Error en una dll que afecta todo

Hola @WALLY

Dinos que versión de Office tienes instalado actualmente?

Ademas tu Office es legal?

Nos comentas.

Salu2

De partida desintale el OFFice durate mucho tiempo funciono de lujo y no , no era legal de repente de un momento a otro dejo de trabajar , lo desintale pero el problema sigue (el el office 2016)

Hola @WALLY:

No instales Office aun, no por el momento.


Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos:

CCleaner

Usando su opción Limpiador y Registro de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
  • NO necesitamos este reporte

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado. Seleccionas "Todas las Unidades"
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Luego de reiniciar:

Desactiva temporalmente tu antivirus nuevamente y cualquier programa de seguridad.

5.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abriran dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

6.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2.

Hola @WALLY

El reporte de Malwarebytes menciona:

Sin acciones por parte del usuario

Lee su Manual, especialmente donde indica como eliminar las infecciones detectadas ya que tienes muchas y aun siguen en tu equipo.

Salu2

Bueno realice todo otra vez , pase vaias veces el Malwarebytes, hasta que me dijo que no habia nada y despues ejecute el otro, posteo los resultados

Malwarebytes
www.malwarebytes.com
(sistema limpio)
____________________

Hola @WALLY

Lamentablemente los reportes están mal pegados, se hace muy difícil analizar los mismos, para no confundirnos los elimine.

Cuando tu seleccionas todo el texto presionas en la comilla " (citar) cuando en realidad debes presionar en la etiqueta de texto preformateado </>

Revisa nuevamente el tema:

Guía : ¿Como Pegar reportes en el Foro?

Y si aun no te das cuenta solo copia y pega que luego yo lo edito, así podremos avanzar.

Salu2

Sorry por el despiste

   Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-05-2019
Ran by walter (administrator) on WALTER-PC (ECS GF7100/7050PVT-M3) (24-05-2019 15:00:44)
Running from C:\Users\walter\Desktop
Loaded Profiles: walter & UpdatusUser &  (Available Profiles: walter & UpdatusUser & Invitado)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis, Inc -> ) C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Arcai.com) [File not signed] C:\Program Files\netcut\services\aips.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Update\Install\{49AB1E3C-2C61-4634-ABAA-1917A5986021}\DropboxClient_73.4.118.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Mega Limited -> Mega Limited) C:\Users\walter\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTel\diagtrackrunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\v114_ECS_D_6207.2V7_6099.8xp_G2.0V_RC_SDC\WDM\stacsv.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [5537600 2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [450667 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [225672 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704224\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [1545216 2015-09-02] () [File not signed]
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3193159865-2815699795-1142240979-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145707266\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [1545216 2015-09-02] () [File not signed]
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [1545216 2015-09-02] () [File not signed]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\system32\tsccvid.dll [602624 2014-11-11] (TechSmith Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [vidc.tsc2] => C:\Windows\system32\tsc2_codec32.dll [234496 2014-08-27] (TechSmith Corporation) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-23] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-03-08]
ShortcutTarget: MEGAsync.lnk -> C:\Users\walter\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01A59CCC-A585-4189-9603-53867104211A} - System32\Tasks\Driver Booster SkipUAC (walter) => C:\Program Files\IObit\Driver Booster\5.3.0\DriverBooster.exe
Task: {07784A53-AAF2-44B1-BECE-AECF6302DF9C} - \OperaUpdateService -> No File <==== ATTENTION
Task: {0A6468B5-80B8-4556-B8D5-28BEE0DDDCFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-17] (Google Inc -> Google Inc.)
Task: {114429B2-BA48-40B1-BB70-6BA4DAD41D64} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-05-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {22D7B07A-FFDA-41E7-A08A-EACBC04462F1} - System32\Tasks\{52FEBD89-FBA4-449E-ACF6-50964B215D16} => msiexec.exe /package "C:\Users\walter\Desktop\Passware.Passware.Kit.Forensic.v13.5.8557.REPACK-BRD\Passware.Passware.Kit.Forensic.v13.5.8557.REPACK-BRD\passware-kit-forensic-32bit.msi"
Task: {2309619D-F02A-428C-85C8-148C4520A8B6} - System32\Tasks\ioloTUDsDownloader => C:\Program Files\Common Files\Phoenix360\ActiveCore\activebridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {236633DD-5F9F-4B3B-B3AF-EAB9BA494B24} - System32\Tasks\Opera scheduled Autoupdate 1535737370 => C:\Users\walter\AppData\Local\Programs\Opera\launcher.exe
Task: {2DA390BB-6F5F-447B-B365-73845EDEBF59} - System32\Tasks\{C87AB4CA-1F6E-4E8F-B93C-15AAEAE93580} => C:\Windows\system32\pcalua.exe -a "C:\Users\walter\Downloads\Compressed\Cursor_Installer\Cursor Installer.exe" -d C:\Users\walter\Downloads\Compressed\Cursor_Installer
Task: {32FF3E71-5F16-461C-8344-75A83AB8CAC6} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {3B0DD3DD-C7A1-4221-BA81-D3CCD22D7321} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3C35D1BA-7EF8-4D00-B944-EFDD2C1D9911} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {45DD7267-F62B-4FAA-BA95-87587F6648EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5DA1009A-015C-49C0-B1BD-B08C11301138} - System32\Tasks\GU5SkipUAC => C:\Program Files\Glary Utilities 5\Integrator.exe [897528 2017-06-29] (Glarysoft LTD -> Glarysoft Ltd)
Task: {6660F89E-AA6D-4E1B-9131-5FA119C11A57} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_walter => C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [5458008 2018-07-17] (Janos Mathe -> H.D.S. Hungary)
Task: {6A60BAFF-1FE5-4D17-8BE4-C1E8726E8A17} - System32\Tasks\ActiveSync-SystemMechanic => C:\Program Files\Common Files\Phoenix360\ActiveCore\activebridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {7B4E731E-0B25-4875-BCBD-4C8F64958A47} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1983376 2019-04-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {8058733E-1769-4FE9-8BC1-D7CDA850AB09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-17] (Google Inc -> Google Inc.)
Task: {85188087-71DA-40B9-88C2-21DED51433A9} - System32\Tasks\Opera scheduled assistant Autoupdate 1547735215 => C:\Users\walter\AppData\Local\Programs\Opera\launcher.exe
Task: {8A95F761-04CD-482A-B3CC-C36935A0B15B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3193159865-2815699795-1142240979-1000 => C:\Users\walter\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-02-19] (Mega Limited -> Mega Limited)
Task: {AF0CC4C5-7851-4AB8-BF07-F015FF540C11} - System32\Tasks\ioloAVDefsDownloader => C:\Program Files\Phoenix360\System Mechanic\SSDefs.exe [136928 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {AF1E1DD1-BD40-4415-AA74-480623C94119} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [1454592 2019-05-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B1C36431-8593-4506-B64A-B46764920DC2} - System32\Tasks\ActiveMessenger-SystemMechanic => C:\Program Files\Common Files\Phoenix360\ActiveCore\ActiveBridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {B28B9B36-DB2B-4445-9C54-043F1E054BB2} - System32\Tasks\AdobeGCInvoker-1.0-walter-PC-walter => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {B5412D51-22AF-457A-858B-DF8DA15D4E93} - System32\Tasks\{249DCE56-AFA6-4686-BD3A-B8052881FB3D} => C:\Windows\system32\pcalua.exe -a J:\Setup.exe -d J:\
Task: {B8CDB082-F74E-444E-A662-9EC509D5CD7E} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [134648 2017-06-29] (Glarysoft LTD -> Glarysoft Ltd)
Task: {C1FCB802-7CA2-434D-B95F-9E5FE8AC2BFA} - System32\Tasks\ioloSystemShield => C:\Program Files\Phoenix360\System Mechanic\SSTray.exe [655520 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {D59B049B-6A34-474A-8F73-5F5C300CACED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1951312 2019-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {D8205082-44FE-4901-8F33-B14DBC41E54B} - System32\Tasks\ioloActiveCare => C:\Program Files\Phoenix360\System Mechanic\systemmechanic.exe [2403568 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {DE0D1019-EFAF-462E-9833-8816B4BEE198} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2385800 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {E6E161FE-4D95-4525-8EBC-5DB590348769} - System32\Tasks\{A0D2A674-A307-4641-950C-55F1306EC06B} => C:\Users\walter\Desktop\Cool Edit Pro 2.1\Cool Edit Pro 2.1.exe
Task: {FA42F638-5940-4E2F-9C8D-6C1EABCC414F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FE367E9D-87DF-4EBA-A032-0D5737F0983F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{3100BEF9-6842-40A2-AC20-26F7B775D9E3}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{A1027262-0F84-4B8B-A726-084E896FEB10}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000 -> {87A6A1F2-3D80-47D5-8295-F35B7D64E501} URL = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754 -> {87A6A1F2-3D80-47D5-8295-F35B7D64E501} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_192\bin\ssv.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_192\bin\jp2ssv.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368 [2019-05-24]
FF user.js: detected! => C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\user.js [2019-04-26]
FF Homepage: Mozilla\Firefox\Profiles\li04kydz.default-1490757013368 -> hxxps://www.google.cl/
FF Extension: (Custom Google Visited Link Color) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2018-04-29]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2019-05-14]
FF Extension: (Rotate and Zoom Image) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2018-01-18]
FF Extension: (HTTP Directory Downloader) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2019-04-09]
FF Extension: (S3.Translator) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2018-11-18]
FF Extension: (Google Translator for Firefox) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2018-12-02]
FF Extension: (Editor de documentos de Word) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\{51a33be5-1547-4a87-969e-dfea5ad04b7d}.xpi [2019-05-19]
FF Extension: (Flash Video Downloader) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\{a1be3447-d87d-409b-8721-d895935f65b8}.xpi [2019-05-17]
FF Extension: (Easy Video Downloader) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\{cd04e15e-6b23-4648-860d-0057602a5c2a}.xpi [2019-05-17]
FF Extension: (Baidu Search Update) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\features\{85983bc9-7083-4aae-b58c-3af109c22fdf}\[email protected] [2019-05-04]
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Firefox\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc3.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\SeaMonkey\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc2.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\walter\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\walter\AppData\Roaming\IDM\idmmzcc5 [2019-01-08] [Legacy] [not signed]
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\Firefox\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc3.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\SeaMonkey\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc2.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\walter\AppData\Roaming\IDM\idmmzcc5
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_122.dll [2019-05-18] (Adobe Systems Incorporated -> )
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.192.2 -> C:\Program Files\Java\jre1.8.0_192\bin\dtplugin\npDeployJava1.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.192.2 -> C:\Program Files\Java\jre1.8.0_192\bin\plugin2\npjp2.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @wolfram.com/Mathematica -> C:\Program Files\Common Files\Wolfram Research\Browser\10.4.1.5514075\npmathplugin.dll [2016-04-11] (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\walter\AppData\Local\Google\Chrome\User Data\Default [2019-05-19]
CHR Extension: (Chameleon) - C:\Users\walter\AppData\Local\Google\Chrome\User Data\Default\Extensions\acdpiemklcfaoglpjmidpjdbhkgdoede [2019-01-08]
CHR Extension: (Video Downloader professional) - C:\Users\walter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeeajafchghccbnppaimjhhfpejabole [2019-01-08]
CHR Extension: (Yahoo Partner) - C:\Users\walter\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdbpcigaolookbahgdofnimidinicfid [2018-10-26]
CHR Extension: (GetThemAll) - C:\Users\walter\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhkjfciooifcflkailbnchdaihccdebf [2019-01-08]
CHR Extension: (Avast Online Security) - C:\Users\walter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-05]
CHR Extension: (Video Downloader professional) - C:\Users\walter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpaglkhbmbmhlnpnehlffkgaaapoicnk [2019-04-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\walter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\walter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-12]
CHR HKLM\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Temp\~sfx00001228\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AIPS; C:\Program Files\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5398416 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [466280 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43856 2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] (NVIDIA Corporation -> )
R2 FoxitPhantomService; C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1647808 2016-06-21] (Foxit Software Incorporated -> Foxit Software Inc.)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [97824 2018-01-11] (INTERNET PROJECT LLC -> Freemake)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [154432 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] (NVIDIA Corporation -> )
R2 OS Selector; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400 2010-05-25] (Acronis, Inc -> )
S3 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient.exe [3499576 2017-07-02] (SoftEther K.K. -> SoftEther VPN Project at University of Tsukuba, Japan.)
R2 STacSV; c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe [217185 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11791704 2019-03-18] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75200 2018-03-24] (Alcorlink Corp. -> Alcorlink Corp.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34720 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [172424 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [220128 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [158240 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [255360 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [51264 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [194680 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40904 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [138480 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101200 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73008 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783232 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403408 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [165464 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312464 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [29872 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [10804 2005-04-30] (IVT Corporation) [File not signed]
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [23000 2005-05-31] (IVT Corporation) [File not signed]
S3 BTHidEnum; C:\Windows\System32\DRIVERS\vbtenum.sys [11860 2005-04-30] () [File not signed]
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation) [File not signed]
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [299024 2012-04-09] (EldoS Corporation -> EldoS Corporation)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider)
R3 DFX12; C:\Windows\System32\drivers\dfx12.sys [26104 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.) [File not signed]
R3 DLKRTE32; C:\Windows\System32\DRIVERS\DLKRTE32.sys [399360 2011-08-04] (Microsoft Windows Hardware Compatibility Publisher -> D-Link Corp. )
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation -> EldoS Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [21496 2016-01-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [50728 2017-04-22] (NTONYX Ltd. -> Eugene V. Muzychenko)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FETND62; C:\Windows\System32\DRIVERS\DLF62X86.SYS [45568 2009-11-23] (Microsoft Windows Hardware Compatibility Publisher -> D-Link )
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (Microsoft Windows -> VIA Technologies, Inc. )
R3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [20480 2018-09-06] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gMouUsb; C:\Windows\System32\DRIVERS\gMouUsb.sys [11520 2018-08-15] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 GridinSoftInetSecurityDriver; C:\Windows\System32\DRIVERS\gsInetSecurity.sys [81160 2018-01-05] (GridinSoft, LLC -> GridinSoft LLC)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2017-03-24] (Glarysoft Ltd -> Glarysoft Ltd)
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)
R2 Haspnt; C:\Windows\system32\drivers\Haspnt.sys [47616 2018-01-04] (Aladdin Knowledge Systems) [File not signed]
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [38224 2018-11-04] (SurfRight B.V. -> )
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-11-12] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [25120 2017-03-17] (IObit Information Technology -> IObit.com)
S3 IMFDownProtect; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFDownProtect.sys [20336 2017-03-08] (IObit Information Technology -> IObit.com)
S3 IMFFilter; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\IMFFilter.sys [21392 2017-01-06] (IObit Information Technology -> IObit)
S3 IMFForceDelete; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFForceDelete.sys [14168 2017-03-17] (IObit Information Technology -> IObit.com)
S3 ksapi; C:\Windows\system32\drivers\ksapi.sys [81768 2015-11-22] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [173512 2019-05-23] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [107168 2019-05-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64088 2019-05-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [241760 2019-05-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [87280 2019-05-24] (Malwarebytes Corporation -> Malwarebytes)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0023.sys [26208 2017-07-02] (SoftEther K.K. -> SoftEther VPN Project at University of Tsukuba, Japan.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2016-11-24] (MiniTool Solution Ltd -> )
S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32192 2016-12-15] (IObit Information Technology -> IObit.com)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [6528848 2019-01-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2013-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2013-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
S3 snpstd; C:\Windows\System32\DRIVERS\snpstd.sys [390784 2006-05-03] () [File not signed]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2011-02-08] (Samsung Electronics) [File not signed]
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt.sys [407552 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tpg86win7; C:\Windows\System32\DRIVERS\tpg86win7.sys [491112 2012-02-22] (Realtek Semiconductor Corp -> TP-LINK TECHNOLOGIES CO., LTD)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [27408 2018-01-05] (GridinSoft, LLC -> Windows (R) Win 7 DDK provider)
U1 aswbdisk; no ImagePath
S3 catchme; \??\F:\Temp\catchme.sys [X]
S3 cpuz140; \??\F:\Temp\cpuz140\cpuz140_x32.sys [X]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S1 dsbwncfk; \??\C:\Windows\System32\drivers\dsbwnck.sys [X]
U0 Partizan; no ImagePath

==================== NetSvcs (Whitelisted) ===================

Hola @WALLY

Una consulta:

Error: (05/24/2019 02:58:09 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: walter-PC) Description: Windows no encuentra el perfil local y está iniciando la sesión con un perfil temporal. Los cambios que se efectúen en este perfil se perderán cuando se cierre la sesión.

Tienes tu perfil de usuario en Windows? O es un perfil temporal como menciona el error.


1.- Desinstala con Revo Uninstaller en su Modo Avanzado:

Driver Booster, Iobit Malware Fighter, Office 2016 KMS Activator Ultimate v1.2 Final**

Manual de Revo Uninstaller.

2.- Luego sigue estos pasos:

Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

3.- Desactiva Temporalmente tu antivirus.

4.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {07784A53-AAF2-44B1-BECE-AECF6302DF9C} - \OperaUpdateService -> No File <==== ATTENTION
Task: {7B4E731E-0B25-4875-BCBD-4C8F64958A47} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1983376 2019-04-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {B5412D51-22AF-457A-858B-DF8DA15D4E93} - System32\Tasks\{249DCE56-AFA6-4686-BD3A-B8052881FB3D} => C:\Windows\system32\pcalua.exe -a J:\Setup.exe -d J:\
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000 -> {87A6A1F2-3D80-47D5-8295-F35B7D64E501} URL = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754 -> {87A6A1F2-3D80-47D5-8295-F35B7D64E501} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_192\bin\ssv.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_192\bin\jp2ssv.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Extension: (Baidu Search Update) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\features\{85983bc9-7083-4aae-b58c-3af109c22fdf}\[email protected] [2019-05-04]
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Firefox\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc3.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\SeaMonkey\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc2.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\Firefox\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc3.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\SeaMonkey\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc2.xpi => not found
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR HKLM\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Temp\~sfx00001228\IDMGCExt.crx <not found>
S3 catchme; \??\F:\Temp\catchme.sys [X]
S3 cpuz140; \??\F:\Temp\cpuz140\cpuz140_x32.sys [X]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S1 dsbwncfk; \??\C:\Windows\System32\drivers\dsbwnck.sys [X]
U0 Partizan; no ImagePath
2019-05-24 14:55 - 2018-01-04 00:05 - 008405015 _____ C:\Windows\hlktmp
2019-05-13 21:30 - 2019-05-13 21:32 - 000000000 ____D C:\Users\TEMP.walter-PC.002
2019-05-18 19:47 - 2018-11-04 18:39 - 000000000 ____D C:\Program Files\Avira
2019-05-18 19:45 - 2018-11-08 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-05-18 19:45 - 2018-11-04 18:39 - 000000000 ____D C:\ProgramData\Avira
2019-05-18 13:36 - 2016-07-14 02:00 - 000000000 ____D C:\Program Files\Microsoft Office
2019-04-26 20:20 - 2019-03-09 22:41 - 000000000 ____D C:\Users\TEMP.walter-PC.000
2019-03-17 16:07 - 2019-03-17 16:07 - 007895040 _____ () C:\Program Files\GUT1863.tmp
2018-07-07 00:09 - 2018-07-07 00:09 - 000000000 _____ () C:\Users\walter\AppData\Local\aGTBYvlZAHrDQlIH.exe.txt
2018-08-16 23:16 - 2018-08-16 23:16 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT10A.tmp
2019-03-17 16:16 - 2019-03-17 16:16 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT146B.tmp
2018-08-25 15:51 - 2018-08-25 15:51 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT1506.tmp
2018-08-25 15:51 - 2018-08-25 15:51 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT1583.tmp
2019-03-01 15:28 - 2019-03-01 15:28 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT1610.tmp
2019-04-16 21:55 - 2019-04-16 21:55 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT1AD0.tmp
2019-03-21 21:09 - 2019-03-21 21:09 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT1C7A.tmp
2019-04-09 22:34 - 2019-04-09 22:34 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT2AF6.tmp
2017-07-02 21:28 - 2017-07-02 21:28 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT2D59.tmp
2019-04-07 09:02 - 2019-04-07 09:02 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT3DF9.tmp
2019-05-05 10:19 - 2019-05-05 10:19 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT4692.tmp
2018-01-30 09:12 - 2018-01-30 09:12 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT59.tmp
2019-05-16 19:51 - 2019-05-16 19:51 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT5ADB.tmp
2019-04-09 22:35 - 2019-04-09 22:35 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT6A57.tmp
2019-03-27 08:45 - 2019-03-27 08:45 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT7741.tmp
2018-08-16 23:15 - 2018-08-16 23:15 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT7AF9.tmp
2019-04-07 09:03 - 2019-04-07 09:03 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT7F3E.tmp
2018-12-28 12:30 - 2018-12-28 12:30 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT933.tmp
2017-07-02 20:58 - 2017-07-02 20:58 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT9404.tmp
2017-07-02 20:58 - 2017-07-02 20:58 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT950E.tmp
2019-05-16 19:51 - 2019-05-16 19:51 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT96B4.tmp
2019-05-05 10:18 - 2019-05-05 10:18 - 000000000 _____ () C:\Users\walter\AppData\Local\BITA063.tmp
2019-03-21 21:06 - 2019-03-21 21:06 - 000000000 _____ () C:\Users\walter\AppData\Local\BITA0FF.tmp
2018-12-23 17:01 - 2018-12-23 17:01 - 000000000 _____ () C:\Users\walter\AppData\Local\BITA4E6.tmp
2019-04-25 22:16 - 2019-04-25 22:16 - 000000000 _____ () C:\Users\walter\AppData\Local\BITB3C4.tmp
2019-03-21 21:07 - 2019-03-21 21:07 - 000000000 _____ () C:\Users\walter\AppData\Local\BITDAB5.tmp
2019-03-24 18:48 - 2019-03-24 18:48 - 000000000 _____ () C:\Users\walter\AppData\Local\BITDAD3.tmp
2019-03-17 16:15 - 2019-03-17 16:15 - 000000000 _____ () C:\Users\walter\AppData\Local\BITDAF3.tmp
2019-03-01 15:28 - 2019-03-01 15:28 - 000000000 _____ () C:\Users\walter\AppData\Local\BITDB7F.tmp
2019-03-21 21:09 - 2019-03-21 21:09 - 000000000 _____ () C:\Users\walter\AppData\Local\BITE0E0.tmp
2018-12-23 16:59 - 2018-12-23 16:59 - 000000000 _____ () C:\Users\walter\AppData\Local\BITF69D.tmp
2017-07-02 21:01 - 2017-07-02 21:01 - 000000000 _____ () C:\Users\walter\AppData\Local\BITFA88.tmp
2017-07-02 21:01 - 2017-07-02 21:01 - 000000000 _____ () C:\Users\walter\AppData\Local\BITFAD7.tmp
2018-12-28 12:30 - 2018-12-28 12:30 - 000000000 _____ () C:\Users\walter\AppData\Local\BITFC9.tmp
2017-07-02 21:28 - 2017-07-02 21:28 - 000000000 _____ () C:\Users\walter\AppData\Local\BITFE1C.tmp
Avira (HKLM\...\{2504137A-5E42-4340-8F34-2086B49FBD1A}) (Version: 1.2.133.21088 - Avira Operations GmbH & Co. KG) Hidden
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers3: [DLLRegSvr] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
AlternateDataStreams: C:\ProgramData\TEMP:EC2E1DEC [456]
FirewallRules: [{62F3A5E0-7654-40E5-B457-EA9D23D809E7}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\DriverBooster.exe No File
FirewallRules: [{EE6C2C26-2810-4311-8B7D-763460A85F26}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\DriverBooster.exe No File
FirewallRules: [{12DAB7A6-7D4E-4EBA-8F8B-E03F12B43DFA}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\DBDownloader.exe No File
FirewallRules: [{DF93A177-ABEF-43A3-9468-513375022B6A}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\DBDownloader.exe No File
FirewallRules: [{6E292B05-EC9A-4C80-A5EA-9247B049D6A8}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\AutoUpdate.exe No File
FirewallRules: [{10E06301-34CC-4819-BE89-1755D2A4E6C9}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\AutoUpdate.exe No File
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Luego de reiniciar, nos comentas si el problema persiste.

Salu2.

Con respecto a mi perfil , si es que lo entiendo bien , esta correcto pero ocurre que win cada ciertos momentos se traba desaparecen todos los iconos y vuelve. Esto aparece en usuarios

00

Fix result of Farbar Recovery Scan Tool (x86) Version: 19-05-2019
Ran by walter (24-05-2019 22:50:18) Run:1
Running from C:\Users\walter\Desktop
Loaded Profiles: walter & UpdatusUser & Invitado (Available Profiles: walter & UpdatusUser & Invitado)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {07784A53-AAF2-44B1-BECE-AECF6302DF9C} - \OperaUpdateService -> No File <==== ATTENTION
Task: {7B4E731E-0B25-4875-BCBD-4C8F64958A47} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1983376 2019-04-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {B5412D51-22AF-457A-858B-DF8DA15D4E93} - System32\Tasks\{249DCE56-AFA6-4686-BD3A-B8052881FB3D} => C:\Windows\system32\pcalua.exe -a J:\Setup.exe -d J:\
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000 -> {87A6A1F2-3D80-47D5-8295-F35B7D64E501} URL = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754 -> {87A6A1F2-3D80-47D5-8295-F35B7D64E501} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_192\bin\ssv.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_192\bin\jp2ssv.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Extension: (Baidu Search Update) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\features\{85983bc9-7083-4aae-b58c-3af109c22fdf}\[email protected] [2019-05-04]
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Firefox\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc3.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\SeaMonkey\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc2.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\Firefox\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc3.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\SeaMonkey\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc2.xpi => not found
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR HKLM\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Temp\~sfx00001228\IDMGCExt.crx <not found>
S3 catchme; \??\F:\Temp\catchme.sys [X]
S3 cpuz140; \??\F:\Temp\cpuz140\cpuz140_x32.sys [X]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S1 dsbwncfk; \??\C:\Windows\System32\drivers\dsbwnck.sys [X]
U0 Partizan; no ImagePath
2019-05-24 14:55 - 2018-01-04 00:05 - 008405015 _____ C:\Windows\hlktmp
2019-05-13 21:30 - 2019-05-13 21:32 - 000000000 ____D C:\Users\TEMP.walter-PC.002
2019-05-18 19:47 - 2018-11-04 18:39 - 000000000 ____D C:\Program Files\Avira
2019-05-18 19:45 - 2018-11-08 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-05-18 19:45 - 2018-11-04 18:39 - 000000000 ____D C:\ProgramData\Avira
2019-05-18 13:36 - 2016-07-14 02:00 - 000000000 ____D C:\Program Files\Microsoft Office
2019-04-26 20:20 - 2019-03-09 22:41 - 000000000 ____D C:\Users\TEMP.walter-PC.000
2019-03-17 16:07 - 2019-03-17 16:07 - 007895040 _____ () C:\Program Files\GUT1863.tmp
2018-07-07 00:09 - 2018-07-07 00:09 - 000000000 _____ () C:\Users\walter\AppData\Local\aGTBYvlZAHrDQlIH.exe.txt
2018-08-16 23:16 - 2018-08-16 23:16 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT10A.tmp
2019-03-17 16:16 - 2019-03-17 16:16 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT146B.tmp
2018-08-25 15:51 - 2018-08-25 15:51 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT1506.tmp
2018-08-25 15:51 - 2018-08-25 15:51 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT1583.tmp
2019-03-01 15:28 - 2019-03-01 15:28 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT1610.tmp
2019-04-16 21:55 - 2019-04-16 21:55 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT1AD0.tmp
2019-03-21 21:09 - 2019-03-21 21:09 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT1C7A.tmp
2019-04-09 22:34 - 2019-04-09 22:34 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT2AF6.tmp
2017-07-02 21:28 - 2017-07-02 21:28 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT2D59.tmp
2019-04-07 09:02 - 2019-04-07 09:02 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT3DF9.tmp
2019-05-05 10:19 - 2019-05-05 10:19 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT4692.tmp
2018-01-30 09:12 - 2018-01-30 09:12 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT59.tmp
2019-05-16 19:51 - 2019-05-16 19:51 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT5ADB.tmp
2019-04-09 22:35 - 2019-04-09 22:35 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT6A57.tmp
2019-03-27 08:45 - 2019-03-27 08:45 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT7741.tmp
2018-08-16 23:15 - 2018-08-16 23:15 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT7AF9.tmp
2019-04-07 09:03 - 2019-04-07 09:03 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT7F3E.tmp
2018-12-28 12:30 - 2018-12-28 12:30 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT933.tmp
2017-07-02 20:58 - 2017-07-02 20:58 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT9404.tmp
2017-07-02 20:58 - 2017-07-02 20:58 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT950E.tmp
2019-05-16 19:51 - 2019-05-16 19:51 - 000000000 _____ () C:\Users\walter\AppData\Local\BIT96B4.tmp
2019-05-05 10:18 - 2019-05-05 10:18 - 000000000 _____ () C:\Users\walter\AppData\Local\BITA063.tmp
2019-03-21 21:06 - 2019-03-21 21:06 - 000000000 _____ () C:\Users\walter\AppData\Local\BITA0FF.tmp
2018-12-23 17:01 - 2018-12-23 17:01 - 000000000 _____ () C:\Users\walter\AppData\Local\BITA4E6.tmp
2019-04-25 22:16 - 2019-04-25 22:16 - 000000000 _____ () C:\Users\walter\AppData\Local\BITB3C4.tmp
2019-03-21 21:07 - 2019-03-21 21:07 - 000000000 _____ () C:\Users\walter\AppData\Local\BITDAB5.tmp
2019-03-24 18:48 - 2019-03-24 18:48 - 000000000 _____ () C:\Users\walter\AppData\Local\BITDAD3.tmp
2019-03-17 16:15 - 2019-03-17 16:15 - 000000000 _____ () C:\Users\walter\AppData\Local\BITDAF3.tmp
2019-03-01 15:28 - 2019-03-01 15:28 - 000000000 _____ () C:\Users\walter\AppData\Local\BITDB7F.tmp
2019-03-21 21:09 - 2019-03-21 21:09 - 000000000 _____ () C:\Users\walter\AppData\Local\BITE0E0.tmp
2018-12-23 16:59 - 2018-12-23 16:59 - 000000000 _____ () C:\Users\walter\AppData\Local\BITF69D.tmp
2017-07-02 21:01 - 2017-07-02 21:01 - 000000000 _____ () C:\Users\walter\AppData\Local\BITFA88.tmp
2017-07-02 21:01 - 2017-07-02 21:01 - 000000000 _____ () C:\Users\walter\AppData\Local\BITFAD7.tmp
2018-12-28 12:30 - 2018-12-28 12:30 - 000000000 _____ () C:\Users\walter\AppData\Local\BITFC9.tmp
2017-07-02 21:28 - 2017-07-02 21:28 - 000000000 _____ () C:\Users\walter\AppData\Local\BITFE1C.tmp
Avira (HKLM\...\{2504137A-5E42-4340-8F34-2086B49FBD1A}) (Version: 1.2.133.21088 - Avira Operations GmbH & Co. KG) Hidden
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers3: [DLLRegSvr] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
AlternateDataStreams: C:\ProgramData\TEMP:EC2E1DEC [456]
FirewallRules: [{62F3A5E0-7654-40E5-B457-EA9D23D809E7}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\DriverBooster.exe No File
FirewallRules: [{EE6C2C26-2810-4311-8B7D-763460A85F26}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\DriverBooster.exe No File
FirewallRules: [{12DAB7A6-7D4E-4EBA-8F8B-E03F12B43DFA}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\DBDownloader.exe No File
FirewallRules: [{DF93A177-ABEF-43A3-9468-513375022B6A}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\DBDownloader.exe No File
FirewallRules: [{6E292B05-EC9A-4C80-A5EA-9247B049D6A8}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\AutoUpdate.exe No File
FirewallRules: [{10E06301-34CC-4819-BE89-1755D2A4E6C9}] => (Allow) C:\Program Files\IObit\Driver Booster\5.3.0\AutoUpdate.exe No File
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
C:\Program Files\Avira\Launcher\Avira.Systray.exe => No running process found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Avira SystrayStartTrigger" => not found
"HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NolowDiskSpaceChecks" => removed successfully.
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07784A53-AAF2-44B1-BECE-AECF6302DF9C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07784A53-AAF2-44B1-BECE-AECF6302DF9C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OperaUpdateService" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7B4E731E-0B25-4875-BCBD-4C8F64958A47}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B4E731E-0B25-4875-BCBD-4C8F64958A47}" => removed successfully.
C:\Windows\System32\Tasks\AVG\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5412D51-22AF-457A-858B-DF8DA15D4E93}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5412D51-22AF-457A-858B-DF8DA15D4E93}" => removed successfully.
C:\Windows\System32\Tasks\{249DCE56-AFA6-4686-BD3A-B8052881FB3D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{249DCE56-AFA6-4686-BD3A-B8052881FB3D}" => removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page" => removed successfully.
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\Software\Microsoft\Internet Explorer\Main,Start Page = => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{87A6A1F2-3D80-47D5-8295-F35B7D64E501} => removed successfully.
HKLM\Software\Classes\CLSID\{87A6A1F2-3D80-47D5-8295-F35B7D64E501} => not found
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754 -> {87A6A1F2-3D80-47D5-8295-F35B7D64E501} URL = => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully.
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully.
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully.
C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\features\{85983bc9-7083-4aae-b58c-3af109c22fdf}\[email protected] => moved successfully
"HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully.
"HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Mozilla\SeaMonkey\Extensions\\[email protected]" => removed successfully.
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\Firefox\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc3.xpi => not found => Error: No automatic fix found for this entry.
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05242019145704754\...\SeaMonkey\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc2.xpi => not found => Error: No automatic fix found for this entry.
"Chrome DefaultSearchURL" => removed successfully.
"Chrome DefaultSearchKeyword" => removed successfully.
"Chrome DefaultSuggestURL" => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\fdbpcigaolookbahgdofnimidinicfid => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek => removed successfully.
HKLM\System\CurrentControlSet\Services\catchme => removed successfully.
catchme => service removed successfully.
HKLM\System\CurrentControlSet\Services\cpuz140 => removed successfully.
cpuz140 => service removed successfully.
HKLM\System\CurrentControlSet\Services\cpuz143 => removed successfully.
cpuz143 => service removed successfully.
HKLM\System\CurrentControlSet\Services\DrvAgent32 => removed successfully.
DrvAgent32 => service removed successfully.
HKLM\System\CurrentControlSet\Services\dsbwncfk => removed successfully.
dsbwncfk => service removed successfully.
HKLM\System\CurrentControlSet\Services\Partizan => removed successfully.
Partizan => service removed successfully.
Could not move "C:\Windows\hlktmp" => Scheduled to move on reboot.
C:\Users\TEMP.walter-PC.002 => moved successfully
"C:\Program Files\Avira" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira" => not found
"C:\ProgramData\Avira" => not found
C:\Program Files\Microsoft Office => moved successfully

"C:\Users\TEMP.walter-PC.000" folder move:

Could not move "C:\Users\TEMP.walter-PC.000" => Scheduled to move on reboot.

C:\Program Files\GUT1863.tmp => moved successfully
C:\Users\walter\AppData\Local\aGTBYvlZAHrDQlIH.exe.txt => moved successfully
C:\Users\walter\AppData\Local\BIT10A.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT146B.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT1506.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT1583.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT1610.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT1AD0.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT1C7A.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT2AF6.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT2D59.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT3DF9.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT4692.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT59.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT5ADB.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT6A57.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT7741.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT7AF9.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT7F3E.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT933.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT9404.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT950E.tmp => moved successfully
C:\Users\walter\AppData\Local\BIT96B4.tmp => moved successfully
C:\Users\walter\AppData\Local\BITA063.tmp => moved successfully
C:\Users\walter\AppData\Local\BITA0FF.tmp => moved successfully
C:\Users\walter\AppData\Local\BITA4E6.tmp => moved successfully
C:\Users\walter\AppData\Local\BITB3C4.tmp => moved successfully
C:\Users\walter\AppData\Local\BITDAB5.tmp => moved successfully
C:\Users\walter\AppData\Local\BITDAD3.tmp => moved successfully
C:\Users\walter\AppData\Local\BITDAF3.tmp => moved successfully
C:\Users\walter\AppData\Local\BITDB7F.tmp => moved successfully
C:\Users\walter\AppData\Local\BITE0E0.tmp => moved successfully
C:\Users\walter\AppData\Local\BITF69D.tmp => moved successfully
C:\Users\walter\AppData\Local\BITFA88.tmp => moved successfully
C:\Users\walter\AppData\Local\BITFAD7.tmp => moved successfully
C:\Users\walter\AppData\Local\BITFC9.tmp => moved successfully
C:\Users\walter\AppData\Local\BITFE1C.tmp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2504137A-5E42-4340-8F34-2086B49FBD1A}\\SystemComponent" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\DLLRegSvr => removed successfully.
HKLM\Software\Classes\CLSID\{8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\7-Zip => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removed successfully.
"BVTFilter" => removed successfully.
"BVTConsumer" => removed successfully.
C:\ProgramData\TEMP => ":EC2E1DEC" ADS removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{62F3A5E0-7654-40E5-B457-EA9D23D809E7}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE6C2C26-2810-4311-8B7D-763460A85F26}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{12DAB7A6-7D4E-4EBA-8F8B-E03F12B43DFA}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF93A177-ABEF-43A3-9468-513375022B6A}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E292B05-EC9A-4C80-A5EA-9247B049D6A8}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{10E06301-34CC-4819-BE89-1755D2A4E6C9}" => not found

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 4 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de  rea local 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::24da:2865:57ab:c4d3%19
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.29
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de Ethernet Conexi¢n de  rea local 4:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{3100BEF9-6842-40A2-AC20-26F7B775D9E3}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{09E2B554-A267-4EF9-9D36-06A3CA8CFD8E}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-3193159865-2815699795-1142240979-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-3193159865-2815699795-1142240979-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3153931 B
Java, Flash, Steam htmlcache => 1171 B
Windows/system/drivers => 1525462 B
Edge => 0 B
Chrome => 259107 B
Firefox => 207579824 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
LocalService => 33058 B
NetworkService => 0 B
walter => 792045 B
UpdatusUser => 0 B
Max Ram => 38633 B
TEMP.walter-PC.000 => 0 B
Invitado.walter-PC => 0 B

RecycleBin => 248186417 B
EmptyTemp: => 448.2 MB temporary data Removed.

================================

Hola @WALLY

Pues por lo que se ve en la imagen no del todo, te esta creando perfiles temporales de la cuenta Walter

Podrías perderla o que no arranque mas.

Para salvarla crea una nueva cuenta de Usuario con Derechos de Administrador., colocale un nombre que se diferencie.

Cuando la tengas vienes y lo comentas.


Que paso luego del Fix, sigue el problema error con la dll al iniciar.

Salu2.

Bueno he creado otro usuario con otro nombre , ¿pero todo lo que esta en el viejo como lo paso al nuevo , (debo instalar todo de nuevo)? Debo decirte que el pc anda mucho mejor pero el error persiste arranque un par de programas y salta , en concreto chrome , psiphon3VPN , no me deja instalar office sale lo mismo

Hola @WALLY

No, tranquilo que ya te daré lo pasos, mañana la seguimos que aquí es muuuuuy tarde.

:+1:

Te había escrito que no lo instales hasta que te lo diga.


Por el momento desinstala con Revo Uninstaller en su Modo Avanzado:

  • Chrome , Psiphon3VPN

Manual de Revo Uninstaller.

Y no los reinstales aun.NO.


Descarga, instala y/o actualiza:

Lo ejecutas:

CCleaner

Usando su opción Limpiador y luego Registro de acuerdo a su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.

  • NO necesitamos este reporte


Nos comentas.

Salu2.

Listo , este Psiphon3VPN lo borre asi no mas era solo un ejecutable , debe haber sido un portable, pase el Ccleaner y …el problema sigue :frowning: Buenas Noches

Última hora murió Firefox , mismo error , te escribo del celular

Hola:

Una consulta recuerdas que hiciste antes de que empezará el problema?

Intentaste restaurar sistema a una fecha anterior a cuando empezó el error.

Nos comentas.

Salu2

Ayer realice lo que me pediste y funcionaba todo bien ,de repente apareció el problema ,lo malo que tengo favoritos que no puedo recuperar .Realice 2 cosas ,intenté arrancar en modo a prueba de fallos nada, luego intenté arrancar con una sección anterior …la mejor que funcionaba…según dice sin y nada…voy a intentar ir más atrás …qué raro este problema jamás había tenido uno así…como de seguro me vas a pedir que borre Firefox , como recupero las pestañas favoritas …gracias por tu tiempo

Hola aqui estamos de nuevo , recupere firefox , restaure al punto de donde me pediste que fijara(Frst.exe) , bueno respalde favoritos y todo eso , al parecer cuando me pediste que fijara , algo hay ahi que causo el problema , lo curioso que es el mismo error…

Hola @WALLY

Me parece que no nos estamos entendiendo.:sleepy:

Solo te pregunte si cuando te apareció el error ( de las dll) no habias probado restaurar sistema, y si recordabas que descargaste o ejecutaste antes que te apareciera el error.

Con ello, desiciste todo lo que habiamos hecho :expressionless:

No entiendo a que te refieres cuando dices que te pedí que fijaras? FRST crea un punto de restauración por que así esta indicado en los comandos del Fixlist.

Y Delfix que si te indique guarda una copia de tu registro por seguridad, no te pedi que restauraras a ese punto.

El error ya lo tenias, no es FRST el que causo el error, aun no pudimos resolver tu error.


Solo revisa si tienes un punto de restauración anterior a la fecha que comentas en tu primer post, cuando mencionaste:

Nos comentas.

Salu2

No te habia entendido, mire tengo puntos con fechas 24 y 25 no mas atras , si hay mas no se donde encontrarlas , sorry por el mal entendido pense que te referias al ultimo problemas con las dll no al primer post

Hola @WALLY

Entra a tu nueva cuenta de usuario y desde alli descarga Firefox Portable

https://portableapps.com/apps/internet/firefox_portable

Desde esa cuenta (dinos después como la llamaste) analiza tu equipo y seleccionas todas las particiones de acuerdo a los manuales que te dejo mas abajo.

Realiza lo siguiente:

Análisis del PC con Eset Online Scaner : Manual de Uso

Análisis del PC con Kasperky Virus Removal Tool: Manual de Uso

NOTAS IMPORTANTES:

  • Revisa detenidamente el manual para que sepas como salvar su reporte.
  • Lo pegas en tu próxima respuesta.

Guía: Como pegar Reportes en el Foro?

Salu2.

Trate de ejecutar el portable de la otra seccion pero aparecio el error.Volvi a la original y estoy scaneando con eset online , lo deje toda la noche aun no termina…

Hola @WALLY

Perfecto, puede demorar de acuerdo a la información que tengas.

Salu2