:
=============
Error: (03/25/2019 01:34:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom
VBoxNetAdp

Error: (03/25/2019 01:07:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom
VBoxNetAdp

Error: (03/25/2019 01:06:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio debido a un error en el inicio de sesión.

Error: (03/25/2019 01:06:37 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: El servicio WMPNetworkSvc no se pudo iniciarse como NT AUTHORITY\NetworkService con la contraseña configurada actualmente debido al siguiente error: 
Solicitud no compatible.


Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).

Error: (03/25/2019 01:06:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (03/25/2019 01:06:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (03/25/2019 11:55:42 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom
VBoxNetAdp

Error: (03/25/2019 11:51:15 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR4.


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU 847 @ 1.10GHz
Percentage of memory in use: 89%
Total physical RAM: 1871.73 MB
Available physical RAM: 199.92 MB
Total Virtual: 3743.47 MB
Available Virtual: 820.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:99.9 GB) (Free:54.7 GB) NTFS
Drive d: () (Fixed) (Total:198.09 GB) (Free:122.2 GB) NTFS

\\?\Volume{7e967944-0299-11e4-aeab-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 0007C321)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=198.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================ 

Hola

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\Run: [strdat] => C:\Windows\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {37d3b8e8-2593-11e4-9159-909d8a652722} - E:\DriverPackSolution.exe
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {46d9234c-5f5e-11e8-925b-00accd338151} - E:\Setup.exe
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {5ce6c020-177b-11e4-b345-95b3faf56722} - G:\application\Setup.exe
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {b5d4bb22-4a4f-11e9-898c-00accd338151} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {d48f6f32-6ccf-11e8-90fb-00accd338151} - F:\Setup.exe
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {f2055992-c3ea-11e8-9de3-00accd338151} - F:\Setup.exe
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\system32\tsccvid.dll [102400 2005-06-15] (TechSmith Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\73.0.61.52\Installer\chrmstp.exe [2019-03-21] (Brave Software, Inc.) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
URLSearchHook: HKU\S-1-5-21-1797319538-611075417-2455431110-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} -  No File
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: No Name -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
FF HKLM\...\Firefox\Extensions: [{3f963a5b-e555-4543-90e2-c3908898db71}] - C:\Program Files\AVG\AVG10\Firefox => not found
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll [2010-05-24] ( Microsoft Corporation) [File not signed]
CHR Extension: (Presearch) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cakppacehfeghjoiefiejlboennoajba [2018-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-22]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S4 IMFMBRProtect; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFMBRProtect.sys [X]
S4 IMFSafeBox; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFSafeBox.sys [X]
S4 IUFileFilter; \??\C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [X]
S3 NAVENG; \??\C:\Program Files\Norton AntiVirus\NortonData\22.8.0.50\Definitions\SDSDefs\20161202.009\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton AntiVirus\NortonData\22.8.0.50\Definitions\SDSDefs\20161202.009\NAVEX15.SYS [X]
2019-03-25 13:06 - 2018-04-15 21:32 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-03-25 13:06 - 2018-04-15 20:35 - 000000000 ____D C:\Users\Canaimita\AppData\LocalLow\IObit
2019-03-25 13:06 - 2018-04-15 20:33 - 000000000 ____D C:\Users\Canaimita\AppData\Roaming\IObit
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
ContextMenuHandlers1: [AVG9 Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} =>  -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} =>  -> No File
Task: {053CEF03-3534-4FDC-B9B7-25BECCD64CA7} - System32\Tasks\{FF5BA85E-9534-4A2B-B317-1B5BE1C6B74B} => C:\Windows\system32\pcalua.exe -a C:\Users\CANAIM~1\AppData\Local\Temp\jre-8u151-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {2F784182-9550-48F3-AB99-98589D9289F9} - System32\Tasks\{E0824825-3A85-493A-ACE4-D6296B4B4AE4} => C:\Program Files\Plantas Contra Zombis\Desinstalar.exe () [File not signed]
Task: {7C608B44-13CB-42AB-96B2-775FFDEBC607} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {B45A547D-5736-4920-8F46-5A65FE3D41AB} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
ShortcutWithArgument: C:\Users\Canaimita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Presearch.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 5" --app-id=cakppacehfeghjoiefiejlboennoajba

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola buenas tardes, disculpa la demora, se fue la luz y llego justo horita, tendría que seguir el procedimiento con delfix o comenzar de cero?

Hola

Realiza solo las indicaciones de mi última respuesta.

Un saludo


Fix result of Farbar Recovery Scan Tool (x86) Version: 17-03-2019
Ran by Canaimita (28-03-2019 01:04:09) Run:1
Running from C:\Users\Canaimita\Desktop
Loaded Profiles: Canaimita (Available Profiles: Canaimita)
Boot Mode: Safe Mode (minimal)

==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\Run: [strdat] => C:\Windows\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {37d3b8e8-2593-11e4-9159-909d8a652722} - E:\DriverPackSolution.exe
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {46d9234c-5f5e-11e8-925b-00accd338151} - E:\Setup.exe
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {5ce6c020-177b-11e4-b345-95b3faf56722} - G:\application\Setup.exe
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {b5d4bb22-4a4f-11e9-898c-00accd338151} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {d48f6f32-6ccf-11e8-90fb-00accd338151} - F:\Setup.exe
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {f2055992-c3ea-11e8-9de3-00accd338151} - F:\Setup.exe
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\system32\tsccvid.dll [102400 2005-06-15] (TechSmith Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\73.0.61.52\Installer\chrmstp.exe [2019-03-21] (Brave Software, Inc.) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
URLSearchHook: HKU\S-1-5-21-1797319538-611075417-2455431110-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} -  No File
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: No Name -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
FF HKLM\...\Firefox\Extensions: [{3f963a5b-e555-4543-90e2-c3908898db71}] - C:\Program Files\AVG\AVG10\Firefox => not found
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll [2010-05-24] ( Microsoft Corporation) [File not signed]
CHR Extension: (Presearch) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cakppacehfeghjoiefiejlboennoajba [2018-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-22]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S4 IMFMBRProtect; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFMBRProtect.sys [X]
S4 IMFSafeBox; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFSafeBox.sys [X]
S4 IUFileFilter; \??\C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [X]
S3 NAVENG; \??\C:\Program Files\Norton AntiVirus\NortonData\22.8.0.50\Definitions\SDSDefs\20161202.009\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton AntiVirus\NortonData\22.8.0.50\Definitions\SDSDefs\20161202.009\NAVEX15.SYS [X]
2019-03-25 13:06 - 2018-04-15 21:32 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-03-25 13:06 - 2018-04-15 20:35 - 000000000 ____D C:\Users\Canaimita\AppData\LocalLow\IObit
2019-03-25 13:06 - 2018-04-15 20:33 - 000000000 ____D C:\Users\Canaimita\AppData\Roaming\IObit
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
ContextMenuHandlers1: [AVG9 Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} =>  -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} =>  -> No File
Task: {053CEF03-3534-4FDC-B9B7-25BECCD64CA7} - System32\Tasks\{FF5BA85E-9534-4A2B-B317-1B5BE1C6B74B} => C:\Windows\system32\pcalua.exe -a C:\Users\CANAIM~1\AppData\Local\Temp\jre-8u151-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {2F784182-9550-48F3-AB99-98589D9289F9} - System32\Tasks\{E0824825-3A85-493A-ACE4-D6296B4B4AE4} => C:\Program Files\Plantas Contra Zombis\Desinstalar.exe () [File not signed]
Task: {7C608B44-13CB-42AB-96B2-775FFDEBC607} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {B45A547D-5736-4920-8F46-5A65FE3D41AB} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
ShortcutWithArgument: C:\Users\Canaimita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Presearch.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 5" --app-id=cakppacehfeghjoiefiejlboennoajba

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully.
"HKU\S-1-5-21-1797319538-611075417-2455431110-1000\Software\Microsoft\Windows\CurrentVersion\Run\\strdat" => removed successfully.
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37d3b8e8-2593-11e4-9159-909d8a652722} => removed successfully.
HKLM\Software\Classes\CLSID\{37d3b8e8-2593-11e4-9159-909d8a652722} => not found
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46d9234c-5f5e-11e8-925b-00accd338151} => removed successfully.
HKLM\Software\Classes\CLSID\{46d9234c-5f5e-11e8-925b-00accd338151} => not found
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ce6c020-177b-11e4-b345-95b3faf56722} => removed successfully.
HKLM\Software\Classes\CLSID\{5ce6c020-177b-11e4-b345-95b3faf56722} => not found
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5d4bb22-4a4f-11e9-898c-00accd338151} => removed successfully.
HKLM\Software\Classes\CLSID\{b5d4bb22-4a4f-11e9-898c-00accd338151} => not found
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d48f6f32-6ccf-11e8-90fb-00accd338151} => removed successfully.
HKLM\Software\Classes\CLSID\{d48f6f32-6ccf-11e8-90fb-00accd338151} => not found
HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f2055992-c3ea-11e8-9de3-00accd338151} => removed successfully.
HKLM\Software\Classes\CLSID\{f2055992-c3ea-11e8-9de3-00accd338151} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FMVC" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\vidc.dvsd" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\vidc.tscc" => removed successfully.
HKLM\Software\Microsoft\Active Setup\Installed Components\{AFE6A462-C574-4B8A-AF43-4CC60DF4563B} => removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
"HKU\S-1-5-21-1797319538-611075417-2455431110-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully.
HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5} => removed successfully.
HKLM\Software\Classes\CLSID\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5} => not found
"HKLM\Software\Mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}" => removed successfully.
HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer => removed successfully.
HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0 => removed successfully.
CHR Extension: (Presearch) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cakppacehfeghjoiefiejlboennoajba [2018-11-18] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-22] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\cpuz143 => removed successfully.
cpuz143 => service removed successfully.
HKLM\System\CurrentControlSet\Services\IMFMBRProtect => removed successfully.
IMFMBRProtect => service removed successfully.
HKLM\System\CurrentControlSet\Services\IMFSafeBox => removed successfully.
IMFSafeBox => service removed successfully.
HKLM\System\CurrentControlSet\Services\IUFileFilter => removed successfully.
IUFileFilter => service removed successfully.
HKLM\System\CurrentControlSet\Services\NAVENG => removed successfully.
NAVENG => service removed successfully.
HKLM\System\CurrentControlSet\Services\NAVEX15 => removed successfully.
NAVEX15 => service removed successfully.
C:\Program Files\Common Files\IObit => moved successfully
C:\Users\Canaimita\AppData\LocalLow\IObit => moved successfully
C:\Users\Canaimita\AppData\Roaming\IObit => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AIMP => removed successfully.
HKLM\Software\Classes\CLSID\{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AVG9 Shell Extension => removed successfully.
HKLM\Software\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully.
HKLM\Software\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully.
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{053CEF03-3534-4FDC-B9B7-25BECCD64CA7}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{053CEF03-3534-4FDC-B9B7-25BECCD64CA7}" => removed successfully.
C:\Windows\System32\Tasks\{FF5BA85E-9534-4A2B-B317-1B5BE1C6B74B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FF5BA85E-9534-4A2B-B317-1B5BE1C6B74B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F784182-9550-48F3-AB99-98589D9289F9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F784182-9550-48F3-AB99-98589D9289F9}" => removed successfully.
C:\Windows\System32\Tasks\{E0824825-3A85-493A-ACE4-D6296B4B4AE4} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E0824825-3A85-493A-ACE4-D6296B4B4AE4}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C608B44-13CB-42AB-96B2-775FFDEBC607}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C608B44-13CB-42AB-96B2-775FFDEBC607}" => removed successfully.
C:\Windows\System32\Tasks\BraveSoftwareUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BraveSoftwareUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B45A547D-5736-4920-8F46-5A65FE3D41AB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B45A547D-5736-4920-8F46-5A65FE3D41AB}" => removed successfully.
C:\Windows\System32\Tasks\BraveSoftwareUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BraveSoftwareUpdateTaskMachineCore" => removed successfully.
C:\Users\Canaimita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Presearch.lnk => Shortcut argument removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-1797319538-611075417-2455431110-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => removed successfully.
"HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-1797319538-611075417-2455431110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34552862 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 21841568 B
Edge => 0 B
Chrome => 41121937 B
Firefox => 11368275 B
Opera => 1317590 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 8538249 B
LocalService => 132244 B
NetworkService => 68148 B
Canaimita => 16976864 B

RecycleBin => 1360958450 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 01:06:35 ====

Hola

Como sigue el problema.

Un saludo

Hola, aún sigue apareciendo el mismo error al iniciar sesión.

Saludos

Hola

Reinicia un par de veces el equipo y si continúa el problema, vuelve a analizar con Frst como te indiqué la primera vez y traes los reportes.

Un saludo

Reinicié varias veces mi laptop, si funcionó, ya no aparece ese mensaje molesto al iniciar, que tenía mi laptop? ¿qué archivos debo conservar?

Hola @Barbara_Luque

Puedes dejar en tu equipo Malwarebytes y Ccleaner instalados.

Sigue estos pasos, para eliminar las demás herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Nos comentas si sigue todo bien.

Un saludo

Debo conservar los informes?

Hola

Al utilizar Delfix se eliminarán los reportes junto con los programas.

Un saludo

Hola, muchas gracias por ayudarme… no tenía internet, por eso no había respondido