No me puedo conectar a internet Win7 DNS

Ayuda General
#1

Buenas tengo problemas para conectarme a Internet a través de mi pc con win 7, voy a tratar de pasar winsock fix a ver si agarra aunque tengo otro efecto secundario… ya que estaba tocando los dns y no solo me quede sin Internet si no que ahora cuando abro cualquier navegador se queda lentísimo, algunos crashean al iniciarlos, la única forma que puedo hacer para navegar es modo seguro.

Lo ultimo así que utilice fue un programa llamado DNSFilter, que probablemente me jodió la configuración al desinstalarlo y utilice la herramienta de google para verificar cual era el mejor DNS de mi area.

Espero puedan ayudarme salu2.

Por cierto también cuando quiero apagar la PC, “intente restaurar” se queda una eternidad tratando de apagar la PC, sin “iniciar” aparentemente el proceso de restauración.

#2

bump Chicos disculpen la molestia pero le agradecería a cualquiera que pueda ayudarme con mi caso es muy importante para mí poder seguir trabajando.

#3

Hola @th3nolo

Aun sigues con el problema?

Lleva las herramientas que te indicare mas abajo en Modo Seguro con Red, luego inicias en Modo Normal y las ejecutas siguiendo los pasos:

1.- Descarga FSS.exe a tu escritorio.

  • Ejecuta FSS.exe (Presiona clic derecho y seleccionas Ejecutar como administrador)

Marca todas las opciones.

Presiona el botón Scan y espera a que termine su trabajo.

Se abrirá un Bloc de notas. Copia y pega el contenido en tu próxima respuesta.

Luego realizas lo siguiente:

2.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

3.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

4.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

#4

Hola SanMar, descargue el programa de la fuente que me indicaste aunque al pasarlo por Virus Total me arroja el siguiente resultado.

¿Debería preocuparme o sigo con el procedimiento?

799×370 22.7 KB

Adjunto las firmas digitales del archivo que descargue.

MD5 ac6d90b6215f6977780743cb26baf331
SHA-1 94c7e539312401620400750ff08c63a6e21dabba
SHA-256 e7977cf2832623ed8e3a413d15ec0892874b5979528c4dc964f60547c267d2cd
Vhash 026066655d1555755210b02002300a56z161d013zf2za2030e039z
Authentihash b91e5ca47b0bc00981f96bb1958b2e7e8d95bdf1e35c5f941bc5496bb2167557
Imphash 161c85364c462057ba28801ac1ad5404
SSDEEP 49152:OkxOm+7TjsPnztyDMmaJpGcfFepcY7Lyib4Ik0ZD5FJ9X+:OJotyDC/fFepIiEIRZD5FLX
File type Win32 EXE
Magic PE32+ executable for MS Windows (GUI) Mono/.Net assembly
File size 2.16 MB (2263552 bytes)

776×193 5.39 KB

#5

Hola @th3nolo

Es un falso positivo, solo desactiva el antivirus.

Salu2.

#6 
Ran by Paola (administrator) on PAOLA-PC (Sony Corporation SVE14118FXW) (07-12-2019 14:00:46)
Running from C:\Users\Paola\Downloads
Loaded Profiles: Paola (Available Profiles: Paola)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-24] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2752752 2018-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [196824 2019-05-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134736 2015-09-09] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: E - E:\.\StartModem.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a8a7-143a-11e9-b511-083e8ebb38a4} - E:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a989-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a9c5-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9aa01-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {347f8fca-e566-11e8-b235-083e8ebb38a4} - E:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {499a2c7c-8557-11e9-9017-30f9edbcbec3} - E:\.\StartModem.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {ed5dde12-c721-11e8-8b62-083e8ebb38a4} - F:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {eda04367-0c54-11e9-b703-083e8ebb38a4} - E:\Setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2015-09-09] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2015-09-09] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B55B99F-ABF1-4F81-BAFC-FC3374881E1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {1EECDA75-16CA-4C8B-863F-30CB38AFB17D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {26636F3D-F5C6-4D0C-AB66-E41ADD0D6126} - System32\Tasks\{797FDB2B-4F89-44AB-B116-14B7A4F33654} => C:\Users\Paola\Downloads\BlueSoleil_9.2.494.0\BlueSoleil 9.2.494.0\install\amd64\setup.exe [1024400 2016-04-12] (IVT CORPORATION -> IVT Corporation )
Task: {26E59862-CD42-49BA-8D15-45EF4787CE14} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {298BA11F-90AE-4CDF-990E-4A924DB1020B} - System32\Tasks\Opera scheduled Autoupdate 1555253192 => C:\Users\Paola\AppData\Local\Programs\Opera\launcher.exe
Task: {362115D0-2F85-4DB6-91EC-706CD701A334} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-02] (Google Inc -> Google Inc.)
Task: {37443E66-AEA4-4625-ACE2-D0FB6FB2AE1D} - System32\Tasks\AdobeAAMUpdater-1.0-Paola-PC-Paola => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {3D8CB085-276B-4A4A-8163-E1BE0C93AAE4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4409DB35-9DA2-4728-942D-DC520F2FECEC} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {46482C22-9675-4EC8-A3A4-31A80D352003} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [482160 2010-06-21] (Sony Corporation -> Sony Corporation)
Task: {4F3A8A22-B40B-40A6-A3A0-8D7F4E69C6C5} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7018264 2018-07-18] (Nero AG -> Nero AG)
Task: {75836BC9-8F4A-4622-9CF1-1BFDEC78528A} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [482160 2010-06-21] (Sony Corporation -> Sony Corporation)
Task: {8641BDB4-7057-4B50-8C62-DA1571324AE0} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {88CB0485-A0D3-4C48-B3D2-AFAC0F67BBE0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask
Task: {8ED510F3-F18F-4C55-88E8-1882B0CD7975} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {909057A1-D557-4CB5-BC41-BEB8B5812C26} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-02] (Google Inc -> Google Inc.)
Task: {954FBFBB-0D0E-48A7-BBE7-583DFABFFF7C} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2850751526-314786809-3439856657-1001 => C:\Users\Paola\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-08-28] (Mega Limited -> Mega Limited)
Task: {B99E58D2-BE6B-49CE-BD79-4F594D04D9E6} - System32\Tasks\update-S-1-5-21-2850751526-314786809-3439856657-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {D3186E2E-C5C3-4A2E-9434-7531C2165371} - \OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-1000 -> No File <==== ATTENTION
Task: {D3DEFCF3-1D4E-4B9D-ABA6-70173B61FDB0} - System32\Tasks\{37C01CE5-7A82-4D41-986E-2147A775751E} => C:\Windows\system32\pcalua.exe -a C:\Users\Paola\Downloads\Programs\win64_152824.exe -d C:\Users\Paola\Downloads\Programs
Task: {D7735780-06C3-4CE5-B325-E9CDABA3BF37} - System32\Tasks\{6AFE08C5-B807-4F7D-A0A4-728091C6AE8F} => C:\Users\Paola\Downloads\TradelizeLoader.exe [329360 2019-08-17] (TRADELIZE PTE. LTD. -> )
Task: {DAA9E381-C8FE-40AF-9946-7E580E74970B} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [482160 2010-06-21] (Sony Corporation -> Sony Corporation)
Task: {E38BD379-F251-4B07-B4B2-320C5C5BBA78} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED311E2F-1755-497D-B2D6-952B79C52C59} - System32\Tasks\DriverHubUACDisablingTask => C:\Program Files (x86)\DriverHub\DriverHub.exe [6750880 2019-04-09] (ROSTPEI LTD -> ROSTPAY LTD)
Task: {EFFC0AB7-BE0C-42BE-8610-C69448F54678} - \OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-500 -> No File <==== ATTENTION
Task: {F0F6AED8-A218-4A3B-9B8E-F322261F3D15} - System32\Tasks\Opera scheduled assistant Autoupdate 1557413820 => C:\Users\Paola\AppData\Local\Programs\Opera\launcher.exe
Task: {F84D8AE9-73B2-4171-B6E3-18DDCA4876E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCFB2A38-1199-40B9-A2E2-C80FC753D599} - System32\Tasks\{DCC740EF-C8E5-4680-AE11-A85F35134423} => C:\Windows\system32\pcalua.exe -a "C:\Users\Paola\Downloads\TradelizeLoader (1).exe" -d C:\Users\Paola\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-2850751526-314786809-3439856657-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{3B17E6C1-E7D0-48E0-ABEE-88B0DE8815FF}: [NameServer] 204.69.234.1,204.74.101.1
Tcpip\..\Interfaces\{3C87B911-4EFC-46B1-B9AC-07FB793E35AC}: [NameServer] 204.69.234.1,204.74.101.1,192.168.44.1
Tcpip\..\Interfaces\{3C87B911-4EFC-46B1-B9AC-07FB793E35AC}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{40696220-083B-4995-A3CF-FAAED7A29424}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{5C76EAEF-3FB2-4DA8-B890-883DA66138A8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5C76EAEF-3FB2-4DA8-B890-883DA66138A8}: [DhcpNameServer] 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{AACDAA57-1EF9-4E79-8697-6C6F2CAE5B48}: [NameServer] 198.153.192.1,198.153.194.1
Tcpip\..\Interfaces\{D825676D-6BEF-4116-BAF3-9D34DCC74D9E}: [NameServer] 204.69.234.1,204.74.101.1
Tcpip\..\Interfaces\{F3194DF5-9DBA-49FC-B912-8189191DEEF8}: [NameServer] 190.121.224.39 190.121.224.40
Tcpip\..\Interfaces\{F4F19F17-023D-4345-8AC2-2D8F807FC2B6}: [NameServer] 9.9.9.9,1.1.1.1,192.168.42.129
Tcpip\..\Interfaces\{F4F19F17-023D-4345-8AC2-2D8F807FC2B6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FE0BF672-3FB5-43CC-901B-B8354442E217}: [NameServer] 204.69.234.1,204.74.101.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\IEExt\ie_plugin.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-16] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\IEExt\ie_plugin.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-03-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-03-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-03-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-03-15] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: m3iifm9h.default
FF ProfilePath: C:\Users\Paola\AppData\Roaming\Mozilla\Firefox\Profiles\3eqcbygi.default-release [2019-09-19]
FF ProfilePath: C:\Users\Paola\AppData\Roaming\Mozilla\Firefox\Profiles\m3iifm9h.default [2019-12-04]
FF NetworkProxy: Mozilla\Firefox\Profiles\m3iifm9h.default -> type", 0
FF Extension: (Tippin.me) - C:\Users\Paola\AppData\Roaming\Mozilla\Firefox\Profiles\m3iifm9h.default\Extensions\[email protected] [2019-05-22]
FF Extension: (SoundFixer) - C:\Users\Paola\AppData\Roaming\Mozilla\Firefox\Profiles\m3iifm9h.default\Extensions\[email protected] [2019-07-20]
FF Extension: (show-my-ip) - C:\Users\Paola\AppData\Roaming\Mozilla\Firefox\Profiles\m3iifm9h.default\Extensions\{b93d6beb-e3fc-4ca7-82e9-930a8b040d69}.xpi [2019-06-29]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi [2019-09-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2850751526-314786809-3439856657-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Paola\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2019-09-06] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2850751526-314786809-3439856657-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Paola\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2019-09-06] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2850751526-314786809-3439856657-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Paola\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-10-29] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-10-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-10-25] <==== ATTENTION

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.facebook.com/"
CHR Profile: C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default [2019-12-07]
CHR Extension: (Duolingo en la web) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2019-12-04]
CHR Extension: (Descargador de Vídeo Vimeo) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgpbghdbejagejmciefmekcklikpoeel [2019-12-05]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2019-12-05]
CHR Extension: (Save Your Tabs for Later) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlpkofiapmkalomecepjjhlkjhommkap [2019-12-05]
CHR Extension: (Moon: Shop online with Bitcoin) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehmpejjklcibliopgbghpgfinhbjopnn [2019-12-04]
CHR Extension: (Dark Reader) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2019-12-07]
CHR Extension: (Tab Suspender) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiabciakcmgepblmdkmemdbbkilneeeh [2019-12-04]
CHR Extension: (Lolli: Earn Bitcoin When You Shop) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\fleenceagaplaefnklabikkmocalkcpo [2019-12-05]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-12-06]
CHR Extension: (Bottle Pay) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\jadhemmpfahnnnlekbggdpmhmlmoldje [2019-12-05]
CHR Extension: (Grammarly for Chrome) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-12-05]
CHR Extension: (Webcam Toy) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2019-12-05]
CHR Extension: (Volume Control - Control del volumen) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhgpflelfbhnihnbjigpgdbahgkbghp [2019-12-05]
CHR Extension: (Waves Keeper) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpilbniiabackdjcionkobglmddfbcjo [2019-12-04]
CHR Extension: (LightShot (la herramienta de captura de pantalla)) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-12-05]
CHR Extension: (Direct Message for Instagram™) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpgppkombninhkfhaggckdmencplhmg [2019-12-05]
CHR Extension: (MeddleMonkey) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihledlmchhofenpacbhphnbnpakgmo [2019-12-05]
CHR Extension: (ProjectWork - professional project scheduling) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojhjfelociapcolpehhfffkfdghakhj [2019-12-05]
CHR Extension: (Linguix) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgklmlnheedegipcohgcbjhhgddendc [2019-12-05]
CHR Extension: (MetaMask) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2019-12-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-04]
CHR Extension: (Keybase) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ognfafcpbkogffpmmdglhbjboeojlefj [2019-12-04]
CHR Extension: (HubSpot: Email Tracking & Sales CRM for Gmail) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd [2019-12-04]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2019-12-05]
CHR Extension: (Miro) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfmbdmhambgleempeofcjjhjclimccg [2019-12-05]
CHR Extension: (Cacoo - Diagramación & Colaboración en tiempo real) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcflmbddgcmomcfngehfhlajjapabojh [2019-12-04]
CHR Extension: (Chrome Media Router) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-05]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-09-09] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S2 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [483808 2018-04-11] (ICEpower a/s -> ICEpower a/s)
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-04] (Malwarebytes Inc -> Malwarebytes)
S2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2014-11-20] (Huawei Technologies Co.,Ltd. -> )
S2 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [8704 2019-04-14] (StagWare) [File not signed]
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12054872 2019-10-10] (TeamViewer GmbH -> TeamViewer GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-10-10] (Oracle Corporation -> Oracle Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21600 2018-09-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AR9271; C:\Windows\System32\DRIVERS\athuwx.sys [2226176 2019-04-14] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [5020672 2009-07-13] (Microsoft Windows -> ATI Technologies Inc.)
S2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-10-20] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [22568 2014-08-12] (IVT CORPORATION -> IVT Corporation.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
S1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2019-12-04] (Malwarebytes Corporation -> Malwarebytes)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [243200 2009-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 FlashBoot; C:\Windows\System32\DRIVERS\FlashBoot.sys [17616 2019-06-18] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [131248 2019-06-18] (GENESYS LOGIC, INC. -> GenesysLogic)
R3 gmhidlow; C:\Windows\System32\DRIVERS\gmhidlow.sys [21008 2019-08-08] (KYE SYSTEMS CORP. -> )
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [117248 2009-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2019-04-14] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT CORPORATION -> IVT Corporation.)
S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT CORPORATION -> IVT Corporation.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [76624 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [129152 2019-07-29] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [251512 2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [516216 2019-09-17] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998016 2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project)
S4 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [210280 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [11776 2009-09-04] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2019-12-04] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-12-04] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-12-04] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2019-12-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [190032 2016-04-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [779232 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2584792 2019-05-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [12032 2018-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [51352 2019-04-14] (Synaptics Incorporated -> Synaptics Incorporated)
S2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [237376 2019-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [248464 2019-10-11] (Oracle Corporation -> Oracle Corporation)
S3 wdf_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [43128 2011-08-11] (mtkkey -> MediaTek Inc.)
S1 WinRing0_1_2_0; C:\Program Files (x86)\NoteBook FanControl\WinRing0x64.sys [14544 2019-09-04] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [119680 2009-09-19] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [119680 2009-09-19] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [119680 2009-09-19] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 IvtComBusSrv; System32\Drivers\btcombus.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-07 13:52 - 2019-12-07 13:55 - 000044162 _____ C:\Users\Paola\Downloads\Addition.txt
2019-12-07 13:51 - 2019-12-07 14:01 - 000033916 _____ C:\Users\Paola\Downloads\FRST.txt
2019-12-07 13:51 - 2019-12-07 13:51 - 000000000 ____D C:\Users\Paola\Downloads\FRST-OlderVersion
2019-12-07 13:49 - 2019-12-07 14:00 - 000000000 ____D C:\FRST
2019-12-07 03:52 - 2019-12-07 03:52 - 000000491 _____ C:\Users\Paola\Downloads\UTC--2019-12-07T07-52-05.120Z--b948430eee899a6d40ec6cc49e5a8705b03a8921
2019-12-07 03:34 - 2019-12-07 13:51 - 002263552 _____ (Farbar) C:\Users\Paola\Downloads\FRST64.exe
2019-12-07 00:01 - 2019-12-07 00:02 - 001351763 _____ C:\Users\Paola\Downloads\Cointigopitchdecklast(2).pdf
2019-12-06 00:58 - 2019-12-06 01:01 - 009102193 _____ C:\Users\Paola\Downloads\iocta_2019.pdf
2019-12-06 00:22 - 2019-12-06 00:22 - 000801932 _____ C:\Users\Paola\Downloads\dnmbible.pdf
2019-12-06 00:14 - 2019-12-06 00:14 - 000023611 _____ C:\Users\Paola\Desktop\energy-report.html
2019-12-05 01:21 - 2019-12-05 01:22 - 000001930 _____ C:\Users\Paola\Desktop\Rkill.txt
2019-12-05 00:58 - 2019-12-05 00:58 - 000000000 ____D C:\Users\Paola\Downloads\WinsockFix_InfoSpyware
2019-12-05 00:52 - 2019-12-05 01:19 - 000000748 _____ C:\Users\Paola\Desktop\ESET Online Scanner.lnk
2019-12-05 00:52 - 2019-12-05 00:52 - 000000000 ____D C:\Users\Paola\AppData\Local\ESET
2019-12-05 00:33 - 2019-12-05 00:45 - 008162616 _____ (ESET spol. s r.o.) C:\Users\Paola\Downloads\esetonlinescanner_esn.exe
2019-12-05 00:29 - 2019-12-05 00:29 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Paola\Downloads\iExplore.exe
2019-12-05 00:17 - 2019-12-05 00:27 - 205263808 _____ C:\Users\Paola\Downloads\cureit.exe
2019-12-05 00:07 - 2019-12-05 00:07 - 000341794 _____ C:\Users\Paola\Downloads\IF-DNS.exe
2019-12-05 00:07 - 2019-12-05 00:07 - 000251211 _____ C:\Users\Paola\Downloads\Guía para cambiar las DNS - Guías, manuales, tutoriales y más - ForoSpyware.pdf
2019-12-05 00:04 - 2019-12-05 00:07 - 008218800 _____ (Malwarebytes) C:\Users\Paola\Downloads\adwcleaner_8.0.0.exe
2019-12-05 00:03 - 2019-12-05 00:03 - 004773088 _____ (SOSVirus) C:\Users\Paola\Downloads\UsbFix_2019_11.022.exe
2019-12-04 23:59 - 2019-12-05 00:01 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Paola\Downloads\tdsskiller.exe
2019-12-04 23:52 - 2019-12-04 23:56 - 001883976 _____ (Malwarebytes) C:\Users\Paola\Downloads\MBSetup.exe
2019-12-04 23:50 - 2019-12-04 23:51 - 005404387 _____ (Raúl Argente ) C:\Users\Paola\Downloads\ARegClean-old.exe
2019-12-04 23:50 - 2019-12-04 23:50 - 000702243 _____ C:\Users\Paola\Downloads\WinsockFix_InfoSpyware.zip
2019-12-04 23:49 - 2019-12-04 23:50 - 000791393 _____ (Lars Hederer ) C:\Users\Paola\Downloads\erunt-setup.exe
2019-12-04 23:49 - 2019-12-04 23:49 - 001115450 _____ C:\Users\Paola\Downloads\RegSeeker.3.01.setup.zip
2019-12-04 18:23 - 2019-12-04 18:23 - 000000000 ___RD C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2019-12-04 17:06 - 2019-12-04 17:06 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-12-04 15:56 - 2019-12-04 15:56 - 000000000 ____D C:\Users\Paola\Downloads\ComIntRep_4010
2019-12-04 15:54 - 2019-12-04 15:55 - 003337234 _____ (Rizonesoft ) C:\Users\Paola\Downloads\ComIntRep_4010_Setup.exe
2019-12-04 15:54 - 2019-12-04 15:55 - 003122169 _____ C:\Users\Paola\Downloads\ComIntRep_4010.zip
2019-12-04 15:38 - 2019-12-07 13:46 - 001080898 _____ C:\Windows\ntbtlog.txt
2019-12-04 05:03 - 2019-12-04 05:03 - 767038110 _____ C:\Windows\MEMORY.DMP
2019-12-04 05:03 - 2019-12-04 05:03 - 001106560 _____ C:\Windows\Minidump\120419-23306-01.dmp
2019-12-04 05:03 - 2019-12-04 05:03 - 000000000 ____D C:\Windows\Minidump
2019-12-04 00:52 - 2019-12-04 18:24 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-12-04 00:51 - 2019-12-04 00:51 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-12-04 00:50 - 2019-12-04 00:50 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-12-04 00:50 - 2019-12-04 00:50 - 000000000 ____D C:\Users\Paola\AppData\Local\cache
2019-12-04 00:43 - 2019-12-04 00:50 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-04 00:42 - 2019-12-04 00:43 - 001883976 _____ (Malwarebytes) C:\Users\Paola\Downloads\MBSetup-009996.009996.exe
2019-12-03 02:48 - 2019-12-03 02:48 - 000002377 _____ C:\Users\Paola\Desktop\Authy Desktop.lnk
2019-12-03 02:40 - 2019-12-03 02:41 - 005905920 _____ C:\Users\Paola\Downloads\eddie-ui_2.16.3_windows-7_x64_installer.exe
2019-12-03 01:53 - 2019-12-03 01:54 - 000000000 ____D C:\Program Files (x86)\ChrisPC DNS Switch
2019-12-03 01:47 - 2019-12-03 01:47 - 001374096 _____ (Chris P.C. srl ) C:\Users\Paola\Downloads\setup_chrispc_dns_switch_4_10.exe
2019-12-03 01:21 - 2019-12-03 01:22 - 000322642 _____ (dnsleaktest.com ) C:\Users\Paola\Downloads\dnsfixsetup.exe
2019-12-03 00:18 - 2019-12-03 00:19 - 005227019 _____ C:\Users\Paola\Downloads\namebench-1.3.1-Windows.exe
2019-12-03 00:11 - 2019-12-03 00:12 - 007380480 _____ C:\Users\Paola\Downloads\relay-windows-amd64.exe
2019-12-02 23:20 - 2019-12-02 23:21 - 002015232 _____ C:\Users\Paola\Downloads\DNSFilter_Agent_Setup.msi
2019-12-02 11:49 - 2019-12-02 11:49 - 000061128 _____ C:\Users\Paola\Downloads\NTRA201912021149166313897968.PDF
2019-12-02 11:43 - 2019-12-02 11:43 - 000118371 _____ C:\Users\Paola\Downloads\11b.pdf
2019-11-29 22:54 - 2019-11-29 22:54 - 000562691 _____ C:\Users\Paola\Downloads\SSRN-id3258508.pdf
2019-11-29 22:33 - 2019-11-29 22:33 - 002354373 _____ C:\Users\Paola\Downloads\TradingAndArbitrageInCrypto-currenc_preview.pdf
2019-11-29 03:45 - 2019-11-29 03:46 - 002430564 _____ C:\Users\Paola\Downloads\[Marvin_Neuefeind,_Marcin_Kacperczyk]_Cryptocurren(z-lib.org).epub
2019-11-28 14:00 - 2019-11-28 14:13 - 152985689 _____ (Bisq ) C:\Users\Paola\Downloads\Bisq-64bit-1.2.3.exe
2019-11-28 13:52 - 2019-12-04 22:49 - 000000000 ____D C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenBazaar
2019-11-28 13:52 - 2019-11-28 14:22 - 000000000 ____D C:\Users\Paola\openbazaar
2019-11-28 13:52 - 2019-11-28 13:52 - 000000000 ____D C:\Users\Paola\OpenBazaar2.0-ClientData
2019-11-28 13:52 - 2019-11-28 13:52 - 000000000 ____D C:\Users\Paola\AppData\Roaming\OpenBazaar2
2019-11-28 13:51 - 2019-12-04 22:49 - 000000000 ____D C:\Users\Paola\AppData\Local\OpenBazaar2
2019-11-28 13:40 - 2019-11-28 13:48 - 113817144 _____ (OpenBazaar) C:\Users\Paola\Downloads\OpenBazaar2-2.3.5-Setup-64.exe
2019-11-28 03:09 - 2019-11-28 03:09 - 004184627 _____ C:\Users\Paola\Downloads\video-1574924543.mp4
2019-11-27 22:54 - 2019-11-27 22:54 - 000482552 _____ C:\Users\Paola\Downloads\[Silverglate_Harvey]_Three_Felonies_a_Day__How_the(z-lib.org).epub
2019-11-27 22:40 - 2019-11-27 22:40 - 000873961 _____ C:\Users\Paola\Downloads\[Martin_Meadows]_365_Days_With_Self-Discipline__36(z-lib.org) (1).epub
2019-11-27 22:14 - 2019-11-27 22:15 - 005214933 _____ C:\Users\Paola\Downloads\[Mikael_Krogerus,_Roman_Tsch_ppeler]_The_Decision_(z-lib.org).epub
2019-11-26 17:52 - 2019-11-26 17:53 - 009239923 _____ C:\Users\Paola\Downloads\[Swami_Venkatesananda]_Vasistha's_Yoga(z-lib.org).epub
2019-11-26 17:52 - 2019-11-26 17:52 - 003911480 _____ C:\Users\Paola\Downloads\[Swami_Venkatesananda]_The_Concise_Ramayana_of_Val(z-lib.org).pdf
2019-11-26 17:41 - 2019-11-26 17:49 - 078963121 _____ C:\Users\Paola\Downloads\[Ian_Chilvers]_The_Concise_Oxford_Dictionary_of_Ar(z-lib.org).pdf
2019-11-26 17:40 - 2019-11-26 17:40 - 002528740 _____ C:\Users\Paola\Downloads\[Sri_Munagala_Venkataramiah]_Talks_with_Sri_Ramana(z-lib.org).pdf
2019-11-26 17:34 - 2019-11-26 17:36 - 016935587 _____ C:\Users\Paola\Downloads\[Winthrop_Sargeant_(Translation_and_Commentary),_H(z-lib.org).pdf
2019-11-26 17:16 - 2019-11-26 17:16 - 001864209 _____ C:\Users\Paola\Downloads\[Laura_Hillenbrand]_Unbroken__A_World_War_II_Story(z-lib.org).epub
2019-11-26 17:16 - 2019-11-26 17:16 - 001594739 _____ C:\Users\Paola\Downloads\[Cal_Newport]_Deep_Work__Rules_for_focused_success(z-lib.org).pdf
2019-11-26 15:34 - 2011-03-11 02:41 - 001659776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-11-26 15:34 - 2011-03-11 02:41 - 000410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2019-11-26 15:34 - 2011-03-11 02:41 - 000166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2019-11-26 15:34 - 2011-03-11 02:41 - 000148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2019-11-26 15:34 - 2011-03-11 02:41 - 000107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2019-11-26 15:34 - 2011-03-11 02:41 - 000027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2019-11-26 15:34 - 2011-03-11 02:33 - 002565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-11-26 15:34 - 2011-03-11 02:30 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2019-11-26 15:34 - 2011-03-11 01:33 - 001699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-11-26 15:34 - 2011-03-11 01:31 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2019-11-26 12:14 - 2019-11-26 12:15 - 000546153 _____ C:\Users\Paola\Downloads\Newsletter_3_-_New_HIGH_Potential_Spec.pdf
2019-11-25 04:16 - 2019-11-25 04:16 - 000000000 ____D C:\Users\Paola\Downloads\dnscrypt-proxy-win64-2.0.33
2019-11-25 04:15 - 2019-11-25 04:16 - 002927364 _____ C:\Users\Paola\Downloads\dnscrypt-proxy-win64-2.0.33.zip
2019-11-24 02:03 - 2019-11-24 02:03 - 001006124 _____ C:\Users\Paola\Downloads\[Viktor_E._Frankl]_Man's_search_for_meaning(z-lib.org).pdf
2019-11-24 02:03 - 2019-11-24 02:03 - 000626437 _____ C:\Users\Paola\Downloads\[Robert_Greene,_Joost_Elffers]_The_48_laws_of_powe(z-lib.org).epub
2019-11-24 02:00 - 2019-11-24 02:00 - 003640731 _____ C:\Users\Paola\Downloads\[Dale_Carnegie_&_Associates]_How_to_Win_Friends_an(z-lib.org).epub
2019-11-24 01:55 - 2019-11-24 01:55 - 007366247 _____ C:\Users\Paola\Downloads\[Andrew_Aziz]_Advanced_Techniques_in_Day_Trading__(z-lib.org).epub
2019-11-24 01:54 - 2019-11-24 01:53 - 001197613 ____R C:\Users\Paola\Downloads\[David_Epstein]_Range__How_Generalists_Triumph_in_(z-lib.org).epub
2019-11-24 01:16 - 2019-11-24 01:16 - 004172413 _____ C:\Users\Paola\Downloads\[Gabrielle_Stobbe]_Just_Enough_English_Grammar_Ill(z-lib.org) (1).pdf
2019-11-24 01:12 - 2019-11-24 01:14 - 023557778 _____ C:\Users\Paola\Downloads\[DK,_Catherine_Collin,_Nigel_Benson,_Joannah_Ginsb(z-lib.org).pdf
2019-11-24 01:11 - 2019-11-24 01:12 - 003291237 _____ C:\Users\Paola\Downloads\[Bryson]_The_Fluoride_Deception_(history_water_flo(z-lib.org).pdf
2019-11-23 02:14 - 2019-11-23 02:14 - 000166021 _____ C:\Users\Paola\Downloads\FCS-9825063-Elvis Perez.pdf
2019-11-23 02:10 - 2019-11-23 02:10 - 000026522 _____ C:\Users\Paola\Downloads\edb59193-9fe8-40d1-ae13-e5a71eb97cfb.pdf
2019-11-20 02:45 - 2019-11-20 02:45 - 000262963 _____ C:\Users\Paola\Downloads\elvis.pdf
2019-11-20 02:07 - 2019-11-20 02:07 - 000084505 _____ C:\Users\Paola\Downloads\acta de discusion perez elvis.pdf
2019-11-20 02:04 - 2019-11-20 02:04 - 000075792 _____ C:\Users\Paola\Downloads\Perez Elvis.pdf
2019-11-19 16:57 - 2019-11-19 16:57 - 000003864 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2019-11-18 15:47 - 2019-11-18 15:47 - 000032966 _____ C:\Users\Paola\Downloads\01 Requisitos Constacia CD Trabajo (1).pdf
2019-11-18 04:15 - 2019-11-28 11:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-11-18 03:41 - 2019-11-18 03:41 - 000032966 _____ C:\Users\Paola\Downloads\01 Requisitos Constacia CD Trabajo.pdf
2019-11-17 11:21 - 2019-11-17 11:21 - 000000000 ____D C:\Users\Paola\Documents\My Games
2019-11-17 11:21 - 2019-11-17 11:21 - 000000000 ____D C:\Users\Paola\AppData\LocalLow\FuelGames
2019-11-17 10:51 - 2019-11-17 11:18 - 000000000 ____D C:\Users\Paola\Downloads\Apollo
2019-11-17 09:46 - 2019-11-23 03:32 - 000000000 ____D C:\Users\Paola\AppData\Roaming\apollo-launcher
2019-11-17 09:46 - 2019-11-17 10:31 - 000002475 _____ C:\Users\Paola\Desktop\Immutable.lnk
2019-11-17 09:46 - 2019-11-17 09:46 - 000002483 _____ C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Immutable.lnk
2019-11-17 09:45 - 2019-11-17 09:46 - 000000000 ____D C:\Users\Paola\AppData\Local\apollo-launcher-updater
2019-11-17 09:20 - 2019-11-17 09:40 - 045973800 _____ (Immutable) C:\Users\Paola\Downloads\Immutable+Setup+0.4.5.exe
2019-11-17 09:19 - 2019-11-17 09:19 - 000009019 _____ C:\Users\Paola\Downloads\descarga (1).htm
2019-11-14 09:00 - 2019-11-14 09:00 - 000937555 _____ C:\Users\Paola\Desktop\SRO.pptx
2019-11-13 00:56 - 2019-11-14 09:00 - 000937550 _____ C:\Users\Paola\Desktop\Presentación1.pptx
2019-11-12 23:36 - 2019-11-12 23:36 - 000874796 _____ C:\Users\Paola\Desktop\LOGO PEDIATRIA.psd
2019-11-12 23:35 - 2019-11-12 23:35 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign6d85f12768e50a27
2019-11-12 23:35 - 2019-11-12 23:35 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign5b05367c641b9dbb
2019-11-12 23:32 - 2019-11-12 23:32 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsigna009bbd1ccd0ed25
2019-11-12 23:32 - 2019-11-12 23:32 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign7784c76f86bb2ffb
2019-11-12 23:29 - 2019-11-12 23:30 - 000398315 _____ C:\Users\Paola\Desktop\LOGO PEDIATRIA.htm
2019-11-12 22:12 - 2019-12-06 21:15 - 001289728 ___SH C:\Users\Paola\Downloads\Thumbs.db
2019-11-12 02:10 - 2019-11-12 02:10 - 002260658 _____ C:\Users\Paola\Downloads\tesis presentacion.pptx
2019-11-12 01:53 - 2019-11-12 01:53 - 000981640 _____ C:\Users\Paola\Downloads\Dialnet-ConsensoInternacionalDeGastroenteritisAgudaEnUrgen-6958326.pdf
2019-11-12 01:53 - 2019-11-12 01:53 - 000981640 _____ C:\Users\Paola\Downloads\Dialnet-ConsensoInternacionalDeGastroenteritisAgudaEnUrgen-6958326 (1).pdf
2019-11-11 00:13 - 2019-11-11 00:13 - 000000318 _____ C:\Users\Paola\Downloads\S0120491215000075.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-07 13:52 - 2018-09-21 11:09 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-12-07 10:42 - 2019-05-07 15:03 - 000000000 ____D C:\Users\Paola\Downloads\Telegram Desktop
2019-12-07 02:49 - 2019-08-01 23:57 - 000000000 ____D C:\Users\Paola\Downloads\snes9x-1.60-win32-x64
2019-12-06 21:16 - 2018-09-27 21:42 - 000000000 ____D C:\Users\Paola\AppData\Roaming\vlc
2019-12-05 12:58 - 2019-05-19 11:36 - 000000000 ____D C:\Users\Paola\AppData\Local\ElevatedDiagnostics
2019-12-04 23:28 - 2019-07-25 16:30 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2019-12-04 22:54 - 2019-11-05 15:54 - 000000000 ____D C:\Users\Paola\AppData\Local\DeepL
2019-12-04 22:48 - 2018-09-25 20:07 - 000000388 _____ C:\Windows\Tasks\update-sys.job
2019-12-04 22:48 - 2018-09-25 20:07 - 000000388 _____ C:\Windows\Tasks\update-S-1-5-21-2850751526-314786809-3439856657-1001.job
2019-12-04 19:17 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\Registration
2019-12-04 18:31 - 2009-07-14 00:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-04 18:31 - 2009-07-14 00:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-04 18:24 - 2019-08-04 13:22 - 000000000 ____D C:\Users\Paola\Desktop\Screenshoot
2019-12-04 18:24 - 2019-08-04 13:21 - 000000000 ____D C:\Users\Paola\Desktop\PDF
2019-12-04 18:23 - 2019-06-18 19:02 - 000000000 ____D C:\Users\Paola\Desktop\Screenshots
2019-12-04 18:23 - 2019-06-01 14:37 - 000000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-12-04 18:23 - 2017-11-02 08:35 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-04 18:22 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-04 17:06 - 2019-09-05 17:05 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-04 17:05 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\tracing
2019-12-04 12:22 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF
2019-12-04 11:56 - 2019-09-16 18:58 - 000000000 ____D C:\Users\Paola\Downloads\Once upon a Time in Hollywood [TS][Subtitulado][wWw.EliteTorrent.IO]
2019-12-04 00:56 - 2018-09-21 12:44 - 000000000 ____D C:\Users\Paola\AppData\Local\CrashDumps
2019-12-04 00:49 - 2019-08-08 19:47 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-03 02:48 - 2019-05-26 14:16 - 000000000 ____D C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twilio Inc
2019-12-03 02:47 - 2019-05-26 14:16 - 000000000 ____D C:\Users\Paola\AppData\Local\authy-electron
2019-12-03 02:46 - 2019-05-26 14:16 - 000000000 ____D C:\Users\Paola\AppData\Local\SquirrelTemp
2019-12-03 02:04 - 2019-04-14 12:50 - 000000000 ____D C:\Users\Paola\Downloads\kali-linux-light-2019-1a-amd64-iso
2019-12-03 01:51 - 2019-09-19 20:23 - 000000000 ____D C:\Users\Paola\Downloads\Blue Valentine (2010) [1080p]
2019-12-03 00:42 - 2018-11-13 08:59 - 000000000 ____D C:\Users\Paola\Desktop\NOKIA
2019-12-02 23:50 - 2019-10-01 03:34 - 000000000 ____D C:\Users\Paola\Downloads\7dhxFo
2019-12-02 23:50 - 2019-08-06 20:57 - 000000000 ____D C:\Users\Paola\Downloads\120439
2019-12-02 22:18 - 2011-04-12 05:10 - 000817890 _____ C:\Windows\system32\perfh00A.dat
2019-12-02 22:18 - 2011-04-12 05:10 - 000187258 _____ C:\Windows\system32\perfc00A.dat
2019-12-02 22:18 - 2009-07-14 01:13 - 001858332 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-02 22:18 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2019-12-02 10:44 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\ModemLogs
2019-12-02 00:22 - 2019-09-04 17:23 - 000000000 ____D C:\ProgramData\NbfcService
2019-11-28 13:52 - 2018-09-21 11:07 - 000000000 ____D C:\Users\Paola
2019-11-28 11:44 - 2017-11-02 08:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-11-28 03:11 - 2018-09-22 11:44 - 000000000 ____D C:\Users\Paola\AppData\LocalLow\Mozilla
2019-11-27 17:51 - 2018-09-22 18:14 - 000000000 ____D C:\Windows\rescache
2019-11-26 16:19 - 2019-10-04 14:56 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-11-26 16:02 - 2016-12-14 11:18 - 001832918 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-11-25 01:25 - 2019-08-01 22:51 - 000003174 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-1001
2019-11-25 01:25 - 2019-08-01 22:51 - 000000000 ___RD C:\Users\Paola\OneDrive
2019-11-25 01:25 - 2018-09-21 11:07 - 000002190 _____ C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-11-22 16:35 - 2019-09-16 16:10 - 000000000 ____D C:\Users\Paola\Documents\My Kindle Content
2019-11-22 16:33 - 2019-05-26 11:29 - 000000000 ____D C:\Users\Paola\Desktop\Telegrams
2019-11-21 22:36 - 2017-11-02 08:32 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-20 09:25 - 2019-07-15 18:50 - 000000000 ____D C:\Users\Paola\Desktop\Julio 2019
2019-11-18 15:36 - 2019-09-03 16:46 - 000000000 ____D C:\Users\Paola\.VirtualBox
2019-11-18 15:35 - 2019-09-03 16:46 - 000000000 ____D C:\ProgramData\VirtualBox
2019-11-15 20:13 - 2019-05-06 12:21 - 000000000 ____D C:\Users\Paola\AppData\Roaming\Psiphon3
2019-11-15 20:02 - 2019-05-06 12:21 - 006754416 _____ C:\Users\Paola\Downloads\psiphon3.exe
2019-11-15 00:16 - 2017-11-02 08:33 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-14 15:39 - 2018-11-11 21:49 - 000000000 ____D C:\Users\Paola\Desktop\Trabajos en illustrator
2019-11-12 23:31 - 2018-10-25 23:07 - 000000033 _____ C:\Users\Paola\AppData\Roaming\AdobeWLCMCache.dat
2019-11-12 17:03 - 2010-11-20 23:27 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-11-10 03:39 - 2019-10-28 16:10 - 000000000 ____D C:\Users\Paola\Desktop\Respaldo USB paola

==================== Files in the root of some directories ========

2018-10-25 23:07 - 2019-11-12 23:31 - 000000033 _____ () C:\Users\Paola\AppData\Roaming\AdobeWLCMCache.dat
2019-09-05 20:13 - 2019-09-05 20:13 - 000000000 _____ () C:\Users\Paola\AppData\Roaming\MCVi2UserDetail.ini
2018-10-10 17:50 - 2018-10-10 17:50 - 000000410 _____ () C:\Users\Paola\AppData\Local\oobelibMkey.log
2018-10-06 20:54 - 2018-10-06 20:54 - 000000017 _____ () C:\Users\Paola\AppData\Local\resmon.resmoncfg
2018-09-25 20:07 - 2018-09-25 20:07 - 000000003 _____ () C:\Users\Paola\AppData\Local\updater.log
2018-09-25 20:07 - 2018-09-25 20:07 - 000000425 _____ () C:\Users\Paola\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-29 19:11
==================== End of FRST.txt ========================
#7 
Ran by Paola (07-12-2019 14:01:27)
Running from C:\Users\Paola\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2018-09-21 15:07:06)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2850751526-314786809-3439856657-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2850751526-314786809-3439856657-1003 - Limited - Enabled)
Invitado (S-1-5-21-2850751526-314786809-3439856657-501 - Limited - Disabled)
Paola (S-1-5-21-2850751526-314786809-3439856657-1001 - Administrator - Enabled) => C:\Users\Paola

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.1.435 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
ATAS CryptoTrader (HKLM-x32\...\{9873D32D-B0C3-4F96-B836-C469AE3945E3}_is1) (Version:  - OrderFlowTrading.NET)
Authy Desktop (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\authy-electron) (Version: 1.7.1 - Twilio Inc.)
BitTorrent (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\BitTorrent) (Version: 7.10.5.45312 - BitTorrent Inc.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.140.12.1002 - BlueStack Systems, Inc.)
calibre (HKLM-x32\...\{FD6B4DA3-5E7B-499E-841D-B797BED0CC47}) (Version: 3.48.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
D-Link Connection Manager v5.0.0LA (HKLM-x32\...\Broad Mobi HSPA Modem Normal Version_is1) (Version:  - )
DriverHub (HKLM-x32\...\DriverHub) (Version: 1.1.2.1563 - ROSTPAY LTD)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epic Privacy Browser (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\Epic Privacy Browser) (Version: 71.0.3578.98 - Epic)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - epubfilereader.com)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Git version 2.21.0 (HKLM\...\Git_is1) (Version: 2.21.0 - The Git Development Community)
Go Programming Language amd64 go1.3 (HKLM-x32\...\{FF5B30B2-08C2-11E1-85A2-6ACA4824019B}) (Version: 1.0.3.0 - hxxp://golang.org)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Immutable 0.4.8 (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\{6ae4b193-3f11-53fc-9cc5-14b1f1a73184}) (Version: 0.4.8 - Immutable)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.4.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kaspersky Free (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Total Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Lantern (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\Lantern) (Version: 5.4.0 - Brave New Software Project, Inc.)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.26.02.03 - Huawei Technologies Co.,Ltd)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.300.05.06.155 - Huawei Technologies Co.,Ltd)
MODEM Mobile Connection (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - )
Mozilla Firefox 70.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-ES)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.5 - Mozilla)
Nero BurningROM 2019 (HKLM-x32\...\{798AC6BA-CF99-4585-BD3A-89A51CB10530}) (Version: 20.0.00900 - Nero AG)
Nero Core (HKLM-x32\...\{85EFC653-C416-4759-BFD0-0A0095B3FFAC}) (Version: 1.2.00200 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 20.0.1011 - Nero AG)
NoteBook FanControl (HKLM-x32\...\{6ccab7ac-feb0-4395-97e3-75cd6f6c407b}) (Version: 1.6.3.0 - Stefan Hirschmann - StagWare)
NoteBook FanControl (HKLM-x32\...\{C027E819-C64C-443E-B6D5-755FE4A7A925}) (Version: 1.6.3.0 - Stefan Hirschmann - StagWare) Hidden
Oracle VM VirtualBox 6.0.14 (HKLM\...\{8E519428-0DC5-4A01-818A-73155A0AF8AF}) (Version: 6.0.14 - Oracle Corporation)
Paquete de controladores de Windows - Intel (MEIx64) System  (03/28/2016 11.0.5.1189) (HKLM\...\63CEF5543DBF9887E6220C5C2F7F85C2D4C726D5) (Version: 03/28/2016 11.0.5.1189 - Intel)
Paquete de controladores de Windows - Intel(R) Corporation (IntcDAud) MEDIA  (06/22/2017 6.16.00.3200) (HKLM\...\35F10B39A811B52865C4B4B57EE6D46592307FD6) (Version: 06/22/2017 6.16.00.3200 - Intel(R) Corporation)
Paquete de controladores de Windows - Qualcomm Atheros Communications Inc. (athr) Net  (08/14/2015 10.0.0.326) (HKLM\...\56B1A735BC0841E802E7BB371D433BD236941875) (Version: 08/14/2015 10.0.0.326 - Qualcomm Atheros Communications Inc.)
Paquete de controladores de Windows - Realtek (RTL8167) Net  (12/23/2016 7.104.1223.2016) (HKLM\...\8FE7583BA3BE7DC67C5AE21C06F30A7E65FB3C21) (Version: 12/23/2016 7.104.1223.2016 - Realtek)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.60724 - Microsoft Corporation)
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Popcorn-Time (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Prerequisite installer (HKLM-x32\...\{37E15A76-F310-4C62-9D32-EE96C83BBD2C}) (Version: 20.2.0001 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.350 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.137 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8821.1 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10253 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.2.0.15250 - Sony Corporation)
Signal 1.27.2 (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\{7d96caee-06e6-597c-9f2f-c7bb2e0948b4}) (Version: 1.27.2 - Open Whisper Systems)
Skype versión 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
Skype™ 7.40 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.40.104 - Skype Technologies S.A.)
Speedtest by Ookla (HKLM\...\{84EF7A8D-CEC5-44D9-A889-4C576EBCB8C4}) (Version: 1.1.23.001 - Ookla)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.2.4 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.7.1965 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\ZoomUMX) (Version: 4.5 - Zoom Video Communications, Inc.)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.16 - ZTE Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2850751526-314786809-3439856657-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2015-09-09] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2015-09-09] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2019-04-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Paola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk -> C:\Users\Paola\AppData\Local\Popcorn-Time\Popcorn-Time.exe (The NWJS Community) -> --user-data-dir="C:\Users\Paola\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj

==================== Loaded Modules (Whitelisted) =============

2015-09-09 00:03 - 2015-09-09 00:03 - 000033360 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000203344 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000034384 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000027216 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000116304 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.dll
2018-09-25 20:07 - 2017-05-23 14:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-09-25 20:07 - 2017-05-23 14:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2019-06-01 14:37 - 2019-12-04 18:23 - 000000435 _____ C:\Windows\system32\drivers\etc\hosts.ics
192.168.137.1 Paola-PC.mshome.net # 2024 6 5 21 4 20 38 544

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\Git\cmd;C:\Program Files (x86)\NoteBook FanControl\;C:\Program Files (x86)\Calibre2\;C:\Go\bin
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AnyDesk.lnk => C:\Windows\pss\AnyDesk.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Paola^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Enviar a OneNote.lnk => C:\Windows\pss\Enviar a OneNote.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Paola^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Delete Cached Standalone Update Binary => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Paola\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
MSCONFIG\startupreg: Epic Privacy Browser Installer => "C:\Users\Paola\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe" /c
MSCONFIG\startupreg: Opera Browser Assistant => C:\Users\Paola\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
MSCONFIG\startupreg: RtsCM => RTSCM64.EXE
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Uninstall 19.123.0624.0005 => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paola\AppData\Local\Microsoft\OneDrive\19.123.0624.0005"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E336AF7A-5E6F-4911-87FB-42A09E7BF048}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{421DD2F4-E74B-493D-8A95-63F935865495}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF9E8991-2254-4ED0-97D0-64C2A7B8D067}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA9C4FF9-DD90-44FD-B50A-2DC7C73C07F5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{40CF154F-0F46-41A7-B902-13DB9AEAD610}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4D9DA4F3-08D0-44EB-A0AF-FEF4082A2141}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FD710060-0199-4ECB-9A52-D30FD1A68896}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{458A5C28-1AB3-4935-9734-EF86D7D400EC}] => (Allow) C:\Users\Paola\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B522C4D7-5407-4C8D-B934-936CB0E99F03}] => (Allow) C:\Users\Paola\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{0A6E363E-AECC-4228-A34B-E19EF8C70DC5}C:\users\paola\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\paola\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{A55340E4-EA9B-459C-B15B-E2F4536C0540}C:\users\paola\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\paola\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [{55B9C5BC-1BD5-4AF2-BB17-E0736C097BDD}] => (Allow) C:\Users\Paola\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{00BCC48B-6D59-4AA7-9BFC-5230C222D2A4}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe No File
FirewallRules: [UDP Query User{BF9F2DD8-3B91-4625-AA48-56A49A213C2C}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe No File
FirewallRules: [TCP Query User{7517161A-48CC-4419-BAC2-A5A143E271CA}C:\users\paola\desktop\telegrams\telegram2\telegram.exe] => (Allow) C:\users\paola\desktop\telegrams\telegram2\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{0CF83C04-991D-440A-BB3E-9EF16DDAEF08}C:\users\paola\desktop\telegrams\telegram2\telegram.exe] => (Allow) C:\users\paola\desktop\telegrams\telegram2\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{2B8CA043-96C0-427A-91CC-1AC309DC0B80}] => (Allow) C:\Program Files (x86)\Nero\Nero 2019\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{3EB68D25-14CB-45F2-8969-A806FD5BEE12}] => (Allow) C:\Program Files (x86)\Nero\Nero 2019\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{F0BF0290-08FA-4375-A8E1-F089424D57A6}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{D854C6FE-C9A8-4C37-9E82-30E0FED63A6C}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{E13E50BF-C3C9-438B-8FAE-F5AD48382875}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{F66B8CE5-6431-40DF-A4C2-EEC88E7E6F7D}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{39B1789F-5E63-4542-8B4A-45E727619625}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E637BC58-92D8-4F01-9D5E-DC70DA72F524}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{217D72FF-2779-487D-AA40-1651C8D7F059}] => (Allow) C:\Users\Paola\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe No File
FirewallRules: [{D99E09AB-B333-4427-8FB6-4541AD3D70E0}] => (Allow) C:\Users\Paola\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe No File
FirewallRules: [TCP Query User{599D1644-1D08-4F53-8536-9F437A4E9AB4}C:\users\paola\downloads\anydesk.exe] => (Allow) C:\users\paola\downloads\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{B8A08C10-6FFC-4BD6-8320-C53CB4E91A58}C:\users\paola\downloads\anydesk.exe] => (Allow) C:\users\paola\downloads\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [{46DA7DC8-C135-401C-AC74-062789CA8DB8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6D88D000-D2E0-4973-99B9-443A45851613}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5E30A7BE-D75A-4142-A677-3029A6710C65}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DA272CB9-3C2F-4B69-A315-A958047EECD9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{A76DA13F-E7AB-431E-BC0A-712547B40ECE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{F464BAD1-26E7-4AB9-8AB7-DAD827065A3E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{8BD60C15-0F2B-467B-BD92-6A744F934B46}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [TCP Query User{88A1421A-2DF8-40FE-86A1-9D1FDA4A2C0A}C:\users\paola\appdata\local\programs\apollo-launcher\immutable.exe] => (Allow) C:\users\paola\appdata\local\programs\apollo-launcher\immutable.exe (FUEL GAMES PTY LTD -> Immutable)
FirewallRules: [UDP Query User{CA729FB2-C28E-4959-B65A-F9FB6C92A67B}C:\users\paola\appdata\local\programs\apollo-launcher\immutable.exe] => (Allow) C:\users\paola\appdata\local\programs\apollo-launcher\immutable.exe (FUEL GAMES PTY LTD -> Immutable)
FirewallRules: [TCP Query User{5694E59B-B6EC-46B7-B530-278D051250FC}C:\users\paola\downloads\apollo\gods unchained\standalonewindows64\gods.exe] => (Allow) C:\users\paola\downloads\apollo\gods unchained\standalonewindows64\gods.exe (FUEL GAMES PTY LTD -> )
FirewallRules: [UDP Query User{9B28566B-B8D4-440A-9510-6E3145BC1F75}C:\users\paola\downloads\apollo\gods unchained\standalonewindows64\gods.exe] => (Allow) C:\users\paola\downloads\apollo\gods unchained\standalonewindows64\gods.exe (FUEL GAMES PTY LTD -> )
FirewallRules: [{0741B07D-B047-4F51-B646-6CAD5346AA1D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{67584515-5972-4D9E-BBE5-365E6F0D27C6}C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe] => (Allow) C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe No File
FirewallRules: [UDP Query User{D944682D-4FCB-46F0-908A-BDCC1B3B0ADC}C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe] => (Allow) C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe No File
FirewallRules: [TCP Query User{F163D7E5-52B9-435F-A194-D2B2DEF9DD84}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{76B1997F-C8B5-4701-8C68-C49134C5C233}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)

==================== Restore Points =========================

22-11-2019 02:00:31 Punto de control programado
26-11-2019 15:48:10 Windows Update
02-12-2019 23:23:00 Installed DNSFilter Agent
04-12-2019 02:41:27 Removed DNSFilter Agent
04-12-2019 12:12:42 Removed Node.js
04-12-2019 12:26:22 Operación de restauración

==================== Faulty Device Manager Devices ============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Adaptador de minipuerto WiFi virtual de Microsoft
Description: Adaptador de minipuerto WiFi virtual de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIe GbE Family Controller
Description: Realtek PCIe GbE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/06/2019 08:43:26 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/06/2019 08:37:26 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/06/2019 08:35:21 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/05/2019 07:58:39 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/05/2019 07:52:42 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/05/2019 07:50:11 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/04/2019 11:38:31 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/04/2019 11:37:21 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\Setup.exe" -Embedding; descripción = Configured Microsoft Office Professional Plus 2016; error = 0x8007043c).


System errors:
=============
Error: (12/07/2019 01:59:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/07/2019 01:59:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/07/2019 01:59:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/07/2019 01:54:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/07/2019 01:54:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/07/2019 01:54:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/07/2019 01:52:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/07/2019 01:52:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.


CodeIntegrity:
===================================

Date: 2019-09-05 20:47:58.169
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\klelam_x64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-09-05 20:47:58.161
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\klelam_x64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-06-22 23:35:59.746
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\ndiskhaz.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2019-06-22 23:35:59.735
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\ndiskhaz.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2019-04-14 13:21:38.471
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-04-14 13:21:38.456
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-04-14 13:21:38.456
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-04-14 13:21:38.440
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\KLELAMX64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

BIOS: Insyde Corp. R0180E5 04/24/2012
Motherboard: Sony Corporation VAIO
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 57%
Total physical RAM: 8092.36 MB
Available physical RAM: 3462.57 MB
Total Virtual: 16182.86 MB
Available Virtual: 12018.24 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:210.26 GB) NTFS

\\?\Volume{56069ac3-bdaf-11e8-9163-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5BA12F03)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
#8

Hola @th3nolo

Faltaría el reporte de FSS.exe que te pedí que lo ejecutes en Modo Normal.

Salu2

1 me gusta
#9 
Ran by Paola (administrator) on PAOLA-PC (Sony Corporation SVE14118FXW) (08-12-2019 03:21:33)
Running from C:\Users\Paola\Desktop
Loaded Profiles: Paola & DefaultAppPool (Available Profiles: Paola & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Huawei Technologies Co.,Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avpui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(StagWare) [File not signed] C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-24] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2752752 2018-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [196824 2019-05-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134736 2015-09-09] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: E - E:\.\StartModem.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a8a7-143a-11e9-b511-083e8ebb38a4} - E:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a989-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a9c5-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9aa01-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {347f8fca-e566-11e8-b235-083e8ebb38a4} - E:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {499a2c7c-8557-11e9-9017-30f9edbcbec3} - E:\.\StartModem.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {ed5dde12-c721-11e8-8b62-083e8ebb38a4} - F:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {eda04367-0c54-11e9-b703-083e8ebb38a4} - E:\Setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2015-09-09] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2015-09-09] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B55B99F-ABF1-4F81-BAFC-FC3374881E1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {1EECDA75-16CA-4C8B-863F-30CB38AFB17D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {26636F3D-F5C6-4D0C-AB66-E41ADD0D6126} - System32\Tasks\{797FDB2B-4F89-44AB-B116-14B7A4F33654} => C:\Users\Paola\Downloads\BlueSoleil_9.2.494.0\BlueSoleil 9.2.494.0\install\amd64\setup.exe [1024400 2016-04-12] (IVT CORPORATION -> IVT Corporation )
Task: {26E59862-CD42-49BA-8D15-45EF4787CE14} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {298BA11F-90AE-4CDF-990E-4A924DB1020B} - System32\Tasks\Opera scheduled Autoupdate 1555253192 => C:\Users\Paola\AppData\Local\Programs\Opera\launcher.exe
Task: {362115D0-2F85-4DB6-91EC-706CD701A334} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-02] (Google Inc -> Google Inc.)
Task: {37443E66-AEA4-4625-ACE2-D0FB6FB2AE1D} - System32\Tasks\AdobeAAMUpdater-1.0-Paola-PC-Paola => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {3D8CB085-276B-4A4A-8163-E1BE0C93AAE4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4409DB35-9DA2-4728-942D-DC520F2FECEC} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {46482C22-9675-4EC8-A3A4-31A80D352003} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [482160 2010-06-21] (Sony Corporation -> Sony Corporation)
Task: {4F3A8A22-B40B-40A6-A3A0-8D7F4E69C6C5} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7018264 2018-07-18] (Nero AG -> Nero AG)
Task: {75836BC9-8F4A-4622-9CF1-1BFDEC78528A} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [482160 2010-06-21] (Sony Corporation -> Sony Corporation)
Task: {8641BDB4-7057-4B50-8C62-DA1571324AE0} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {88CB0485-A0D3-4C48-B3D2-AFAC0F67BBE0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask
Task: {8ED510F3-F18F-4C55-88E8-1882B0CD7975} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {909057A1-D557-4CB5-BC41-BEB8B5812C26} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-02] (Google Inc -> Google Inc.)
Task: {954FBFBB-0D0E-48A7-BBE7-583DFABFFF7C} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2850751526-314786809-3439856657-1001 => C:\Users\Paola\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-08-28] (Mega Limited -> Mega Limited)
Task: {B99E58D2-BE6B-49CE-BD79-4F594D04D9E6} - System32\Tasks\update-S-1-5-21-2850751526-314786809-3439856657-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {D3186E2E-C5C3-4A2E-9434-7531C2165371} - \OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-1000 -> No File <==== ATTENTION
Task: {D3DEFCF3-1D4E-4B9D-ABA6-70173B61FDB0} - System32\Tasks\{37C01CE5-7A82-4D41-986E-2147A775751E} => C:\Windows\system32\pcalua.exe -a C:\Users\Paola\Downloads\Programs\win64_152824.exe -d C:\Users\Paola\Downloads\Programs
Task: {D7735780-06C3-4CE5-B325-E9CDABA3BF37} - System32\Tasks\{6AFE08C5-B807-4F7D-A0A4-728091C6AE8F} => C:\Users\Paola\Downloads\TradelizeLoader.exe [329360 2019-08-17] (TRADELIZE PTE. LTD. -> )
Task: {DAA9E381-C8FE-40AF-9946-7E580E74970B} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [482160 2010-06-21] (Sony Corporation -> Sony Corporation)
Task: {E38BD379-F251-4B07-B4B2-320C5C5BBA78} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED311E2F-1755-497D-B2D6-952B79C52C59} - System32\Tasks\DriverHubUACDisablingTask => C:\Program Files (x86)\DriverHub\DriverHub.exe [6750880 2019-04-09] (ROSTPEI LTD -> ROSTPAY LTD)
Task: {EFFC0AB7-BE0C-42BE-8610-C69448F54678} - \OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-500 -> No File <==== ATTENTION
Task: {F0F6AED8-A218-4A3B-9B8E-F322261F3D15} - System32\Tasks\Opera scheduled assistant Autoupdate 1557413820 => C:\Users\Paola\AppData\Local\Programs\Opera\launcher.exe
Task: {F84D8AE9-73B2-4171-B6E3-18DDCA4876E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCFB2A38-1199-40B9-A2E2-C80FC753D599} - System32\Tasks\{DCC740EF-C8E5-4680-AE11-A85F35134423} => C:\Windows\system32\pcalua.exe -a "C:\Users\Paola\Downloads\TradelizeLoader (1).exe" -d C:\Users\Paola\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-2850751526-314786809-3439856657-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{3B17E6C1-E7D0-48E0-ABEE-88B0DE8815FF}: [NameServer] 204.69.234.1,204.74.101.1
Tcpip\..\Interfaces\{3C87B911-4EFC-46B1-B9AC-07FB793E35AC}: [NameServer] 204.69.234.1,204.74.101.1,192.168.44.1
Tcpip\..\Interfaces\{3C87B911-4EFC-46B1-B9AC-07FB793E35AC}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{40696220-083B-4995-A3CF-FAAED7A29424}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{5C76EAEF-3FB2-4DA8-B890-883DA66138A8}: [DhcpNameServer] 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{AACDAA57-1EF9-4E79-8697-6C6F2CAE5B48}: [NameServer] 198.153.192.1,198.153.194.1
Tcpip\..\Interfaces\{D825676D-6BEF-4116-BAF3-9D34DCC74D9E}: [NameServer] 204.69.234.1,204.74.101.1
Tcpip\..\Interfaces\{F3194DF5-9DBA-49FC-B912-8189191DEEF8}: [NameServer] 190.121.224.39 190.121.224.40
Tcpip\..\Interfaces\{F4F19F17-023D-4345-8AC2-2D8F807FC2B6}: [NameServer] 9.9.9.9,1.1.1.1,192.168.42.129
Tcpip\..\Interfaces\{F4F19F17-023D-4345-8AC2-2D8F807FC2B6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FE0BF672-3FB5-43CC-901B-B8354442E217}: [NameServer] 204.69.234.1,204.74.101.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\IEExt\ie_plugin.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-16] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\IEExt\ie_plugin.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-03-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-03-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-03-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-03-15] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: m3iifm9h.default
FF ProfilePath: C:\Users\Paola\AppData\Roaming\Mozilla\Firefox\Profiles\3eqcbygi.default-release [2019-09-19]
FF ProfilePath: C:\Users\Paola\AppData\Roaming\Mozilla\Firefox\Profiles\m3iifm9h.default [2019-12-04]
FF NetworkProxy: Mozilla\Firefox\Profiles\m3iifm9h.default -> type", 0
FF Extension: (Tippin.me) - C:\Users\Paola\AppData\Roaming\Mozilla\Firefox\Profiles\m3iifm9h.default\Extensions\[email protected] [2019-05-22]
FF Extension: (SoundFixer) - C:\Users\Paola\AppData\Roaming\Mozilla\Firefox\Profiles\m3iifm9h.default\Extensions\[email protected] [2019-07-20]
FF Extension: (show-my-ip) - C:\Users\Paola\AppData\Roaming\Mozilla\Firefox\Profiles\m3iifm9h.default\Extensions\{b93d6beb-e3fc-4ca7-82e9-930a8b040d69}.xpi [2019-06-29]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi [2019-09-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2850751526-314786809-3439856657-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Paola\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2019-09-06] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2850751526-314786809-3439856657-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Paola\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2019-09-06] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2850751526-314786809-3439856657-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Paola\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-10-29] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-10-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-10-25] <==== ATTENTION

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.facebook.com/"
CHR Profile: C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default [2019-12-08]
CHR Extension: (Duolingo en la web) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2019-12-04]
CHR Extension: (Descargador de Vídeo Vimeo) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgpbghdbejagejmciefmekcklikpoeel [2019-12-05]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2019-12-05]
CHR Extension: (Save Your Tabs for Later) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlpkofiapmkalomecepjjhlkjhommkap [2019-12-05]
CHR Extension: (VT4Browsers) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2019-12-08]
CHR Extension: (Moon: Shop online with Bitcoin) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehmpejjklcibliopgbghpgfinhbjopnn [2019-12-04]
CHR Extension: (Dark Reader) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2019-12-07]
CHR Extension: (Tab Suspender) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiabciakcmgepblmdkmemdbbkilneeeh [2019-12-04]
CHR Extension: (Lolli: Earn Bitcoin When You Shop) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\fleenceagaplaefnklabikkmocalkcpo [2019-12-05]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-12-06]
CHR Extension: (Bottle Pay) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\jadhemmpfahnnnlekbggdpmhmlmoldje [2019-12-05]
CHR Extension: (Grammarly for Chrome) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-12-05]
CHR Extension: (Webcam Toy) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2019-12-05]
CHR Extension: (Volume Control - Control del volumen) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhgpflelfbhnihnbjigpgdbahgkbghp [2019-12-05]
CHR Extension: (Waves Keeper) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpilbniiabackdjcionkobglmddfbcjo [2019-12-04]
CHR Extension: (LightShot (la herramienta de captura de pantalla)) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-12-05]
CHR Extension: (Direct Message for Instagram™) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpgppkombninhkfhaggckdmencplhmg [2019-12-05]
CHR Extension: (MeddleMonkey) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihledlmchhofenpacbhphnbnpakgmo [2019-12-05]
CHR Extension: (ProjectWork - professional project scheduling) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojhjfelociapcolpehhfffkfdghakhj [2019-12-05]
CHR Extension: (Linguix) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgklmlnheedegipcohgcbjhhgddendc [2019-12-05]
CHR Extension: (MetaMask) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2019-12-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-04]
CHR Extension: (Keybase) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ognfafcpbkogffpmmdglhbjboeojlefj [2019-12-04]
CHR Extension: (HubSpot: Email Tracking & Sales CRM for Gmail) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd [2019-12-04]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2019-12-05]
CHR Extension: (Miro) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfmbdmhambgleempeofcjjhjclimccg [2019-12-05]
CHR Extension: (Cacoo - Diagramación & Colaboración en tiempo real) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcflmbddgcmomcfngehfhlajjapabojh [2019-12-04]
CHR Extension: (Chrome Media Router) - C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-05]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-09-09] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S2 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [483808 2018-04-11] (ICEpower a/s -> ICEpower a/s)
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-04] (Malwarebytes Inc -> Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2014-11-20] (Huawei Technologies Co.,Ltd. -> )
R2 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [8704 2019-04-14] (StagWare) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12054872 2019-10-10] (TeamViewer GmbH -> TeamViewer GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-10-10] (Oracle Corporation -> Oracle Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21600 2018-09-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AR9271; C:\Windows\System32\DRIVERS\athuwx.sys [2226176 2019-04-14] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [5020672 2009-07-13] (Microsoft Windows -> ATI Technologies Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-10-20] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [22568 2014-08-12] (IVT CORPORATION -> IVT Corporation.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [243200 2009-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 FlashBoot; C:\Windows\System32\DRIVERS\FlashBoot.sys [17616 2019-06-18] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [131248 2019-06-18] (GENESYS LOGIC, INC. -> GenesysLogic)
R3 gmhidlow; C:\Windows\System32\DRIVERS\gmhidlow.sys [21008 2019-08-08] (KYE SYSTEMS CORP. -> )
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [117248 2009-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2019-04-14] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT CORPORATION -> IVT Corporation.)
S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT CORPORATION -> IVT Corporation.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [76624 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [129152 2019-07-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [251512 2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [516216 2019-09-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998016 2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project)
S4 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [210280 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [11776 2009-09-04] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [190032 2016-04-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [779232 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2584792 2019-05-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [12032 2018-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [51352 2019-04-14] (Synaptics Incorporated -> Synaptics Incorporated)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [237376 2019-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [248464 2019-10-11] (Oracle Corporation -> Oracle Corporation)
S3 wdf_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [43128 2011-08-11] (mtkkey -> MediaTek Inc.)
R1 WinRing0_1_2_0; C:\Program Files (x86)\NoteBook FanControl\WinRing0x64.sys [14544 2019-09-04] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [119680 2009-09-19] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [119680 2009-09-19] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [119680 2009-09-19] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 IvtComBusSrv; System32\Drivers\btcombus.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-08 03:21 - 2019-12-08 03:23 - 000035639 _____ C:\Users\Paola\Desktop\FRST.txt
2019-12-08 03:21 - 2019-12-08 03:21 - 000000000 ___RD C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2019-12-08 03:08 - 2019-12-07 13:51 - 002263552 _____ (Farbar) C:\Users\Paola\Desktop\FRST64.exe
2019-12-07 13:52 - 2019-12-07 14:02 - 000043533 _____ C:\Users\Paola\Downloads\Addition.txt
2019-12-07 13:51 - 2019-12-07 14:02 - 000055136 _____ C:\Users\Paola\Downloads\FRST.txt
2019-12-07 13:51 - 2019-12-07 13:51 - 000000000 ____D C:\Users\Paola\Downloads\FRST-OlderVersion
2019-12-07 13:49 - 2019-12-08 03:22 - 000000000 ____D C:\FRST
2019-12-07 03:52 - 2019-12-07 03:52 - 000000491 _____ C:\Users\Paola\Downloads\UTC--2019-12-07T07-52-05.120Z--b948430eee899a6d40ec6cc49e5a8705b03a8921
2019-12-07 03:34 - 2019-12-07 13:51 - 002263552 _____ (Farbar) C:\Users\Paola\Downloads\FRST64.exe
2019-12-07 00:01 - 2019-12-07 00:02 - 001351763 _____ C:\Users\Paola\Downloads\Cointigopitchdecklast(2).pdf
2019-12-06 00:58 - 2019-12-06 01:01 - 009102193 _____ C:\Users\Paola\Downloads\iocta_2019.pdf
2019-12-06 00:22 - 2019-12-06 00:22 - 000801932 _____ C:\Users\Paola\Downloads\dnmbible.pdf
2019-12-06 00:14 - 2019-12-06 00:14 - 000023611 _____ C:\Users\Paola\Desktop\energy-report.html
2019-12-05 01:21 - 2019-12-05 01:22 - 000001930 _____ C:\Users\Paola\Desktop\Rkill.txt
2019-12-05 00:58 - 2019-12-05 00:58 - 000000000 ____D C:\Users\Paola\Downloads\WinsockFix_InfoSpyware
2019-12-05 00:52 - 2019-12-05 01:19 - 000000748 _____ C:\Users\Paola\Desktop\ESET Online Scanner.lnk
2019-12-05 00:52 - 2019-12-05 00:52 - 000000000 ____D C:\Users\Paola\AppData\Local\ESET
2019-12-05 00:33 - 2019-12-05 00:45 - 008162616 _____ (ESET spol. s r.o.) C:\Users\Paola\Downloads\esetonlinescanner_esn.exe
2019-12-05 00:29 - 2019-12-05 00:29 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Paola\Downloads\iExplore.exe
2019-12-05 00:17 - 2019-12-05 00:27 - 205263808 _____ C:\Users\Paola\Downloads\cureit.exe
2019-12-05 00:07 - 2019-12-05 00:07 - 000341794 _____ C:\Users\Paola\Downloads\IF-DNS.exe
2019-12-05 00:07 - 2019-12-05 00:07 - 000251211 _____ C:\Users\Paola\Downloads\Guía para cambiar las DNS - Guías, manuales, tutoriales y más - ForoSpyware.pdf
2019-12-05 00:04 - 2019-12-05 00:07 - 008218800 _____ (Malwarebytes) C:\Users\Paola\Downloads\adwcleaner_8.0.0.exe
2019-12-05 00:03 - 2019-12-05 00:03 - 004773088 _____ (SOSVirus) C:\Users\Paola\Downloads\UsbFix_2019_11.022.exe
2019-12-04 23:59 - 2019-12-05 00:01 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Paola\Downloads\tdsskiller.exe
2019-12-04 23:52 - 2019-12-04 23:56 - 001883976 _____ (Malwarebytes) C:\Users\Paola\Downloads\MBSetup.exe
2019-12-04 23:50 - 2019-12-04 23:51 - 005404387 _____ (Raúl Argente ) C:\Users\Paola\Downloads\ARegClean-old.exe
2019-12-04 23:50 - 2019-12-04 23:50 - 000702243 _____ C:\Users\Paola\Downloads\WinsockFix_InfoSpyware.zip
2019-12-04 23:49 - 2019-12-04 23:50 - 000791393 _____ (Lars Hederer ) C:\Users\Paola\Downloads\erunt-setup.exe
2019-12-04 23:49 - 2019-12-04 23:49 - 001115450 _____ C:\Users\Paola\Downloads\RegSeeker.3.01.setup.zip
2019-12-04 15:56 - 2019-12-04 15:56 - 000000000 ____D C:\Users\Paola\Downloads\ComIntRep_4010
2019-12-04 15:54 - 2019-12-04 15:55 - 003337234 _____ (Rizonesoft ) C:\Users\Paola\Downloads\ComIntRep_4010_Setup.exe
2019-12-04 15:54 - 2019-12-04 15:55 - 003122169 _____ C:\Users\Paola\Downloads\ComIntRep_4010.zip
2019-12-04 15:38 - 2019-12-08 00:31 - 001114490 _____ C:\Windows\ntbtlog.txt
2019-12-04 05:03 - 2019-12-04 05:03 - 767038110 _____ C:\Windows\MEMORY.DMP
2019-12-04 05:03 - 2019-12-04 05:03 - 001106560 _____ C:\Windows\Minidump\120419-23306-01.dmp
2019-12-04 05:03 - 2019-12-04 05:03 - 000000000 ____D C:\Windows\Minidump
2019-12-04 00:50 - 2019-12-04 00:50 - 000000000 ____D C:\Users\Paola\AppData\Local\cache
2019-12-04 00:43 - 2019-12-04 00:50 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-04 00:43 - 2019-12-04 00:50 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-12-04 00:42 - 2019-12-04 00:43 - 001883976 _____ (Malwarebytes) C:\Users\Paola\Downloads\MBSetup-009996.009996.exe
2019-12-03 02:48 - 2019-12-03 02:48 - 000002377 _____ C:\Users\Paola\Desktop\Authy Desktop.lnk
2019-12-03 02:40 - 2019-12-03 02:41 - 005905920 _____ C:\Users\Paola\Downloads\eddie-ui_2.16.3_windows-7_x64_installer.exe
2019-12-03 01:53 - 2019-12-03 01:54 - 000000000 ____D C:\Program Files (x86)\ChrisPC DNS Switch
2019-12-03 01:47 - 2019-12-03 01:47 - 001374096 _____ (Chris P.C. srl ) C:\Users\Paola\Downloads\setup_chrispc_dns_switch_4_10.exe
2019-12-03 01:21 - 2019-12-03 01:22 - 000322642 _____ (dnsleaktest.com ) C:\Users\Paola\Downloads\dnsfixsetup.exe
2019-12-03 00:18 - 2019-12-03 00:19 - 005227019 _____ C:\Users\Paola\Downloads\namebench-1.3.1-Windows.exe
2019-12-03 00:11 - 2019-12-03 00:12 - 007380480 _____ C:\Users\Paola\Downloads\relay-windows-amd64.exe
2019-12-02 23:20 - 2019-12-02 23:21 - 002015232 _____ C:\Users\Paola\Downloads\DNSFilter_Agent_Setup.msi
2019-12-02 11:49 - 2019-12-02 11:49 - 000061128 _____ C:\Users\Paola\Downloads\NTRA201912021149166313897968.PDF
2019-12-02 11:43 - 2019-12-02 11:43 - 000118371 _____ C:\Users\Paola\Downloads\11b.pdf
2019-11-29 22:54 - 2019-11-29 22:54 - 000562691 _____ C:\Users\Paola\Downloads\SSRN-id3258508.pdf
2019-11-29 22:33 - 2019-11-29 22:33 - 002354373 _____ C:\Users\Paola\Downloads\TradingAndArbitrageInCrypto-currenc_preview.pdf
2019-11-29 03:45 - 2019-11-29 03:46 - 002430564 _____ C:\Users\Paola\Downloads\[Marvin_Neuefeind,_Marcin_Kacperczyk]_Cryptocurren(z-lib.org).epub
2019-11-28 14:00 - 2019-11-28 14:13 - 152985689 _____ (Bisq ) C:\Users\Paola\Downloads\Bisq-64bit-1.2.3.exe
2019-11-28 13:52 - 2019-12-04 22:49 - 000000000 ____D C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenBazaar
2019-11-28 13:52 - 2019-11-28 14:22 - 000000000 ____D C:\Users\Paola\openbazaar
2019-11-28 13:52 - 2019-11-28 13:52 - 000000000 ____D C:\Users\Paola\OpenBazaar2.0-ClientData
2019-11-28 13:52 - 2019-11-28 13:52 - 000000000 ____D C:\Users\Paola\AppData\Roaming\OpenBazaar2
2019-11-28 13:51 - 2019-12-04 22:49 - 000000000 ____D C:\Users\Paola\AppData\Local\OpenBazaar2
2019-11-28 13:40 - 2019-11-28 13:48 - 113817144 _____ (OpenBazaar) C:\Users\Paola\Downloads\OpenBazaar2-2.3.5-Setup-64.exe
2019-11-28 03:09 - 2019-11-28 03:09 - 004184627 _____ C:\Users\Paola\Downloads\video-1574924543.mp4
2019-11-27 22:54 - 2019-11-27 22:54 - 000482552 _____ C:\Users\Paola\Downloads\[Silverglate_Harvey]_Three_Felonies_a_Day__How_the(z-lib.org).epub
2019-11-27 22:40 - 2019-11-27 22:40 - 000873961 _____ C:\Users\Paola\Downloads\[Martin_Meadows]_365_Days_With_Self-Discipline__36(z-lib.org) (1).epub
2019-11-27 22:14 - 2019-11-27 22:15 - 005214933 _____ C:\Users\Paola\Downloads\[Mikael_Krogerus,_Roman_Tsch_ppeler]_The_Decision_(z-lib.org).epub
2019-11-26 17:52 - 2019-11-26 17:53 - 009239923 _____ C:\Users\Paola\Downloads\[Swami_Venkatesananda]_Vasistha's_Yoga(z-lib.org).epub
2019-11-26 17:52 - 2019-11-26 17:52 - 003911480 _____ C:\Users\Paola\Downloads\[Swami_Venkatesananda]_The_Concise_Ramayana_of_Val(z-lib.org).pdf
2019-11-26 17:41 - 2019-11-26 17:49 - 078963121 _____ C:\Users\Paola\Downloads\[Ian_Chilvers]_The_Concise_Oxford_Dictionary_of_Ar(z-lib.org).pdf
2019-11-26 17:40 - 2019-11-26 17:40 - 002528740 _____ C:\Users\Paola\Downloads\[Sri_Munagala_Venkataramiah]_Talks_with_Sri_Ramana(z-lib.org).pdf
2019-11-26 17:34 - 2019-11-26 17:36 - 016935587 _____ C:\Users\Paola\Downloads\[Winthrop_Sargeant_(Translation_and_Commentary),_H(z-lib.org).pdf
2019-11-26 17:16 - 2019-11-26 17:16 - 001864209 _____ C:\Users\Paola\Downloads\[Laura_Hillenbrand]_Unbroken__A_World_War_II_Story(z-lib.org).epub
2019-11-26 17:16 - 2019-11-26 17:16 - 001594739 _____ C:\Users\Paola\Downloads\[Cal_Newport]_Deep_Work__Rules_for_focused_success(z-lib.org).pdf
2019-11-26 15:34 - 2011-03-11 02:41 - 001659776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-11-26 15:34 - 2011-03-11 02:41 - 000410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2019-11-26 15:34 - 2011-03-11 02:41 - 000166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2019-11-26 15:34 - 2011-03-11 02:41 - 000148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2019-11-26 15:34 - 2011-03-11 02:41 - 000107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2019-11-26 15:34 - 2011-03-11 02:41 - 000027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2019-11-26 15:34 - 2011-03-11 02:33 - 002565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-11-26 15:34 - 2011-03-11 02:30 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2019-11-26 15:34 - 2011-03-11 01:33 - 001699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-11-26 15:34 - 2011-03-11 01:31 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2019-11-26 12:14 - 2019-11-26 12:15 - 000546153 _____ C:\Users\Paola\Downloads\Newsletter_3_-_New_HIGH_Potential_Spec.pdf
2019-11-25 04:16 - 2019-11-25 04:16 - 000000000 ____D C:\Users\Paola\Downloads\dnscrypt-proxy-win64-2.0.33
2019-11-25 04:15 - 2019-11-25 04:16 - 002927364 _____ C:\Users\Paola\Downloads\dnscrypt-proxy-win64-2.0.33.zip
2019-11-24 02:03 - 2019-11-24 02:03 - 001006124 _____ C:\Users\Paola\Downloads\[Viktor_E._Frankl]_Man's_search_for_meaning(z-lib.org).pdf
2019-11-24 02:03 - 2019-11-24 02:03 - 000626437 _____ C:\Users\Paola\Downloads\[Robert_Greene,_Joost_Elffers]_The_48_laws_of_powe(z-lib.org).epub
2019-11-24 02:00 - 2019-11-24 02:00 - 003640731 _____ C:\Users\Paola\Downloads\[Dale_Carnegie_&_Associates]_How_to_Win_Friends_an(z-lib.org).epub
2019-11-24 01:55 - 2019-11-24 01:55 - 007366247 _____ C:\Users\Paola\Downloads\[Andrew_Aziz]_Advanced_Techniques_in_Day_Trading__(z-lib.org).epub
2019-11-24 01:54 - 2019-11-24 01:53 - 001197613 ____R C:\Users\Paola\Downloads\[David_Epstein]_Range__How_Generalists_Triumph_in_(z-lib.org).epub
2019-11-24 01:16 - 2019-11-24 01:16 - 004172413 _____ C:\Users\Paola\Downloads\[Gabrielle_Stobbe]_Just_Enough_English_Grammar_Ill(z-lib.org) (1).pdf
2019-11-24 01:12 - 2019-11-24 01:14 - 023557778 _____ C:\Users\Paola\Downloads\[DK,_Catherine_Collin,_Nigel_Benson,_Joannah_Ginsb(z-lib.org).pdf
2019-11-24 01:11 - 2019-11-24 01:12 - 003291237 _____ C:\Users\Paola\Downloads\[Bryson]_The_Fluoride_Deception_(history_water_flo(z-lib.org).pdf
2019-11-23 02:14 - 2019-11-23 02:14 - 000166021 _____ C:\Users\Paola\Downloads\FCS-9825063-Elvis Perez.pdf
2019-11-23 02:10 - 2019-11-23 02:10 - 000026522 _____ C:\Users\Paola\Downloads\edb59193-9fe8-40d1-ae13-e5a71eb97cfb.pdf
2019-11-20 02:45 - 2019-11-20 02:45 - 000262963 _____ C:\Users\Paola\Downloads\elvis.pdf
2019-11-20 02:07 - 2019-11-20 02:07 - 000084505 _____ C:\Users\Paola\Downloads\acta de discusion perez elvis.pdf
2019-11-20 02:04 - 2019-11-20 02:04 - 000075792 _____ C:\Users\Paola\Downloads\Perez Elvis.pdf
2019-11-19 16:57 - 2019-11-19 16:57 - 000003864 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2019-11-18 15:47 - 2019-11-18 15:47 - 000032966 _____ C:\Users\Paola\Downloads\01 Requisitos Constacia CD Trabajo (1).pdf
2019-11-18 04:15 - 2019-11-28 11:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-11-18 03:41 - 2019-11-18 03:41 - 000032966 _____ C:\Users\Paola\Downloads\01 Requisitos Constacia CD Trabajo.pdf
2019-11-17 11:21 - 2019-11-17 11:21 - 000000000 ____D C:\Users\Paola\Documents\My Games
2019-11-17 11:21 - 2019-11-17 11:21 - 000000000 ____D C:\Users\Paola\AppData\LocalLow\FuelGames
2019-11-17 10:51 - 2019-11-17 11:18 - 000000000 ____D C:\Users\Paola\Downloads\Apollo
2019-11-17 09:46 - 2019-11-23 03:32 - 000000000 ____D C:\Users\Paola\AppData\Roaming\apollo-launcher
2019-11-17 09:46 - 2019-11-17 10:31 - 000002475 _____ C:\Users\Paola\Desktop\Immutable.lnk
2019-11-17 09:46 - 2019-11-17 09:46 - 000002483 _____ C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Immutable.lnk
2019-11-17 09:45 - 2019-11-17 09:46 - 000000000 ____D C:\Users\Paola\AppData\Local\apollo-launcher-updater
2019-11-17 09:20 - 2019-11-17 09:40 - 045973800 _____ (Immutable) C:\Users\Paola\Downloads\Immutable+Setup+0.4.5.exe
2019-11-17 09:19 - 2019-11-17 09:19 - 000009019 _____ C:\Users\Paola\Downloads\descarga (1).htm
2019-11-14 09:00 - 2019-11-14 09:00 - 000937555 _____ C:\Users\Paola\Desktop\SRO.pptx
2019-11-13 00:56 - 2019-11-14 09:00 - 000937550 _____ C:\Users\Paola\Desktop\Presentación1.pptx
2019-11-12 23:36 - 2019-11-12 23:36 - 000874796 _____ C:\Users\Paola\Desktop\LOGO PEDIATRIA.psd
2019-11-12 23:35 - 2019-11-12 23:35 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign6d85f12768e50a27
2019-11-12 23:35 - 2019-11-12 23:35 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign5b05367c641b9dbb
2019-11-12 23:32 - 2019-11-12 23:32 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsigna009bbd1ccd0ed25
2019-11-12 23:32 - 2019-11-12 23:32 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign7784c76f86bb2ffb
2019-11-12 23:29 - 2019-11-12 23:30 - 000398315 _____ C:\Users\Paola\Desktop\LOGO PEDIATRIA.htm
2019-11-12 22:12 - 2019-12-08 03:07 - 001289728 ___SH C:\Users\Paola\Downloads\Thumbs.db
2019-11-12 02:10 - 2019-11-12 02:10 - 002260658 _____ C:\Users\Paola\Downloads\tesis presentacion.pptx
2019-11-12 01:53 - 2019-11-12 01:53 - 000981640 _____ C:\Users\Paola\Downloads\Dialnet-ConsensoInternacionalDeGastroenteritisAgudaEnUrgen-6958326.pdf
2019-11-12 01:53 - 2019-11-12 01:53 - 000981640 _____ C:\Users\Paola\Downloads\Dialnet-ConsensoInternacionalDeGastroenteritisAgudaEnUrgen-6958326 (1).pdf
2019-11-11 00:13 - 2019-11-11 00:13 - 000000318 _____ C:\Users\Paola\Downloads\S0120491215000075.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-08 03:22 - 2018-09-21 11:09 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-12-08 03:20 - 2009-07-14 00:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-08 03:20 - 2009-07-14 00:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-08 03:12 - 2019-10-04 14:56 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-08 03:12 - 2019-10-04 14:56 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-08 03:09 - 2019-06-01 14:37 - 000000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-12-08 03:09 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\tracing
2019-12-08 03:07 - 2017-11-02 08:35 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-08 03:06 - 2019-07-25 16:30 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2019-12-08 03:06 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-07 16:58 - 2019-05-07 15:03 - 000000000 ____D C:\Users\Paola\Downloads\Telegram Desktop
2019-12-07 02:49 - 2019-08-01 23:57 - 000000000 ____D C:\Users\Paola\Downloads\snes9x-1.60-win32-x64
2019-12-06 21:16 - 2018-09-27 21:42 - 000000000 ____D C:\Users\Paola\AppData\Roaming\vlc
2019-12-05 12:58 - 2019-05-19 11:36 - 000000000 ____D C:\Users\Paola\AppData\Local\ElevatedDiagnostics
2019-12-04 22:54 - 2019-11-05 15:54 - 000000000 ____D C:\Users\Paola\AppData\Local\DeepL
2019-12-04 22:48 - 2018-09-25 20:07 - 000000388 _____ C:\Windows\Tasks\update-sys.job
2019-12-04 22:48 - 2018-09-25 20:07 - 000000388 _____ C:\Windows\Tasks\update-S-1-5-21-2850751526-314786809-3439856657-1001.job
2019-12-04 19:17 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\Registration
2019-12-04 18:24 - 2019-08-04 13:22 - 000000000 ____D C:\Users\Paola\Desktop\Screenshoot
2019-12-04 18:24 - 2019-08-04 13:21 - 000000000 ____D C:\Users\Paola\Desktop\PDF
2019-12-04 18:23 - 2019-06-18 19:02 - 000000000 ____D C:\Users\Paola\Desktop\Screenshots
2019-12-04 17:06 - 2019-09-05 17:05 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-04 12:22 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF
2019-12-04 11:56 - 2019-09-16 18:58 - 000000000 ____D C:\Users\Paola\Downloads\Once upon a Time in Hollywood [TS][Subtitulado][wWw.EliteTorrent.IO]
2019-12-04 00:56 - 2018-09-21 12:44 - 000000000 ____D C:\Users\Paola\AppData\Local\CrashDumps
2019-12-04 00:49 - 2019-08-08 19:47 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-03 02:48 - 2019-05-26 14:16 - 000000000 ____D C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twilio Inc
2019-12-03 02:47 - 2019-05-26 14:16 - 000000000 ____D C:\Users\Paola\AppData\Local\authy-electron
2019-12-03 02:46 - 2019-05-26 14:16 - 000000000 ____D C:\Users\Paola\AppData\Local\SquirrelTemp
2019-12-03 02:04 - 2019-04-14 12:50 - 000000000 ____D C:\Users\Paola\Downloads\kali-linux-light-2019-1a-amd64-iso
2019-12-03 01:51 - 2019-09-19 20:23 - 000000000 ____D C:\Users\Paola\Downloads\Blue Valentine (2010) [1080p]
2019-12-03 00:42 - 2018-11-13 08:59 - 000000000 ____D C:\Users\Paola\Desktop\NOKIA
2019-12-02 23:50 - 2019-10-01 03:34 - 000000000 ____D C:\Users\Paola\Downloads\7dhxFo
2019-12-02 23:50 - 2019-08-06 20:57 - 000000000 ____D C:\Users\Paola\Downloads\120439
2019-12-02 22:18 - 2011-04-12 05:10 - 000817890 _____ C:\Windows\system32\perfh00A.dat
2019-12-02 22:18 - 2011-04-12 05:10 - 000187258 _____ C:\Windows\system32\perfc00A.dat
2019-12-02 22:18 - 2009-07-14 01:13 - 001858332 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-02 22:18 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2019-12-02 10:44 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\ModemLogs
2019-12-02 00:22 - 2019-09-04 17:23 - 000000000 ____D C:\ProgramData\NbfcService
2019-11-28 13:52 - 2018-09-21 11:07 - 000000000 ____D C:\Users\Paola
2019-11-28 11:44 - 2017-11-02 08:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-11-28 03:11 - 2018-09-22 11:44 - 000000000 ____D C:\Users\Paola\AppData\LocalLow\Mozilla
2019-11-27 17:51 - 2018-09-22 18:14 - 000000000 ____D C:\Windows\rescache
2019-11-26 16:02 - 2016-12-14 11:18 - 001832918 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-11-25 01:25 - 2019-08-01 22:51 - 000003174 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-1001
2019-11-25 01:25 - 2019-08-01 22:51 - 000000000 ___RD C:\Users\Paola\OneDrive
2019-11-25 01:25 - 2018-09-21 11:07 - 000002190 _____ C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-11-22 16:35 - 2019-09-16 16:10 - 000000000 ____D C:\Users\Paola\Documents\My Kindle Content
2019-11-22 16:33 - 2019-05-26 11:29 - 000000000 ____D C:\Users\Paola\Desktop\Telegrams
2019-11-21 22:36 - 2017-11-02 08:32 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-20 09:25 - 2019-07-15 18:50 - 000000000 ____D C:\Users\Paola\Desktop\Julio 2019
2019-11-18 15:36 - 2019-09-03 16:46 - 000000000 ____D C:\Users\Paola\.VirtualBox
2019-11-18 15:35 - 2019-09-03 16:46 - 000000000 ____D C:\ProgramData\VirtualBox
2019-11-15 20:13 - 2019-05-06 12:21 - 000000000 ____D C:\Users\Paola\AppData\Roaming\Psiphon3
2019-11-15 20:02 - 2019-05-06 12:21 - 006754416 _____ C:\Users\Paola\Downloads\psiphon3.exe
2019-11-15 00:16 - 2017-11-02 08:33 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-14 15:39 - 2018-11-11 21:49 - 000000000 ____D C:\Users\Paola\Desktop\Trabajos en illustrator
2019-11-12 23:31 - 2018-10-25 23:07 - 000000033 _____ C:\Users\Paola\AppData\Roaming\AdobeWLCMCache.dat
2019-11-12 17:03 - 2010-11-20 23:27 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-11-10 03:39 - 2019-10-28 16:10 - 000000000 ____D C:\Users\Paola\Desktop\Respaldo USB paola

==================== Files in the root of some directories ========

2018-10-25 23:07 - 2019-11-12 23:31 - 000000033 _____ () C:\Users\Paola\AppData\Roaming\AdobeWLCMCache.dat
2019-09-05 20:13 - 2019-09-05 20:13 - 000000000 _____ () C:\Users\Paola\AppData\Roaming\MCVi2UserDetail.ini
2018-10-10 17:50 - 2018-10-10 17:50 - 000000410 _____ () C:\Users\Paola\AppData\Local\oobelibMkey.log
2018-10-06 20:54 - 2018-10-06 20:54 - 000000017 _____ () C:\Users\Paola\AppData\Local\resmon.resmoncfg
2018-09-25 20:07 - 2018-09-25 20:07 - 000000003 _____ () C:\Users\Paola\AppData\Local\updater.log
2018-09-25 20:07 - 2018-09-25 20:07 - 000000425 _____ () C:\Users\Paola\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-29 19:11
==================== End of FRST.txt ========================
#10 
Ran by Paola (08-12-2019 03:25:00)
Running from C:\Users\Paola\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2018-09-21 15:07:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2850751526-314786809-3439856657-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2850751526-314786809-3439856657-1003 - Limited - Enabled)
Invitado (S-1-5-21-2850751526-314786809-3439856657-501 - Limited - Disabled)
Paola (S-1-5-21-2850751526-314786809-3439856657-1001 - Administrator - Enabled) => C:\Users\Paola

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.1.435 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
ATAS CryptoTrader (HKLM-x32\...\{9873D32D-B0C3-4F96-B836-C469AE3945E3}_is1) (Version:  - OrderFlowTrading.NET)
Authy Desktop (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\authy-electron) (Version: 1.7.1 - Twilio Inc.)
BitTorrent (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\BitTorrent) (Version: 7.10.5.45312 - BitTorrent Inc.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.140.12.1002 - BlueStack Systems, Inc.)
calibre (HKLM-x32\...\{FD6B4DA3-5E7B-499E-841D-B797BED0CC47}) (Version: 3.48.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
D-Link Connection Manager v5.0.0LA (HKLM-x32\...\Broad Mobi HSPA Modem Normal Version_is1) (Version:  - )
DriverHub (HKLM-x32\...\DriverHub) (Version: 1.1.2.1563 - ROSTPAY LTD)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epic Privacy Browser (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\Epic Privacy Browser) (Version: 71.0.3578.98 - Epic)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - epubfilereader.com)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Git version 2.21.0 (HKLM\...\Git_is1) (Version: 2.21.0 - The Git Development Community)
Go Programming Language amd64 go1.3 (HKLM-x32\...\{FF5B30B2-08C2-11E1-85A2-6ACA4824019B}) (Version: 1.0.3.0 - hxxp://golang.org)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Immutable 0.4.8 (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\{6ae4b193-3f11-53fc-9cc5-14b1f1a73184}) (Version: 0.4.8 - Immutable)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.4.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kaspersky Free (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Total Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Lantern (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\Lantern) (Version: 5.4.0 - Brave New Software Project, Inc.)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.26.02.03 - Huawei Technologies Co.,Ltd)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.300.05.06.155 - Huawei Technologies Co.,Ltd)
MODEM Mobile Connection (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - )
Mozilla Firefox 70.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-ES)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.5 - Mozilla)
Nero BurningROM 2019 (HKLM-x32\...\{798AC6BA-CF99-4585-BD3A-89A51CB10530}) (Version: 20.0.00900 - Nero AG)
Nero Core (HKLM-x32\...\{85EFC653-C416-4759-BFD0-0A0095B3FFAC}) (Version: 1.2.00200 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 20.0.1011 - Nero AG)
NoteBook FanControl (HKLM-x32\...\{6ccab7ac-feb0-4395-97e3-75cd6f6c407b}) (Version: 1.6.3.0 - Stefan Hirschmann - StagWare)
NoteBook FanControl (HKLM-x32\...\{C027E819-C64C-443E-B6D5-755FE4A7A925}) (Version: 1.6.3.0 - Stefan Hirschmann - StagWare) Hidden
Oracle VM VirtualBox 6.0.14 (HKLM\...\{8E519428-0DC5-4A01-818A-73155A0AF8AF}) (Version: 6.0.14 - Oracle Corporation)
Paquete de controladores de Windows - Intel (MEIx64) System  (03/28/2016 11.0.5.1189) (HKLM\...\63CEF5543DBF9887E6220C5C2F7F85C2D4C726D5) (Version: 03/28/2016 11.0.5.1189 - Intel)
Paquete de controladores de Windows - Intel(R) Corporation (IntcDAud) MEDIA  (06/22/2017 6.16.00.3200) (HKLM\...\35F10B39A811B52865C4B4B57EE6D46592307FD6) (Version: 06/22/2017 6.16.00.3200 - Intel(R) Corporation)
Paquete de controladores de Windows - Qualcomm Atheros Communications Inc. (athr) Net  (08/14/2015 10.0.0.326) (HKLM\...\56B1A735BC0841E802E7BB371D433BD236941875) (Version: 08/14/2015 10.0.0.326 - Qualcomm Atheros Communications Inc.)
Paquete de controladores de Windows - Realtek (RTL8167) Net  (12/23/2016 7.104.1223.2016) (HKLM\...\8FE7583BA3BE7DC67C5AE21C06F30A7E65FB3C21) (Version: 12/23/2016 7.104.1223.2016 - Realtek)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.60724 - Microsoft Corporation)
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Popcorn-Time (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Prerequisite installer (HKLM-x32\...\{37E15A76-F310-4C62-9D32-EE96C83BBD2C}) (Version: 20.2.0001 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.350 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.137 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8821.1 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10253 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.2.0.15250 - Sony Corporation)
Signal 1.27.2 (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\{7d96caee-06e6-597c-9f2f-c7bb2e0948b4}) (Version: 1.27.2 - Open Whisper Systems)
Skype versión 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
Skype™ 7.40 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.40.104 - Skype Technologies S.A.)
Speedtest by Ookla (HKLM\...\{84EF7A8D-CEC5-44D9-A889-4C576EBCB8C4}) (Version: 1.1.23.001 - Ookla)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.2.4 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.7.1965 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\ZoomUMX) (Version: 4.5 - Zoom Video Communications, Inc.)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.16 - ZTE Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2850751526-314786809-3439856657-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2015-09-09] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2015-09-09] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Paola\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-28] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2019-04-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Paola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk -> C:\Users\Paola\AppData\Local\Popcorn-Time\Popcorn-Time.exe (The NWJS Community) -> --user-data-dir="C:\Users\Paola\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj

==================== Loaded Modules (Whitelisted) =============

2015-09-08 23:57 - 2015-09-08 23:57 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-24 16:34 - 2014-04-24 16:34 - 000504320 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2014-04-24 16:34 - 2014-04-24 16:34 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2019-11-26 16:24 - 2019-11-26 16:24 - 003709952 _____ (NLog) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NLog\4270cb21167a0260c2d85058d701a623\NLog.ni.dll
2015-09-09 00:03 - 2015-09-09 00:03 - 000107600 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll
2015-09-09 00:03 - 2015-09-09 00:03 - 000033360 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000203344 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000085584 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\GattI.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000126544 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\gatts.DLL
2015-09-09 00:04 - 2015-09-09 00:04 - 000083024 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000034384 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000063056 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ModuleManager.dll
2015-09-09 00:05 - 2015-09-09 00:05 - 000068176 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\HumanInterfaceDevice\hid.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 001067600 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000291408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000130128 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\skypeagent.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000027216 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2015-09-09 00:04 - 2015-09-09 00:04 - 000116304 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.dll
2015-09-08 23:58 - 2015-09-08 23:58 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\LE\LE.dll
2015-09-08 23:59 - 2015-09-08 23:59 - 000210432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dll
2015-09-09 00:00 - 2015-09-09 00:00 - 000162304 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2015-09-09 00:00 - 2015-09-09 00:00 - 000177152 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BIP\BIP.dll
2015-09-08 23:58 - 2015-09-08 23:58 - 000018432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\DID\DId.dll
2015-09-08 23:57 - 2015-09-08 23:57 - 000035840 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FAX\Fax.dll
2015-09-08 23:59 - 2015-09-08 23:59 - 000422400 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2015-09-08 23:59 - 2015-09-08 23:59 - 000096256 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2015-09-08 23:55 - 2015-09-08 23:55 - 000096768 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\goep\goep.dll
2015-09-08 23:57 - 2015-09-08 23:57 - 000029696 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2015-09-08 23:58 - 2015-09-08 23:58 - 000142848 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\HealthDevice\HDP.dll
2015-09-09 00:00 - 2015-09-09 00:00 - 000091136 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2015-09-08 23:55 - 2015-09-08 23:55 - 000181248 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\ObjPush.dll
2015-09-09 00:00 - 2015-09-09 00:00 - 000066048 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2015-09-08 23:57 - 2015-09-08 23:57 - 000020992 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Pan\pan.dll
2015-09-08 23:59 - 2015-09-08 23:59 - 000067072 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\pbap\pbap.dll
2015-09-09 00:00 - 2015-09-09 00:00 - 000063488 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2015-09-08 23:59 - 2015-09-08 23:59 - 000097280 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\sap\sap.dll
2015-09-09 00:00 - 2015-09-09 00:00 - 000087552 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2015-09-08 23:59 - 2015-09-08 23:59 - 000055296 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\spp\spp.dll
2015-09-08 23:59 - 2015-09-08 23:59 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Sync\Sync.dll
2015-09-08 23:59 - 2015-09-08 23:59 - 000045056 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\VideoDistribution\VDP.dll
2018-09-25 20:07 - 2017-05-23 14:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-09-25 20:07 - 2017-05-23 14:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
2019-09-05 16:49 - 2010-06-21 18:11 - 000220160 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VAIO Power Management\SPMDam.dll
2019-11-26 16:24 - 2019-11-26 16:24 - 000016896 _____ (StagWare) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\StagWare.BiosInfo\96064580c4d2b5e94fba68194bb4c783\StagWare.BiosInfo.ni.dll
2019-11-26 21:33 - 2019-11-26 21:33 - 000039424 _____ (StagWare) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\StagWare.Fa1fc2d056#\0e0b46df48bf6defc454195bd069bdc2\StagWare.FanControl.Service.ni.dll
2019-11-26 16:24 - 2019-11-26 16:24 - 000209408 _____ (StagWare) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\StagWare.Fafc31ac88#\247c200644dc759ee91c2aea957d99b8\StagWare.FanControl.Configurations.ni.dll
2019-11-26 16:24 - 2019-11-26 16:24 - 000147456 _____ (StagWare) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\StagWare.FanControl\5574be4354d098344187e1dae3b22318\StagWare.FanControl.ni.dll
2019-11-26 21:33 - 2019-11-26 21:33 - 000039936 _____ (StagWare) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\StagWare.Settings\34e115caf5011f326fc2a25f6a7e402e\StagWare.Settings.ni.dll
2019-11-26 16:24 - 2019-11-26 16:24 - 000141312 _____ (Tatham Oddie) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IO.A6c43dedd#\86ddd2986413afd76594e9fdd7053cdc\System.IO.Abstractions.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2019-06-01 14:37 - 2019-12-08 03:09 - 000000435 _____ C:\Windows\system32\drivers\etc\hosts.ics
192.168.137.1 Paola-PC.mshome.net # 2024 6 5 21 4 20 38 544

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\Git\cmd;C:\Program Files (x86)\NoteBook FanControl\;C:\Program Files (x86)\Calibre2\;C:\Go\bin
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 4.4.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AnyDesk.lnk => C:\Windows\pss\AnyDesk.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Paola^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Enviar a OneNote.lnk => C:\Windows\pss\Enviar a OneNote.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Paola^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Delete Cached Standalone Update Binary => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Paola\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
MSCONFIG\startupreg: Epic Privacy Browser Installer => "C:\Users\Paola\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe" /c
MSCONFIG\startupreg: Opera Browser Assistant => C:\Users\Paola\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
MSCONFIG\startupreg: RtsCM => RTSCM64.EXE
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Uninstall 19.123.0624.0005 => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Paola\AppData\Local\Microsoft\OneDrive\19.123.0624.0005"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E336AF7A-5E6F-4911-87FB-42A09E7BF048}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{421DD2F4-E74B-493D-8A95-63F935865495}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF9E8991-2254-4ED0-97D0-64C2A7B8D067}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA9C4FF9-DD90-44FD-B50A-2DC7C73C07F5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{40CF154F-0F46-41A7-B902-13DB9AEAD610}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4D9DA4F3-08D0-44EB-A0AF-FEF4082A2141}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FD710060-0199-4ECB-9A52-D30FD1A68896}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{458A5C28-1AB3-4935-9734-EF86D7D400EC}] => (Allow) C:\Users\Paola\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B522C4D7-5407-4C8D-B934-936CB0E99F03}] => (Allow) C:\Users\Paola\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{0A6E363E-AECC-4228-A34B-E19EF8C70DC5}C:\users\paola\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\paola\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{A55340E4-EA9B-459C-B15B-E2F4536C0540}C:\users\paola\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\paola\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [{55B9C5BC-1BD5-4AF2-BB17-E0736C097BDD}] => (Allow) C:\Users\Paola\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{00BCC48B-6D59-4AA7-9BFC-5230C222D2A4}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe No File
FirewallRules: [UDP Query User{BF9F2DD8-3B91-4625-AA48-56A49A213C2C}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe No File
FirewallRules: [TCP Query User{7517161A-48CC-4419-BAC2-A5A143E271CA}C:\users\paola\desktop\telegrams\telegram2\telegram.exe] => (Allow) C:\users\paola\desktop\telegrams\telegram2\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{0CF83C04-991D-440A-BB3E-9EF16DDAEF08}C:\users\paola\desktop\telegrams\telegram2\telegram.exe] => (Allow) C:\users\paola\desktop\telegrams\telegram2\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{2B8CA043-96C0-427A-91CC-1AC309DC0B80}] => (Allow) C:\Program Files (x86)\Nero\Nero 2019\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{3EB68D25-14CB-45F2-8969-A806FD5BEE12}] => (Allow) C:\Program Files (x86)\Nero\Nero 2019\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{F0BF0290-08FA-4375-A8E1-F089424D57A6}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{D854C6FE-C9A8-4C37-9E82-30E0FED63A6C}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{E13E50BF-C3C9-438B-8FAE-F5AD48382875}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{F66B8CE5-6431-40DF-A4C2-EEC88E7E6F7D}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{39B1789F-5E63-4542-8B4A-45E727619625}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E637BC58-92D8-4F01-9D5E-DC70DA72F524}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{217D72FF-2779-487D-AA40-1651C8D7F059}] => (Allow) C:\Users\Paola\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe No File
FirewallRules: [{D99E09AB-B333-4427-8FB6-4541AD3D70E0}] => (Allow) C:\Users\Paola\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe No File
FirewallRules: [TCP Query User{599D1644-1D08-4F53-8536-9F437A4E9AB4}C:\users\paola\downloads\anydesk.exe] => (Allow) C:\users\paola\downloads\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{B8A08C10-6FFC-4BD6-8320-C53CB4E91A58}C:\users\paola\downloads\anydesk.exe] => (Allow) C:\users\paola\downloads\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [{46DA7DC8-C135-401C-AC74-062789CA8DB8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6D88D000-D2E0-4973-99B9-443A45851613}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5E30A7BE-D75A-4142-A677-3029A6710C65}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DA272CB9-3C2F-4B69-A315-A958047EECD9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{A76DA13F-E7AB-431E-BC0A-712547B40ECE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{F464BAD1-26E7-4AB9-8AB7-DAD827065A3E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{8BD60C15-0F2B-467B-BD92-6A744F934B46}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [TCP Query User{88A1421A-2DF8-40FE-86A1-9D1FDA4A2C0A}C:\users\paola\appdata\local\programs\apollo-launcher\immutable.exe] => (Allow) C:\users\paola\appdata\local\programs\apollo-launcher\immutable.exe (FUEL GAMES PTY LTD -> Immutable)
FirewallRules: [UDP Query User{CA729FB2-C28E-4959-B65A-F9FB6C92A67B}C:\users\paola\appdata\local\programs\apollo-launcher\immutable.exe] => (Allow) C:\users\paola\appdata\local\programs\apollo-launcher\immutable.exe (FUEL GAMES PTY LTD -> Immutable)
FirewallRules: [TCP Query User{5694E59B-B6EC-46B7-B530-278D051250FC}C:\users\paola\downloads\apollo\gods unchained\standalonewindows64\gods.exe] => (Allow) C:\users\paola\downloads\apollo\gods unchained\standalonewindows64\gods.exe (FUEL GAMES PTY LTD -> )
FirewallRules: [UDP Query User{9B28566B-B8D4-440A-9510-6E3145BC1F75}C:\users\paola\downloads\apollo\gods unchained\standalonewindows64\gods.exe] => (Allow) C:\users\paola\downloads\apollo\gods unchained\standalonewindows64\gods.exe (FUEL GAMES PTY LTD -> )
FirewallRules: [{0741B07D-B047-4F51-B646-6CAD5346AA1D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{67584515-5972-4D9E-BBE5-365E6F0D27C6}C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe] => (Allow) C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe No File
FirewallRules: [UDP Query User{D944682D-4FCB-46F0-908A-BDCC1B3B0ADC}C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe] => (Allow) C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe No File
FirewallRules: [TCP Query User{F163D7E5-52B9-435F-A194-D2B2DEF9DD84}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{76B1997F-C8B5-4701-8C68-C49134C5C233}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)

==================== Restore Points =========================

26-11-2019 15:48:10 Windows Update
02-12-2019 23:23:00 Installed DNSFilter Agent
04-12-2019 02:41:27 Removed DNSFilter Agent
04-12-2019 12:12:42 Removed Node.js
04-12-2019 12:26:22 Operación de restauración

==================== Faulty Device Manager Devices ============

Name: Adaptador de minipuerto WiFi virtual de Microsoft
Description: Adaptador de minipuerto WiFi virtual de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dispositivo Bluetooth (Red de área personal) #2
Description: Dispositivo Bluetooth (Red de área personal)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIe GbE Family Controller
Description: Realtek PCIe GbE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/08/2019 03:27:50 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2019-12-20T11:53:50Z. Error Code: 0x80070057.

Error: (12/08/2019 03:22:44 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/08/2019 03:08:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/07/2019 03:46:23 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/07/2019 03:38:23 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/07/2019 03:32:23 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/07/2019 03:30:19 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/07/2019 02:21:41 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.


System errors:
=============
Error: (12/08/2019 03:09:36 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
amdkmafd

Error: (12/08/2019 03:06:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio ICEsound Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (12/08/2019 03:06:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio ICEsound Service.

Error: (12/08/2019 03:05:50 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: El controlador detectó un error interno del controlador en \Device\VBoxNetLwf.

Error: (12/08/2019 03:05:49 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: El controlador detectó un error interno del controlador en \Device\VBoxNetLwf.

Error: (12/08/2019 03:05:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/08/2019 03:05:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/08/2019 03:05:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.


CodeIntegrity:
===================================

Date: 2019-09-05 20:47:58.169
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\klelam_x64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-09-05 20:47:58.161
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\klelam_x64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-06-22 23:35:59.746
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\ndiskhaz.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2019-06-22 23:35:59.735
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\ndiskhaz.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2019-04-14 13:21:38.471
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-04-14 13:21:38.456
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-04-14 13:21:38.456
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-04-14 13:21:38.440
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\KLELAMX64\klelam.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

BIOS: Insyde Corp. R0180E5 04/24/2012
Motherboard: Sony Corporation VAIO
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 48%
Total physical RAM: 8092.36 MB
Available physical RAM: 4189.24 MB
Total Virtual: 16182.86 MB
Available Virtual: 12351.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:212.25 GB) NTFS

\\?\Volume{56069ac3-bdaf-11e8-9163-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5BA12F03)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Disculpa mi tardanza ya compartí los dos reportes en modo normal

#11

Hola @th3nolo

No nos estamos entendiendo, FRST si colocaste los reportes, el que falta es el de FSS (Farbar Service Scanner), donde te habia dejado los pasos para ejecutarlo en el Punto 1 del post 3.

Ese reporte es el que espero.

Salu2

#12 
Ran by Paola (administrator) on 08-12-2019 at 14:59:51
Running from "C:\Users\Paola\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
#13

Hola @th3nolo

Has descargado y ejecutado tantas herramientas para el problema, que se te ha hecho todo un lió.

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: E - E:\.\StartModem.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a8a7-143a-11e9-b511-083e8ebb38a4} - E:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a989-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a9c5-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9aa01-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {347f8fca-e566-11e8-b235-083e8ebb38a4} - E:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {499a2c7c-8557-11e9-9017-30f9edbcbec3} - E:\.\StartModem.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {ed5dde12-c721-11e8-8b62-083e8ebb38a4} - F:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {eda04367-0c54-11e9-b703-083e8ebb38a4} - E:\Setup.exe
Task: {D3186E2E-C5C3-4A2E-9434-7531C2165371} - \OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-1000 -> No File <==== ATTENTION
Task: {D3DEFCF3-1D4E-4B9D-ABA6-70173B61FDB0} - System32\Tasks\{37C01CE5-7A82-4D41-986E-2147A775751E} => C:\Windows\system32\pcalua.exe -a C:\Users\Paola\Downloads\Programs\win64_152824.exe -d C:\Users\Paola\Downloads\Programs
Task: {EFFC0AB7-BE0C-42BE-8610-C69448F54678} - \OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-500 -> No File <==== ATTENTION
Task: {FCFB2A38-1199-40B9-A2E2-C80FC753D599} - System32\Tasks\{DCC740EF-C8E5-4680-AE11-A85F35134423} => C:\Windows\system32\pcalua.exe -a "C:\Users\Paola\Downloads\TradelizeLoader (1).exe" -d C:\Users\Paola\Downloads
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{3B17E6C1-E7D0-48E0-ABEE-88B0DE8815FF}: [NameServer] 204.69.234.1,204.74.101.1
Tcpip\..\Interfaces\{3C87B911-4EFC-46B1-B9AC-07FB793E35AC}: [NameServer] 204.69.234.1,204.74.101.1,192.168.44.1
Tcpip\..\Interfaces\{3C87B911-4EFC-46B1-B9AC-07FB793E35AC}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{40696220-083B-4995-A3CF-FAAED7A29424}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{5C76EAEF-3FB2-4DA8-B890-883DA66138A8}: [DhcpNameServer] 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{AACDAA57-1EF9-4E79-8697-6C6F2CAE5B48}: [NameServer] 198.153.192.1,198.153.194.1
Tcpip\..\Interfaces\{D825676D-6BEF-4116-BAF3-9D34DCC74D9E}: [NameServer] 204.69.234.1,204.74.101.1
Tcpip\..\Interfaces\{F3194DF5-9DBA-49FC-B912-8189191DEEF8}: [NameServer] 190.121.224.39 190.121.224.40
Tcpip\..\Interfaces\{F4F19F17-023D-4345-8AC2-2D8F807FC2B6}: [NameServer] 9.9.9.9,1.1.1.1,192.168.42.129
Tcpip\..\Interfaces\{F4F19F17-023D-4345-8AC2-2D8F807FC2B6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FE0BF672-3FB5-43CC-901B-B8354442E217}: [NameServer] 204.69.234.1,204.74.101.1
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 IvtComBusSrv; System32\Drivers\btcombus.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-12-05 00:52 - 2019-12-05 01:19 - 000000748 _____ C:\Users\Paola\Desktop\ESET Online Scanner.lnk
2019-12-05 00:52 - 2019-12-05 00:52 - 000000000 ____D C:\Users\Paola\AppData\Local\ESET
2019-12-05 00:33 - 2019-12-05 00:45 - 008162616 _____ (ESET spol. s r.o.) C:\Users\Paola\Downloads\esetonlinescanner_esn.exe
2019-12-05 00:58 - 2019-12-05 00:58 - 000000000 ____D C:\Users\Paola\Downloads\WinsockFix_InfoSpyware
2019-12-05 00:29 - 2019-12-05 00:29 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Paola\Downloads\iExplore.exe
2019-12-05 00:17 - 2019-12-05 00:27 - 205263808 _____ C:\Users\Paola\Downloads\cureit.exe
2019-12-05 00:07 - 2019-12-05 00:07 - 000341794 _____ C:\Users\Paola\Downloads\IF-DNS.exe
2019-12-05 00:03 - 2019-12-05 00:03 - 004773088 _____ (SOSVirus) C:\Users\Paola\Downloads\UsbFix_2019_11.022.exe
2019-12-04 23:59 - 2019-12-05 00:01 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Paola\Downloads\tdsskiller.exe
2019-12-04 23:52 - 2019-12-04 23:56 - 001883976 _____ (Malwarebytes) C:\Users\Paola\Downloads\MBSetup.exe
2019-12-04 23:50 - 2019-12-04 23:51 - 005404387 _____ (Raúl Argente ) C:\Users\Paola\Downloads\ARegClean-old.exe
2019-12-04 23:50 - 2019-12-04 23:50 - 000702243 _____ C:\Users\Paola\Downloads\WinsockFix_InfoSpyware.zip
2019-12-04 23:49 - 2019-12-04 23:49 - 001115450 _____ C:\Users\Paola\Downloads\RegSeeker.3.01.setup.zip
2019-12-04 15:56 - 2019-12-04 15:56 - 000000000 ____D C:\Users\Paola\Downloads\ComIntRep_4010
2019-12-04 15:54 - 2019-12-04 15:55 - 003337234 _____ (Rizonesoft ) C:\Users\Paola\Downloads\ComIntRep_4010_Setup.exe
2019-12-04 15:54 - 2019-12-04 15:55 - 003122169 _____ C:\Users\Paola\Downloads\ComIntRep_4010.zip
2019-12-04 00:42 - 2019-12-04 00:43 - 001883976 _____ (Malwarebytes) C:\Users\Paola\Downloads\MBSetup-009996.009996.exe
2019-12-03 01:47 - 2019-12-03 01:47 - 001374096 _____ (Chris P.C. srl ) C:\Users\Paola\Downloads\setup_chrispc_dns_switch_4_10.exe
2019-12-03 01:21 - 2019-12-03 01:22 - 000322642 _____ (dnsleaktest.com ) C:\Users\Paola\Downloads\dnsfixsetup.exe
2019-12-02 23:20 - 2019-12-02 23:21 - 002015232 _____ C:\Users\Paola\Downloads\DNSFilter_Agent_Setup.msi
2019-11-25 04:16 - 2019-11-25 04:16 - 000000000 ____D C:\Users\Paola\Downloads\dnscrypt-proxy-win64-2.0.33
2019-11-25 04:15 - 2019-11-25 04:16 - 002927364 _____ C:\Users\Paola\Downloads\dnscrypt-proxy-win64-2.0.33.zip
2019-11-12 23:35 - 2019-11-12 23:35 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign6d85f12768e50a27
2019-11-12 23:35 - 2019-11-12 23:35 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign5b05367c641b9dbb
2019-11-12 23:32 - 2019-11-12 23:32 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsigna009bbd1ccd0ed25
2019-11-12 23:32 - 2019-11-12 23:32 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign7784c76f86bb2ffb
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
FirewallRules: [TCP Query User{00BCC48B-6D59-4AA7-9BFC-5230C222D2A4}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe No File
FirewallRules: [UDP Query User{BF9F2DD8-3B91-4625-AA48-56A49A213C2C}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe No File
FirewallRules: [{F0BF0290-08FA-4375-A8E1-F089424D57A6}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{D854C6FE-C9A8-4C37-9E82-30E0FED63A6C}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{E13E50BF-C3C9-438B-8FAE-F5AD48382875}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{F66B8CE5-6431-40DF-A4C2-EEC88E7E6F7D}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{217D72FF-2779-487D-AA40-1651C8D7F059}] => (Allow) C:\Users\Paola\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe No File
FirewallRules: [{D99E09AB-B333-4427-8FB6-4541AD3D70E0}] => (Allow) C:\Users\Paola\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe No File
FirewallRules: [TCP Query User{67584515-5972-4D9E-BBE5-365E6F0D27C6}C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe] => (Allow) C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe No File
FirewallRules: [UDP Query User{D944682D-4FCB-46F0-908A-BDCC1B3B0ADC}C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe] => (Allow) C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

#14 
Ran by Paola (09-12-2019 23:29:20) Run:1
Running from C:\Users\Paola\Desktop
Loaded Profiles: Paola & DefaultAppPool (Available Profiles: Paola & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: E - E:\.\StartModem.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a8a7-143a-11e9-b511-083e8ebb38a4} - E:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a989-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9a9c5-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {06b9aa01-143a-11e9-b511-083e8ebb38a4} - E:\AutoRun.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {347f8fca-e566-11e8-b235-083e8ebb38a4} - E:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {499a2c7c-8557-11e9-9017-30f9edbcbec3} - E:\.\StartModem.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {ed5dde12-c721-11e8-8b62-083e8ebb38a4} - F:\Setup.exe
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\...\MountPoints2: {eda04367-0c54-11e9-b703-083e8ebb38a4} - E:\Setup.exe
Task: {D3186E2E-C5C3-4A2E-9434-7531C2165371} - \OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-1000 -> No File <==== ATTENTION
Task: {D3DEFCF3-1D4E-4B9D-ABA6-70173B61FDB0} - System32\Tasks\{37C01CE5-7A82-4D41-986E-2147A775751E} => C:\Windows\system32\pcalua.exe -a C:\Users\Paola\Downloads\Programs\win64_152824.exe -d C:\Users\Paola\Downloads\Programs
Task: {EFFC0AB7-BE0C-42BE-8610-C69448F54678} - \OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-500 -> No File <==== ATTENTION
Task: {FCFB2A38-1199-40B9-A2E2-C80FC753D599} - System32\Tasks\{DCC740EF-C8E5-4680-AE11-A85F35134423} => C:\Windows\system32\pcalua.exe -a "C:\Users\Paola\Downloads\TradelizeLoader (1).exe" -d C:\Users\Paola\Downloads
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{3B17E6C1-E7D0-48E0-ABEE-88B0DE8815FF}: [NameServer] 204.69.234.1,204.74.101.1
Tcpip\..\Interfaces\{3C87B911-4EFC-46B1-B9AC-07FB793E35AC}: [NameServer] 204.69.234.1,204.74.101.1,192.168.44.1
Tcpip\..\Interfaces\{3C87B911-4EFC-46B1-B9AC-07FB793E35AC}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{40696220-083B-4995-A3CF-FAAED7A29424}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{5C76EAEF-3FB2-4DA8-B890-883DA66138A8}: [DhcpNameServer] 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{AACDAA57-1EF9-4E79-8697-6C6F2CAE5B48}: [NameServer] 198.153.192.1,198.153.194.1
Tcpip\..\Interfaces\{D825676D-6BEF-4116-BAF3-9D34DCC74D9E}: [NameServer] 204.69.234.1,204.74.101.1
Tcpip\..\Interfaces\{F3194DF5-9DBA-49FC-B912-8189191DEEF8}: [NameServer] 190.121.224.39 190.121.224.40
Tcpip\..\Interfaces\{F4F19F17-023D-4345-8AC2-2D8F807FC2B6}: [NameServer] 9.9.9.9,1.1.1.1,192.168.42.129
Tcpip\..\Interfaces\{F4F19F17-023D-4345-8AC2-2D8F807FC2B6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FE0BF672-3FB5-43CC-901B-B8354442E217}: [NameServer] 204.69.234.1,204.74.101.1
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 IvtComBusSrv; System32\Drivers\btcombus.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-12-05 00:52 - 2019-12-05 01:19 - 000000748 _____ C:\Users\Paola\Desktop\ESET Online Scanner.lnk
2019-12-05 00:52 - 2019-12-05 00:52 - 000000000 ____D C:\Users\Paola\AppData\Local\ESET
2019-12-05 00:33 - 2019-12-05 00:45 - 008162616 _____ (ESET spol. s r.o.) C:\Users\Paola\Downloads\esetonlinescanner_esn.exe
2019-12-05 00:58 - 2019-12-05 00:58 - 000000000 ____D C:\Users\Paola\Downloads\WinsockFix_InfoSpyware
2019-12-05 00:29 - 2019-12-05 00:29 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Paola\Downloads\iExplore.exe
2019-12-05 00:17 - 2019-12-05 00:27 - 205263808 _____ C:\Users\Paola\Downloads\cureit.exe
2019-12-05 00:07 - 2019-12-05 00:07 - 000341794 _____ C:\Users\Paola\Downloads\IF-DNS.exe
2019-12-05 00:03 - 2019-12-05 00:03 - 004773088 _____ (SOSVirus) C:\Users\Paola\Downloads\UsbFix_2019_11.022.exe
2019-12-04 23:59 - 2019-12-05 00:01 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Paola\Downloads\tdsskiller.exe
2019-12-04 23:52 - 2019-12-04 23:56 - 001883976 _____ (Malwarebytes) C:\Users\Paola\Downloads\MBSetup.exe
2019-12-04 23:50 - 2019-12-04 23:51 - 005404387 _____ (Raúl Argente ) C:\Users\Paola\Downloads\ARegClean-old.exe
2019-12-04 23:50 - 2019-12-04 23:50 - 000702243 _____ C:\Users\Paola\Downloads\WinsockFix_InfoSpyware.zip
2019-12-04 23:49 - 2019-12-04 23:49 - 001115450 _____ C:\Users\Paola\Downloads\RegSeeker.3.01.setup.zip
2019-12-04 15:56 - 2019-12-04 15:56 - 000000000 ____D C:\Users\Paola\Downloads\ComIntRep_4010
2019-12-04 15:54 - 2019-12-04 15:55 - 003337234 _____ (Rizonesoft ) C:\Users\Paola\Downloads\ComIntRep_4010_Setup.exe
2019-12-04 15:54 - 2019-12-04 15:55 - 003122169 _____ C:\Users\Paola\Downloads\ComIntRep_4010.zip
2019-12-04 00:42 - 2019-12-04 00:43 - 001883976 _____ (Malwarebytes) C:\Users\Paola\Downloads\MBSetup-009996.009996.exe
2019-12-03 01:47 - 2019-12-03 01:47 - 001374096 _____ (Chris P.C. srl ) C:\Users\Paola\Downloads\setup_chrispc_dns_switch_4_10.exe
2019-12-03 01:21 - 2019-12-03 01:22 - 000322642 _____ (dnsleaktest.com ) C:\Users\Paola\Downloads\dnsfixsetup.exe
2019-12-02 23:20 - 2019-12-02 23:21 - 002015232 _____ C:\Users\Paola\Downloads\DNSFilter_Agent_Setup.msi
2019-11-25 04:16 - 2019-11-25 04:16 - 000000000 ____D C:\Users\Paola\Downloads\dnscrypt-proxy-win64-2.0.33
2019-11-25 04:15 - 2019-11-25 04:16 - 002927364 _____ C:\Users\Paola\Downloads\dnscrypt-proxy-win64-2.0.33.zip
2019-11-12 23:35 - 2019-11-12 23:35 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign6d85f12768e50a27
2019-11-12 23:35 - 2019-11-12 23:35 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign5b05367c641b9dbb
2019-11-12 23:32 - 2019-11-12 23:32 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsigna009bbd1ccd0ed25
2019-11-12 23:32 - 2019-11-12 23:32 - 000000000 ____D C:\Users\Paola\AppData\Local\Tempzxpsign7784c76f86bb2ffb
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
FirewallRules: [TCP Query User{00BCC48B-6D59-4AA7-9BFC-5230C222D2A4}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe No File
FirewallRules: [UDP Query User{BF9F2DD8-3B91-4625-AA48-56A49A213C2C}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe No File
FirewallRules: [{F0BF0290-08FA-4375-A8E1-F089424D57A6}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{D854C6FE-C9A8-4C37-9E82-30E0FED63A6C}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{E13E50BF-C3C9-438B-8FAE-F5AD48382875}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{F66B8CE5-6431-40DF-A4C2-EEC88E7E6F7D}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe No File
FirewallRules: [{217D72FF-2779-487D-AA40-1651C8D7F059}] => (Allow) C:\Users\Paola\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe No File
FirewallRules: [{D99E09AB-B333-4427-8FB6-4541AD3D70E0}] => (Allow) C:\Users\Paola\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe No File
FirewallRules: [TCP Query User{67584515-5972-4D9E-BBE5-365E6F0D27C6}C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe] => (Allow) C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe No File
FirewallRules: [UDP Query User{D944682D-4FCB-46F0-908A-BDCC1B3B0ADC}C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe] => (Allow) C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => removed successfully
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06b9a8a7-143a-11e9-b511-083e8ebb38a4} => removed successfully
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06b9a989-143a-11e9-b511-083e8ebb38a4} => removed successfully
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06b9a9c5-143a-11e9-b511-083e8ebb38a4} => removed successfully
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06b9aa01-143a-11e9-b511-083e8ebb38a4} => removed successfully
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{347f8fca-e566-11e8-b235-083e8ebb38a4} => removed successfully
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{499a2c7c-8557-11e9-9017-30f9edbcbec3} => removed successfully
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed5dde12-c721-11e8-8b62-083e8ebb38a4} => removed successfully
HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eda04367-0c54-11e9-b703-083e8ebb38a4} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3186E2E-C5C3-4A2E-9434-7531C2165371}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3186E2E-C5C3-4A2E-9434-7531C2165371}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-1000" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3DEFCF3-1D4E-4B9D-ABA6-70173B61FDB0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3DEFCF3-1D4E-4B9D-ABA6-70173B61FDB0}" => removed successfully
C:\Windows\System32\Tasks\{37C01CE5-7A82-4D41-986E-2147A775751E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{37C01CE5-7A82-4D41-986E-2147A775751E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EFFC0AB7-BE0C-42BE-8610-C69448F54678}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFFC0AB7-BE0C-42BE-8610-C69448F54678}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-2850751526-314786809-3439856657-500" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCFB2A38-1199-40B9-A2E2-C80FC753D599}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCFB2A38-1199-40B9-A2E2-C80FC753D599}" => removed successfully
C:\Windows\System32\Tasks\{DCC740EF-C8E5-4680-AE11-A85F35134423} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DCC740EF-C8E5-4680-AE11-A85F35134423}" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3B17E6C1-E7D0-48E0-ABEE-88B0DE8815FF}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3C87B911-4EFC-46B1-B9AC-07FB793E35AC}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3C87B911-4EFC-46B1-B9AC-07FB793E35AC}\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{40696220-083B-4995-A3CF-FAAED7A29424}\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5C76EAEF-3FB2-4DA8-B890-883DA66138A8}\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AACDAA57-1EF9-4E79-8697-6C6F2CAE5B48}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D825676D-6BEF-4116-BAF3-9D34DCC74D9E}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F3194DF5-9DBA-49FC-B912-8189191DEEF8}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F4F19F17-023D-4345-8AC2-2D8F807FC2B6}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F4F19F17-023D-4345-8AC2-2D8F807FC2B6}\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FE0BF672-3FB5-43CC-901B-B8354442E217}\\NameServer" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\elhpdacimkjpccooodognopfhbdgnpbk => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\elhpdacimkjpccooodognopfhbdgnpbk => removed successfully
HKLM\System\CurrentControlSet\Services\BlueletAudio => removed successfully
BlueletAudio => service removed successfully
HKLM\System\CurrentControlSet\Services\BT => removed successfully
BT => service removed successfully
HKLM\System\CurrentControlSet\Services\BTCOM => removed successfully
BTCOM => service removed successfully
HKLM\System\CurrentControlSet\Services\Btcsrusb => removed successfully
Btcsrusb => service removed successfully
HKLM\System\CurrentControlSet\Services\IvtComBusSrv => removed successfully
IvtComBusSrv => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
C:\Users\Paola\Desktop\ESET Online Scanner.lnk => moved successfully
C:\Users\Paola\AppData\Local\ESET => moved successfully
C:\Users\Paola\Downloads\esetonlinescanner_esn.exe => moved successfully
C:\Users\Paola\Downloads\WinsockFix_InfoSpyware => moved successfully
C:\Users\Paola\Downloads\iExplore.exe => moved successfully
C:\Users\Paola\Downloads\cureit.exe => moved successfully
C:\Users\Paola\Downloads\IF-DNS.exe => moved successfully
C:\Users\Paola\Downloads\UsbFix_2019_11.022.exe => moved successfully
C:\Users\Paola\Downloads\tdsskiller.exe => moved successfully
C:\Users\Paola\Downloads\MBSetup.exe => moved successfully
C:\Users\Paola\Downloads\ARegClean-old.exe => moved successfully
C:\Users\Paola\Downloads\WinsockFix_InfoSpyware.zip => moved successfully
C:\Users\Paola\Downloads\RegSeeker.3.01.setup.zip => moved successfully
C:\Users\Paola\Downloads\ComIntRep_4010 => moved successfully
C:\Users\Paola\Downloads\ComIntRep_4010_Setup.exe => moved successfully
C:\Users\Paola\Downloads\ComIntRep_4010.zip => moved successfully
C:\Users\Paola\Downloads\MBSetup-009996.009996.exe => moved successfully
C:\Users\Paola\Downloads\setup_chrispc_dns_switch_4_10.exe => moved successfully
C:\Users\Paola\Downloads\dnsfixsetup.exe => moved successfully
C:\Users\Paola\Downloads\DNSFilter_Agent_Setup.msi => moved successfully
C:\Users\Paola\Downloads\dnscrypt-proxy-win64-2.0.33 => moved successfully
C:\Users\Paola\Downloads\dnscrypt-proxy-win64-2.0.33.zip => moved successfully
C:\Users\Paola\AppData\Local\Tempzxpsign6d85f12768e50a27 => moved successfully
C:\Users\Paola\AppData\Local\Tempzxpsign5b05367c641b9dbb => moved successfully
C:\Users\Paola\AppData\Local\Tempzxpsigna009bbd1ccd0ed25 => moved successfully
C:\Users\Paola\AppData\Local\Tempzxpsign7784c76f86bb2ffb => moved successfully
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removed successfully
"BVTFilter" => removed successfully
"BVTConsumer" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00BCC48B-6D59-4AA7-9BFC-5230C222D2A4}C:\program files\nodejs\node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BF9F2DD8-3B91-4625-AA48-56A49A213C2C}C:\program files\nodejs\node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0BF0290-08FA-4375-A8E1-F089424D57A6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D854C6FE-C9A8-4C37-9E82-30E0FED63A6C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E13E50BF-C3C9-438B-8FAE-F5AD48382875}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F66B8CE5-6431-40DF-A4C2-EEC88E7E6F7D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{217D72FF-2779-487D-AA40-1651C8D7F059}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D99E09AB-B333-4427-8FB6-4541AD3D70E0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{67584515-5972-4D9E-BBE5-365E6F0D27C6}C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D944682D-4FCB-46F0-908A-BDCC1B3B0ADC}C:\users\paola\appdata\local\openbazaar2\app-2.3.5\resources\openbazaar-go\openbazaard.exe" => removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 4 mientras los medios
est‚n desconectados.
Error al liberar la interfaz Loopback Pseudo-Interface 1 : El sistema no puede encontrar el archivo especificado.


Adaptador de Ethernet Conexi¢n de  rea local 4:

  Estado de los medios. . . . . . . . . . . : medios desconectados
  Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

  Sufijo DNS espec¡fico para la conexi¢n. . : 
  V¡nculo: direcci¢n IPv6 local. . . : fe80::cd9a:4858:3c39:6a92%11
  Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.101
  M scara de subred . . . . . . . . . . . . : 255.255.255.0
  Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet VirtualBox Host-Only Network:

  Sufijo DNS espec¡fico para la conexi¢n. . : 
  V¡nculo: direcci¢n IPv6 local. . . : fe80::55ee:4cc4:eb9e:1d69%21
  Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.56.1
  M scara de subred . . . . . . . . . . . . : 255.255.255.0
  Puerta de enlace predeterminada . . . . . : 

Adaptador de t£nel isatap.{D825676D-6BEF-4116-BAF3-9D34DCC74D9E}:

  Estado de los medios. . . . . . . . . . . : medios desconectados
  Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{FE0BF672-3FB5-43CC-901B-B8354442E217}:

  Estado de los medios. . . . . . . . . . . : medios desconectados
  Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{5C76EAEF-3FB2-4DA8-B890-883DA66138A8}:

  Estado de los medios. . . . . . . . . . . : medios desconectados
  Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {B6D8FCBC-DF64-4173-B738-C5A319E9EE91}.
Unable to cancel {56FD629F-D8F3-46DF-9AB9-94205EC3718B}.
Unable to cancel {C1523CEA-8212-40A4-AEDE-9D1EB8F1C2A9}.
Unable to cancel {D7079881-D517-479A-A018-3E473B0BD0C2}.
Unable to cancel {5333773A-9FE0-4E02-8AD1-6BEEE870AA50}.
Unable to cancel {ED03E947-F078-48A5-8C06-280867A57EAE}.
{5CE00ADD-6B98-4EAF-B289-BDBAB24D6A40} canceled.
1 out of 7 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2850751526-314786809-3439856657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 58824398 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 394341452 B
Edge => 0 B
Chrome => 1208119321 B
Firefox => 135199174 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 115202 B
LocalService => 115202 B
NetworkService => 136256 B
Paola => 833530241 B
DefaultAppPool => 833530241 B

RecycleBin => 4565603 B
EmptyTemp: => 3.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:36:11 ====

Utilice el codigo del FIX LOG, pero volvio a empezar a dar errores, no me podia conectar a internet, y volvio a presentar fallos el google chrome y otros navegadores.

#15

Hola @th3nolo

Reinicia dos o tres veces el equipo, intenta conectar y toma captura de los errores que te dan los navegadores.

Salu2