No puedo eliminar virus crome

Hola cuando habro el navegador de crome la maquina se pone lentisima, la actividad del disco duro y procesador se elevan muchisimo, he corrido malwarebytes y encuentra alrededor de 30 infecciones, las pongo en cuarentena reinicio, pero cuando habro el navegador de nuevo lo mismo, vuelvo a corer el antivirus y vuelven a aparecer otra ves los mismos virus, tambien he pasado adwcleaner con los mismos resultados, tambien AVG y lo mismo.

les dejo lo que arroja Malwarebytes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 12/12/19
Hora del análisis: 14:09
Archivo de registro: 37709b99-1d02-11ea-9684-001cc0810fd1.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.629
Versión del paquete de actualización: 1.0.13813
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: kapotik-PC\kapotik

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 256577
Amenazas detectadas: 30
Amenazas en cuarentena: 30
Tiempo transcurrido: 6 min, 59 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
PUP.Optional.ExtensionClicks, HKU\S-1-5-21-1093526214-897072642-617415864-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|acgnafjkfmgnajabckglmgljfmhbfppc, En cuarentena, [278], [515054],1.0.13813

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 8
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgnafjkfmgnajabckglmgljfmhbfppc\3.0.3_0\images\icons, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgnafjkfmgnajabckglmgljfmhbfppc\3.0.3_0\_metadata, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgnafjkfmgnajabckglmgljfmhbfppc\3.0.3_0\scripts, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgnafjkfmgnajabckglmgljfmhbfppc\3.0.3_0\images, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgnafjkfmgnajabckglmgljfmhbfppc\3.0.3_0, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\USERS\KAPOTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\ACGNAFJKFMGNAJABCKGLMGLJFMHBFPPC, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\USERS\KAPOTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, [278], [515055],1.0.13813
PUP.Optional.ExtensionClicks, C:\USERS\KAPOTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, [278], [515055],1.0.13813

Archivo: 21
PUP.Optional.ExtensionClicks, C:\USERS\KAPOTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\USERS\KAPOTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\USERS\KAPOTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\ACGNAFJKFMGNAJABCKGLMGLJFMHBFPPC\3.0.3_0\MANIFEST.JSON, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgnafjkfmgnajabckglmgljfmhbfppc\3.0.3_0\images\icons\128x128.png, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgnafjkfmgnajabckglmgljfmhbfppc\3.0.3_0\images\icons\16x16.png, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgnafjkfmgnajabckglmgljfmhbfppc\3.0.3_0\images\icons\64x64.png, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgnafjkfmgnajabckglmgljfmhbfppc\3.0.3_0\scripts\background.js, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgnafjkfmgnajabckglmgljfmhbfppc\3.0.3_0\scripts\sitecontent.js, En cuarentena, [278], [515054],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgnafjkfmgnajabckglmgljfmhbfppc\3.0.3_0\_metadata\verified_contents.json, En cuarentena, [278], [515054],1.0.13813
Trojan.MalPack.Themida.Generic, C:\USERS\KAPOTIK\APPDATA\ROAMING\RAILSOFT\BOIBOMEKOMGEL.EXE, En cuarentena, [9253], [771269],1.0.13813
Trojan.MalPack.Themida.Generic, C:\USERS\KAPOTIK\APPDATA\ROAMING\RAILSOFT\IKPIZIIBGUW.EXE, En cuarentena, [9253], [770318],1.0.13813
Trojan.MalPack.Themida, C:\PROGRAM FILES (X86)\DOLES\SET.EXE, En cuarentena, [7427], [766119],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000004.log, En cuarentena, [278], [515055],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, [278], [515055],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, [278], [515055],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, [278], [515055],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, [278], [515055],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, [278], [515055],1.0.13813
PUP.Optional.ExtensionClicks, C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, [278], [515055],1.0.13813
PUP.Optional.ExtensionClicks, C:\USERS\KAPOTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [278], [515055],1.0.13813
PUP.Optional.ExtensionClicks, C:\USERS\KAPOTIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [278], [515055],1.0.13813

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola @kapotik bienvenido al Forospyware

Pon el reporte de AdwCleaner para revisarlo.

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

va:

 -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build:    11-21-2019
# Database: 2019-11-26.1 (Cloud)
# 
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-12-2019
# Duration: 00:00:01
# OS:       Windows 7 Ultimate
# Cleaned:  6
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted       C:\Users\kapotik\Downloads\SpyHunter-Installer.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC1B7B7B-F187-45F2-B0DF-EBCC414CE7C9}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC1B7B7B-F187-45F2-B0DF-EBCC414CE7C9}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System\SystemChecks

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted       suggestqueries.google.com
Deleted       suggestqueries.google.com

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1965 octets] - [27/11/2019 21:17:55]
AdwCleaner[C00].txt - [1983 octets] - [27/11/2019 21:18:27]
AdwCleaner[S01].txt - [1535 octets] - [27/11/2019 21:40:02]
AdwCleaner[C01].txt - [1685 octets] - [27/11/2019 21:40:34]
AdwCleaner[S02].txt - [1657 octets] - [28/11/2019 20:15:46]
AdwCleaner[C02].txt - [1807 octets] - [28/11/2019 20:20:56]
AdwCleaner[S03].txt - [1779 octets] - [05/12/2019 09:23:16]
AdwCleaner[C03].txt - [1929 octets] - [05/12/2019 09:23:27]
AdwCleaner[S04].txt - [2341 octets] - [12/12/2019 22:18:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

cuando pego el reporte y le doy responder me sale que los usuarios nuevos no pueden poner mas de 2 enlaces

???

y cuando pego el otro reporte me dice que los usiarios nuevos no pueden mencionar a dos usuarios en el mismo post

???

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by kapotik (12-12-2019 22:54:49)
Running from C:\Users\kapotik\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-12-02 19:25:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1093526214-897072642-617415864-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1093526214-897072642-617415864-1003 - Limited - Enabled)
Invitado (S-1-5-21-1093526214-897072642-617415864-501 - Limited - Disabled)
kapotik (S-1-5-21-1093526214-897072642-617415864-1000 - Administrator - Enabled) => C:\Users\kapotik

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Disabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.270 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_5) (Version: 20.0.5 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\{49CD151E-5BE3-4A32-B9C3-687AD5B579B1}) (Version: 12.3.2.202 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
AMD Catalyst Install Manager (HKLM\...\{8DF1EF50-AEB6-902C-F68C-4683C45784E6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Aplicaciones destacadas de Autodesk 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.10 - Arduino LLC)
Atom (HKU\S-1-5-21-1093526214-897072642-617415864-1000\...\atom) (Version: 1.41.0 - GitHub Inc.)
AutoCAD 2017 - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017  Language Pack - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - Español (Spanish) (HKLM\...\AutoCAD 2017 - Español (Spanish)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.7.230 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\{5F0F7049-0000-1033-0102-73A6DA3D7FA6}) (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.8.3108 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Devart MySQLBuilder 1.20 (HKLM-x32\...\Devart MySQLBuilder 1.20) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 86.4.146 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
Git version 2.24.0.2 (HKLM\...\Git_is1) (Version: 2.24.0.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
HeidiSQL 10.2.0.5599 (HKLM\...\HeidiSQL_is1) (Version: 10.2 - Ansgar Becker)
HP LaserJet Professional CP1020 Series (HKLM\...\HP LaserJet Professional CP1020 Series) (Version:  - )
HPLJUT (HKLM-x32\...\{229D6185-BD7E-494B-A73B-C5215BE0690E}) (Version: 1.00.0012 - HP) Hidden
hppcp1025LaserJetService (HKLM-x32\...\{F31BF057-0D5E-485E-ADFD-560314A27912}) (Version: 1.00.0000 - Hewlett-Packard)
hppLaserJetService (HKLM-x32\...\{5093AE98-D510-4BEB-BAC1-7FC8ECE35B98}) (Version: 007.015.00635 - Hewlett-Packard) Hidden
Importación de SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 13.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.6.5 - KLCP)
LLVM (HKLM-x32\...\LLVM) (Version: 3.9.1 - LLVM)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.39.173 - MediatekWiFi)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1298.831 - Microsoft Corporation)
Mozilla Firefox 65.0 (x64 es-AR) (HKLM\...\Mozilla Firefox 65.0 (x64 es-AR)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
MPLAB X IDE v2.35 (HKLM-x32\...\MPLAB X IDE v2.35 v2.35) (Version: v2.35 - Microchip)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 8 Micro (HKLM-x32\...\Nero8Lite_is1) (Version: 8.3.20.0 - UpdatePack.nl)
Notepad++ (HKLM\...\Notepad++) (Version: 7 - Notepad++ Team)
Paquete de controladores de Windows - Silicon Laboratories Inc. (silabser) Ports  (05/23/2018 6.7.6.2130) (HKLM\...\C9C3E5CCB43EEF685DD0E2BB4263DDC88C9B3834) (Version: 05/23/2018 6.7.6.2130 - Silicon Laboratories Inc.)
PICkit 2 v2.61 (HKLM-x32\...\{2818ADC7-C1FB-40A8-BE6B-36B62682E9E8}) (Version: 2.61.00 - Microchip)
PuTTY release 0.72 (64-bit) (HKLM\...\{8EFBA1C7-A8B8-4FB9-BEC0-6CEC6C7145DE}) (Version: 0.72.0.0 - Simon Tatham)
Python 3.7.4 (64-bit) (HKU\S-1-5-21-1093526214-897072642-617415864-1000\...\{8ae589dd-de2e-42cd-af56-102374115fee}) (Version: 3.7.4150.0 - Python Software Foundation)
Python 3.7.4 Core Interpreter (64-bit) (HKLM\...\{92A73F83-DC16-4316-945A-B66BC12362A7}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Development Libraries (64-bit) (HKLM\...\{B86709C3-962E-4C62-BF25-CF8D06267D72}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Executables (64-bit) (HKLM\...\{6DDB726E-09CE-44B4-A129-B62AD1604A95}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 pip Bootstrap (64-bit) (HKLM\...\{F92D31AF-F447-4A85-B0FD-CE6378F7625A}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Standard Library (64-bit) (HKLM\...\{5BF79310-A787-430F-93DD-CC8A9787679D}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Utility Scripts (64-bit) (HKLM\...\{16F74529-EDE0-4BBD-B2AF-89AF9C696EA8}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.)
Serial Port Monitor 7.0.342 (HKLM\...\Serial Port Monitor_is1) (Version: 7.0.342 - ELTIMA Software)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
Telegram Desktop versión 1.8.8 (HKU\S-1-5-21-1093526214-897072642-617415864-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.8 - Telegram FZ-LLC)
UltraISO Premium V9.7 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity (HKLM-x32\...\Unity) (Version: 2018.2.8f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
VeriFire Tools (HKLM-x32\...\{6E8BCCEA-4793-491A-820F-CDDF96704197}) (Version: 5.70.3 - Notifier) Hidden
VeriFire Tools (HKLM-x32\...\{9352A78B-9152-4701-BFEA-8C3ECD1D0A79}) (Version: 5.70.3 - Notifier) Hidden
Virtual Serial Port Driver 9.0 (Build 9.0.567) (HKLM\...\Virtual Serial Port Driver_is1) (Version:  - ELTIMA Software)
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
XAMPP (HKLM\...\xampp) (Version: 7.3.11-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1093526214-897072642-617415864-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1093526214-897072642-617415864-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1093526214-897072642-617415864-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [			IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-07] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2016-09-21] (Notepad++ -> )
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2015-08-04 00:14 - 2015-08-04 00:14 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiamesp.dll
2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2017-09-28 18:41 - 2017-09-28 18:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1093526214-897072642-617415864-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2019-03-02 20:16 - 000000494 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 texttotalk.org
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 technologievimy.com
127.0.0.1 sharefolder.online
127.0.0.1 install.portmdfmoon.com
127.0.0.1 adkqow01283.pw
127.0.0.1 telechargini.com
127.0.0.1 rothsideadome.pw
127.0.0.1 fffffk.xyz
127.0.0.1 smarttrackk.xyz
127.0.0.1 discretdan.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files\PuTTY\;C:\Program Files\Git\cmd
HKU\S-1-5-21-1093526214-897072642-617415864-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\kapotik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\startupfolder: C:^Users^kapotik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hdvwiiwi.lnk => C:\Windows\pss\hdvwiiwi.lnk.Startup
MSCONFIG\startupfolder: C:^Users^kapotik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Shortcut to Primary output from Start (Active).lnk => C:\Windows\pss\Shortcut to Primary output from Start (Active).lnk.Startup
MSCONFIG\startupreg: 1590271 => "C:\Users\kapotik\AppData\Roaming\4wlvvasoww2\onnvcj3bvhk.exe" /VERYSILENT
MSCONFIG\startupreg: 4448819 => "C:\Users\kapotik\AppData\Roaming\ob0e3aappc4\bdwzyheqqnc.exe" /VERYSILENT
MSCONFIG\startupreg: 5482200 => "C:\Users\kapotik\AppData\Roaming\gglrort0rkp\2wff0hwu4cs.exe" /VERYSILENT
MSCONFIG\startupreg: 7A3EDM0KH5B24Z0 => "C:\Program Files\UJIX2HCKOZ\UJIX2HCKO.exe"
MSCONFIG\startupreg: 9039064 => "C:\Users\kapotik\AppData\Roaming\zmzwlclka3f\rud1ubsoidk.exe" /VERYSILENT
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BJ1KIG6D63YZDX6 => "C:\Program Files\BMWLRBUNJO\OB20ZB0OI.exe"
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: chrome => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --headless --disable-gpu --remote-debugging-port=9222 http://mi-ner-nis-de-6.info/cdn-1006.html?t=0.4
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: PbmIG0jv4P.exe => C:\Program Files\Windows NT\03O31S6CGQ9EJC9B3JUO2QELLHIGZL\PbmIG0jv4P.exe 
MSCONFIG\startupreg: R3YGLP25AHYRFFW => "C:\Program Files\JA2NRLJBMU\JA2NRLJBM.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SH62FPAAZBW6GR6 => "C:\Program Files\DXPVI1G37V\DXPVI1G37.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UG8DGLPGU5U5HG8 => "C:\Program Files (x86)\kxonexw1vrg\XBQWY.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{12E8C641-860E-4D28-A5D8-3F62CC78E45A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E0DFAE0E-D003-4A7E-8376-9D8BCE3FD089}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{82D0E45A-D22A-40BD-A524-2A0D7D9E925B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B4ED70A5-E36C-48A8-81F7-6567EC376343}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ED4C86B8-78AC-4ADA-A74B-81AC458719CD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C1614FC8-B7FA-408A-B491-431CFBFA4B5F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{97B4D899-359B-4C78-BCB7-8158F094E6E4}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [UDP Query User{5856BBD1-671D-4146-9399-4875100A447A}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [TCP Query User{5B61E5CE-A0C6-454E-B5C6-C7CC4A14173A}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe No File
FirewallRules: [UDP Query User{1330D392-F418-4F08-8C84-DBA02076D6B1}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe No File
FirewallRules: [TCP Query User{ECB56E24-8D83-4F7B-96EC-FCC224774E56}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [UDP Query User{63037286-B09B-421A-81EC-A47B1B7473CC}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [{AD620C84-428B-420B-A489-69AD6E501EA5}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS) [File not signed]
FirewallRules: [{097D28EC-E406-49BD-B40C-F190A42D7F5A}] => (Block) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS) [File not signed]
FirewallRules: [{9825B7F3-6C1C-4846-870A-AC2B18469DF7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C8AAF60B-7A45-4E5A-9D18-C08AEB6A75EC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{3387EA4F-D49A-4F90-9C07-E3CEBA7AEE2C}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS) [File not signed]
FirewallRules: [UDP Query User{E53EE014-1E15-4A7D-9659-28009BD21B8D}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS) [File not signed]
FirewallRules: [TCP Query User{CC72B13F-05CA-49D3-8D40-4B5E5F93B71C}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{8398AB90-2C6B-4BCE-B778-1CF82D96A689}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{10B6E678-09E2-4998-ADE4-357A2B031F01}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{85C117AC-A595-4DA8-ACAF-1B90915EE400}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{D4303840-FA12-4FFB-ABBE-E339AC53187A}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{17F578EC-80C6-488B-B8BC-D9F5670D09EA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{0F31710B-854E-4C79-80CD-0AEDB5005367}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{94D4C632-0211-4F3E-B9EB-72556D796FC0}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [{8B1FA0B7-B9D0-4F78-A0B5-DB1EDD5F0993}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9EAD02C8-7BD2-4D53-89C2-EB08AA4FD57B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A15A6DC1-1305-4CBC-A692-B00C1FD2E67D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FE4BADED-629A-4F39-A8A5-B2D92BAF66A4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7BF4AA38-7DD1-4B4B-A2B0-6111196A4465}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5FF6FEBF-9626-48FE-A8BF-4BB6D5FC6BCA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

10-12-2019 12:12:17 Punto de control programado

==================== Faulty Device Manager Devices ============

Name: Njc0YWIwMjk
Description: Njc0YWIwMjk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Njc0YWIwMjk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Mouse PS/2 de Microsoft
Description: Mouse PS/2 de Microsoft
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/12/2019 10:21:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/12/2019 10:20:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: HPLaserJetService.exe, versión: 7.15.635.0, marca de tiempo: 0x4d39aa4e
Nombre del módulo con errores: hppccompio.DLL, versión: 1.3.0.24, marca de tiempo: 0x4c9685d0
Código de excepción: 0xc0000417
Desplazamiento de errores: 0x000073bf
Id. del proceso con errores: 0x27c
Hora de inicio de la aplicación con errores: 0x01d5b15374e95d36
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\hppccompio.DLL
Id. del informe: c4ef8060-1d46-11ea-83ad-001cc0810fd1

Error: (12/12/2019 10:12:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/12/2019 10:11:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: HPLaserJetService.exe, versión: 7.15.635.0, marca de tiempo: 0x4d39aa4e
Nombre del módulo con errores: hppccompio.DLL, versión: 1.3.0.24, marca de tiempo: 0x4c9685d0
Código de excepción: 0xc0000417
Desplazamiento de errores: 0x000073bf
Id. del proceso con errores: 0x940
Hora de inicio de la aplicación con errores: 0x01d5b152270231ac
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\hppccompio.DLL
Id. del informe: 7a9ed6c6-1d45-11ea-bed2-001cc0810fd1

Error: (12/12/2019 02:04:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/12/2019 02:03:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: HPLaserJetService.exe, versión: 7.15.635.0, marca de tiempo: 0x4d39aa4e
Nombre del módulo con errores: hppccompio.DLL, versión: 1.3.0.24, marca de tiempo: 0x4c9685d0
Código de excepción: 0xc0000417
Desplazamiento de errores: 0x000073bf
Id. del proceso con errores: 0x8dc
Hora de inicio de la aplicación con errores: 0x01d5b10dfd3ef330
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\hppccompio.DLL
Id. del informe: 50371608-1d01-11ea-acf9-001cc0810fd1

Error: (12/11/2019 11:55:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/11/2019 11:54:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: HPLaserJetService.exe, versión: 7.15.635.0, marca de tiempo: 0x4d39aa4e
Nombre del módulo con errores: hppccompio.DLL, versión: 1.3.0.24, marca de tiempo: 0x4c9685d0
Código de excepción: 0xc0000417
Desplazamiento de errores: 0x000073bf
Id. del proceso con errores: 0xa80
Hora de inicio de la aplicación con errores: 0x01d5b097690d7662
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\hppccompio.DLL
Id. del informe: bdd78ed0-1c8a-11ea-b9eb-001cc0810fd1


System errors:
=============
Error: (12/12/2019 10:21:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom
Njc0YWIwMjk

Error: (12/12/2019 10:21:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio HP LaserJet Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (12/12/2019 10:20:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Wondershare Application Framework Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (12/12/2019 10:20:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Wondershare Application Framework Service.

Error: (12/12/2019 10:20:09 PM) (Source: sptd) (EventID: 4) (User: )
Description: El controlador detectó un error interno en la estructura de datos de .

Error: (12/12/2019 10:20:09 PM) (Source: sptd) (EventID: 4) (User: )
Description: El controlador detectó un error interno en la estructura de datos de .

Error: (12/12/2019 10:20:09 PM) (Source: sptd) (EventID: 4) (User: )
Description: El controlador detectó un error interno en la estructura de datos de .

Error: (12/12/2019 10:20:09 PM) (Source: sptd) (EventID: 4) (User: )
Description: El controlador detectó un error interno en la estructura de datos de .


Windows Defender:
===================================
Date: 2019-05-15 04:46:54.587
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{BD36293F-20DA-4BC7-9816-1AAC61B3BFC2}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

==================== Memory info =========================== 

BIOS: Intel Corp. ECG3510M.86A.0084.2008.0523.1528 05/23/2008
Motherboard: Intel Corporation DG35EC
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 88%
Total physical RAM: 4093.67 MB
Available physical RAM: 486.46 MB
Total Virtual: 8185.49 MB
Available Virtual: 4244.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:102.44 GB) (Free:22.97 GB) NTFS
Drive d: (DATA) (Fixed) (Total:828.98 GB) (Free:40 GB) NTFS

\\?\Volume{caf7952e-d43d-11e7-a3c6-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00010F5C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=102.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=829 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by kapotik (administrator) on KAPOTIK-PC (INTEL_ ECG3510M) (12-12-2019 22:53:14)
Running from C:\Users\kapotik\Desktop
Loaded Profiles: kapotik (Available Profiles: kapotik)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> HP) [File not signed] C:\Windows\System32\HPSIsvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Tonec Inc.) [File not signed] C:\Program Files (x86)\Internet Download Manager\IDMan.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316336 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-12-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1093526214-897072642-617415864-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3948600 2018-06-24] (Tonec Inc.) [File not signed]
HKU\S-1-5-21-1093526214-897072642-617415864-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1093526214-897072642-617415864-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-1093526214-897072642-617415864-1000\...\MountPoints2: {b5a4ea92-6394-11e8-9353-001cc0810fd1} - I:\SISetup.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-18] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {251F1069-0D91-47A8-A95C-00FB17715835} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {47E64152-DB7E-49DD-9C9B-752C7A122CC1} - System32\Tasks\{3AB7BCB6-21EC-459B-B7B2-1BF8214A8D7D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Mircom Technologies\FX-2000 Configuration Tools\FXConfig.exe" -d "C:\Program Files (x86)\Mircom Technologies\FX-2000 Configuration Tools\"
Task: {587FCF92-DE7E-467F-9CF7-C4EC12894315} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5C7E6C8E-1E30-44E5-B935-F1EE6AD39A34} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-08-24] (Piriform Ltd -> Piriform Ltd)
Task: {89ACEE5E-08DB-4F48-8081-30BF27517F2D} - System32\Tasks\{0E2C840E-204B-47BF-9175-5532A7DE83C3} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Mircom Technologies\FX-2000 Configuration Tools\FXConfig.exe" -d "C:\Program Files (x86)\Mircom Technologies\FX-2000 Configuration Tools\"
Task: {A2A0BAB6-4CA0-42B6-B203-BA23E018A6C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-02] (Google Inc -> Google Inc.)
Task: {ADB092E2-07BB-49A6-89AD-E968F2794E71} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-09] (Adobe Inc. -> Adobe)
Task: {B738F1F6-3FF1-4D36-866F-B6A16510E83D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-09] (Adobe Inc. -> Adobe)
Task: {CBCB604B-DA1A-498E-927B-13FDB457EAC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-02] (Google Inc -> Google Inc.)
Task: {CCC06A71-A39D-4EC9-918C-E02A181FC16D} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {D81B865C-A30D-4D88-944E-1BA001BD468A} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3981232 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {ED25F09A-1654-4784-B22D-1E52BC8DD7B4} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [42808 2010-09-22] (Hewlett-Packard Company -> Hewlett Packard)
Task: {FB0FF05B-6C6C-4BA9-8729-54C7E2E36B6F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-05] (Dropbox, Inc -> Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{E297FDEA-C04A-4A61-89B2-457031F708CC}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{F03F5AF1-BBE6-4794-AE1C-0F97A2BD0E2D}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-06-19] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-06-19] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-11-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-13] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: gaswwk5g.default
FF ProfilePath: C:\Users\kapotik\AppData\Roaming\Mozilla\Firefox\Profiles\ymkr9eej.dev-edition-default [2019-12-12]
FF ProfilePath: C:\Users\kapotik\AppData\Roaming\Mozilla\Firefox\Profiles\gaswwk5g.default [2019-12-12]
FF user.js: detected! => C:\Users\kapotik\AppData\Roaming\Mozilla\Firefox\Profiles\gaswwk5g.default\user.js [2017-06-30]
FF HKU\S-1-5-21-1093526214-897072642-617415864-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2018-06-23] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json]
FF HKU\S-1-5-21-1093526214-897072642-617415864-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\kapotik\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\kapotik\AppData\Roaming\IDM\idmmzcc5 [2019-03-02] [Legacy] [not signed]
FF HKU\S-1-5-21-1093526214-897072642-617415864-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-09] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2018-03-09] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1093526214-897072642-617415864-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\kapotik\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-07-19] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-1093526214-897072642-617415864-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\kapotik\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-07-19] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com.ar/_/chrome/newtab?espv=2&ie=UTF-8
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/"
CHR Profile: C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default [2019-12-12]
CHR Extension: (Presentaciones) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-02]
CHR Extension: (Documentos) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-02]
CHR Extension: (Google Drive) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-06]
CHR Extension: (YouTube) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-02]
CHR Extension: (Tampermonkey) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-12-09]
CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2019-05-13]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2019-03-02]
CHR Extension: (Hojas de cálculo) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-02]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-06]
CHR Extension: (IDM Integration Module) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-12-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (ForumFree) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\onpaokmjncandjkacmikamfgfpfkgfdb [2019-03-02]
CHR Extension: (Gmail) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-27]
CHR Extension: (Chrome Media Router) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-06]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-06-23]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-06-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2017-11-21] (Autodesk, Inc. -> Autodesk Inc.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2015-08-03] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [996928 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6133752 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-12-04] (Dropbox, Inc -> Dropbox, Inc.)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2011-01-21] (HP) [File not signed]
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [124536 2012-12-25] (Hewlett-Packard Company -> HP) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-10-22] (Microsoft Windows -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21622784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [665088 2015-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37880 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205600 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [275232 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [210328 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [65376 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [43512 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [171784 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [111096 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84560 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [848688 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [461216 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\Windows\System32\drivers\avgStm.sys [236288 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [317304 2019-12-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 evserial9; C:\Windows\System32\DRIVERS\evserial9.sys [40632 2017-07-24] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [129456 2017-08-24] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [89792 2017-09-19] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-12-12] (Malwarebytes Corporation -> Malwarebytes)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2246488 2015-11-19] (MEDIATEK INC. -> MediaTek Inc.)
S3 ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [261640 2019-08-11] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.)
R2 SPSniff; C:\Program Files\Eltima Software\Serial Port Monitor\SPSniff.sys [35432 2017-04-19] (Eltima LLC -> )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2018-07-11] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 VSBC9; C:\Windows\System32\DRIVERS\evsbc9.sys [127160 2017-07-24] (Element 5 Limited Liability Company -> ELTIMA Software)
U3 a8cnm0d9; C:\Windows\System32\Drivers\a8cnm0d9.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S1 Njc0YWIwMjk; \??\C:\Windows\system32\drivers\Njc0YWIwMjk [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-12 22:53 - 2019-12-12 22:54 - 000024963 _____ C:\Users\kapotik\Desktop\FRST.txt
2019-12-12 22:32 - 2019-12-12 22:34 - 000046498 _____ C:\Users\kapotik\Downloads\Addition.txt
2019-12-12 22:30 - 2019-12-12 22:34 - 000039821 _____ C:\Users\kapotik\Downloads\FRST.txt
2019-12-12 22:29 - 2019-12-12 22:53 - 000000000 ____D C:\FRST
2019-12-12 22:29 - 2019-12-12 22:29 - 002263552 _____ (Farbar) C:\Users\kapotik\Desktop\FRST64.exe
2019-12-12 22:21 - 2019-12-12 22:21 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-12-12 15:02 - 2019-12-12 15:02 - 000005035 _____ C:\Users\kapotik\Downloads\comprobantePlazoFijo.pdf
2019-12-12 14:37 - 2019-12-12 22:16 - 000003224 _____ C:\Users\kapotik\Desktop\Rkill.txt
2019-12-12 14:37 - 2019-12-12 14:37 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\kapotik\Desktop\iExplore.exe
2019-12-06 18:26 - 2019-12-06 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-12-06 11:02 - 2019-12-06 11:03 - 013503780 _____ C:\Users\kapotik\Desktop\iot.mp4
2019-12-05 21:10 - 2019-12-05 21:10 - 000000000 ___HD C:\$AV_AVG
2019-12-05 21:02 - 2019-12-05 21:02 - 000001986 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2019-12-05 21:02 - 2019-12-05 21:02 - 000001986 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2019-12-05 21:02 - 2019-12-05 21:02 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\AVG
2019-12-05 21:02 - 2019-12-05 21:02 - 000000000 ____D C:\Users\kapotik\AppData\Local\Avg
2019-12-05 21:02 - 2019-12-05 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2019-12-05 20:58 - 2019-12-11 10:21 - 000004162 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2019-12-05 20:58 - 2019-12-05 20:58 - 000848688 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2019-12-05 20:58 - 2019-12-05 20:58 - 000461216 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2019-12-05 20:58 - 2019-12-05 20:58 - 000355760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2019-12-05 20:58 - 2019-12-05 20:58 - 000317304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2019-12-05 20:58 - 2019-12-05 20:58 - 000236288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2019-12-05 20:58 - 2019-12-05 20:58 - 000171784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2019-12-05 20:58 - 2019-12-05 20:58 - 000111096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2019-12-05 20:58 - 2019-12-05 20:58 - 000084560 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2019-12-05 20:58 - 2019-12-05 20:58 - 000043512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2019-12-05 20:58 - 2019-12-05 20:58 - 000000000 ____D C:\Windows\system32\Tasks\AVG
2019-12-05 20:58 - 2019-12-05 20:58 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-12-05 20:58 - 2019-12-05 20:57 - 000275232 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2019-12-05 20:58 - 2019-12-05 20:57 - 000210328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2019-12-05 20:58 - 2019-12-05 20:57 - 000205600 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2019-12-05 20:58 - 2019-12-05 20:57 - 000065376 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2019-12-05 20:58 - 2019-12-05 20:57 - 000037880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2019-12-05 20:54 - 2019-12-05 20:54 - 000000000 ____D C:\Program Files\AVG
2019-12-05 20:53 - 2019-12-06 10:56 - 000000000 ____D C:\ProgramData\AVG
2019-12-05 20:52 - 2019-12-05 20:53 - 000270160 _____ (AVG Technologies CZ, s.r.o.) C:\Users\kapotik\Downloads\avg_antivirus_free_setup.exe
2019-12-05 19:54 - 2019-12-05 19:54 - 005504824 _____ (ESET) C:\Users\kapotik\Downloads\eset_nod32_antivirus_live_installer.exe
2019-12-05 19:35 - 2019-12-05 19:35 - 000000000 ____D C:\Windows\system32\Tasks\System
2019-12-05 19:28 - 2019-12-12 14:17 - 000000000 ____D C:\Program Files (x86)\Doles
2019-12-05 19:27 - 2019-12-05 19:27 - 004291794 _____ C:\Users\kapotik\Desktop\SpyHunter52020.zip
2019-12-05 19:18 - 2019-12-05 21:10 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\Intel Rapid
2019-12-05 19:17 - 2019-12-12 14:17 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\RailSoft
2019-12-05 19:14 - 2019-12-05 19:14 - 000000000 ____D C:\ProgramData\Lamia
2019-12-04 22:23 - 2019-12-04 22:23 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-12-04 22:23 - 2019-12-04 22:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-12-04 22:23 - 2019-12-04 22:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-12-04 22:23 - 2019-12-04 22:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-11-29 17:54 - 2019-11-29 17:56 - 000000000 ____D C:\Users\kapotik\Desktop\j6
2019-11-28 21:20 - 2019-11-28 21:20 - 000094863 _____ C:\Users\kapotik\Downloads\factura-debito-ECOGAS-nro-07886610-20593136.pdf
2019-11-28 21:19 - 2019-11-28 21:19 - 000101328 _____ C:\Users\kapotik\Downloads\factura-debito-ECOGAS-nro-07221413-20593136.pdf
2019-11-27 21:16 - 2019-11-27 21:18 - 000000000 ____D C:\AdwCleaner
2019-11-26 23:08 - 2019-11-26 23:08 - 000000000 ____D C:\Users\kapotik\AppData\Local\mbamtray
2019-11-26 23:07 - 2019-11-26 23:48 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-11-26 23:07 - 2019-11-26 23:07 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-11-26 23:07 - 2019-11-26 23:07 - 000001867 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-11-26 23:07 - 2019-11-26 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-11-26 23:00 - 2019-11-26 23:00 - 000007630 _____ C:\Users\kapotik\AppData\Local\Resmon.ResmonCfg
2019-11-23 20:35 - 2019-11-23 20:35 - 000000430 __RSH C:\ProgramData\ntuser.pol
2019-11-20 00:38 - 2019-11-20 00:38 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2019-11-19 02:31 - 2019-12-05 11:50 - 000001410 _____ C:\Users\kapotik\.bash_history
2019-11-18 22:20 - 2019-11-18 22:20 - 000000000 ____D C:\Users\kapotik\.ssh
2019-11-16 19:04 - 2019-11-16 19:04 - 000000000 ____D C:\Program Files\DIFX
2019-11-16 19:04 - 2018-06-01 17:35 - 000097160 _____ (Silicon Laboratories Inc.) C:\Windows\system32\Drivers\silabser.sys
2019-11-16 18:47 - 2019-11-16 18:47 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_silabser_01009.Wdf
2019-11-16 10:12 - 2019-11-16 10:12 - 000001817 _____ C:\Users\kapotik\Desktop\SerialMonitorx64 - Acceso directo.lnk
2019-11-16 10:09 - 2019-11-16 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2019-11-16 10:08 - 2019-11-16 10:09 - 000000000 ____D C:\Program Files\Git
2019-11-15 20:32 - 2019-11-15 20:32 - 000000000 ____D C:\Users\kapotik\Documents\PlatformIO
2019-11-15 20:19 - 2019-11-15 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LLVM
2019-11-15 20:18 - 2019-11-15 20:19 - 000000000 ____D C:\Program Files\LLVM
2019-11-15 20:11 - 2019-11-15 20:11 - 000000000 ____D C:\Users\kapotik\AppData\Local\pip
2019-11-15 20:09 - 2019-11-15 20:09 - 000000000 ____D C:\Users\kapotik\AppData\Local\Package Cache
2019-11-15 20:07 - 2019-12-05 09:45 - 000000000 ____D C:\Users\kapotik\.platformio
2019-11-15 20:07 - 2019-11-15 20:07 - 000000000 ____D C:\Users\kapotik\.config
2019-11-14 12:06 - 2019-11-14 12:06 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MySQLBuilder
2019-11-14 12:06 - 2019-11-14 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQLBuilder
2019-11-14 12:06 - 2019-11-14 12:06 - 000000000 ____D C:\Program Files (x86)\Devart
2019-11-14 12:05 - 2019-11-25 19:25 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\HeidiSQL
2019-11-14 12:05 - 2019-11-14 12:05 - 000000000 ____D C:\Users\kapotik\Documents\HeidiSQL
2019-11-14 12:05 - 2019-11-14 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeidiSQL
2019-11-14 12:05 - 2019-11-14 12:05 - 000000000 ____D C:\Program Files\HeidiSQL
2019-11-13 20:53 - 2019-12-05 11:25 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\Atom
2019-11-13 20:53 - 2019-12-05 11:25 - 000000000 ____D C:\Users\kapotik\.atom
2019-11-13 20:53 - 2019-11-13 20:53 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2019-11-13 20:51 - 2019-11-13 20:53 - 000000000 ____D C:\Users\kapotik\AppData\Local\atom
2019-11-13 20:45 - 2019-11-13 20:45 - 000001066 _____ C:\AiOLog.txt
2019-11-13 20:34 - 2019-11-13 20:34 - 000129080 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2019-11-13 20:33 - 2019-11-13 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-11-13 20:33 - 2019-11-13 20:33 - 000114232 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-11-13 20:33 - 2019-11-13 20:33 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\Sun
2019-11-13 20:33 - 2019-11-13 20:33 - 000000000 ____D C:\Program Files\Java
2019-11-13 20:32 - 2019-11-13 20:32 - 000000000 ____D C:\Program Files (x86)\Java
2019-11-13 17:30 - 2019-11-13 17:30 - 002314805 _____ C:\Users\kapotik\Downloads\Windows6.1-KB2533623-x64.msu
2019-11-13 17:14 - 2019-11-13 20:53 - 000000000 ____D C:\Users\kapotik\AppData\Local\SquirrelTemp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-12 22:36 - 2017-12-05 12:57 - 000000952 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-12-12 22:30 - 2009-07-14 01:45 - 000029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-12 22:30 - 2009-07-14 01:45 - 000029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-12 22:20 - 2017-12-02 19:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-12 22:19 - 2017-12-05 12:57 - 000000948 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-12-12 22:19 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-12 15:23 - 2018-08-24 17:25 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\DMCache
2019-12-10 09:33 - 2018-08-24 17:25 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\IDM
2019-12-09 00:08 - 2018-09-14 20:27 - 000000000 ____D C:\Program Files\CCleaner
2019-12-06 18:26 - 2017-12-05 12:57 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-12-06 11:17 - 2017-12-05 19:06 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\MPC-HC
2019-12-06 11:04 - 2019-03-19 11:53 - 000000069 _____ C:\Windows\NeroDigital.ini
2019-12-05 20:58 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-12-05 19:28 - 2018-08-24 17:25 - 000000000 ____D C:\Users\kapotik\Downloads\Compressed
2019-12-03 00:25 - 2017-12-05 13:30 - 000000000 ____D C:\Users\kapotik\AppData\Local\JDownloader 2.0
2019-12-01 00:53 - 2011-04-12 06:10 - 000747396 _____ C:\Windows\system32\perfh00A.dat
2019-12-01 00:53 - 2011-04-12 06:10 - 000158868 _____ C:\Windows\system32\perfc00A.dat
2019-12-01 00:53 - 2009-07-14 02:13 - 001676890 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-30 00:23 - 2009-07-14 02:08 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-11-27 23:17 - 2019-09-22 20:44 - 000000000 ____D C:\Users\kapotik\AppData\Local\Arduino15
2019-11-26 23:21 - 2019-01-10 22:17 - 000099384 _____ C:\Users\kapotik\AppData\Roaming\inst.exe
2019-11-26 23:21 - 2019-01-10 22:17 - 000082816 _____ (VSO Software) C:\Users\kapotik\AppData\Roaming\pcouffin.sys
2019-11-26 23:21 - 2019-01-10 22:17 - 000007859 _____ C:\Users\kapotik\AppData\Roaming\pcouffin.cat
2019-11-26 23:21 - 2019-01-10 22:17 - 000000000 ____D C:\Users\kapotik\AppData\Roaming\Vso
2019-11-26 23:13 - 2018-09-14 20:27 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-11-26 20:11 - 2006-01-01 00:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-11-26 10:31 - 2006-01-01 00:27 - 000000000 ____D C:\Users\kapotik\AppData\LocalLow\Mozilla
2019-11-26 10:28 - 2019-03-02 20:45 - 000000333 _____ C:\Windows\wininit.ini
2019-11-23 20:34 - 2009-07-14 00:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-11-21 13:41 - 2017-12-02 17:08 - 000096824 _____ C:\Users\kapotik\AppData\Local\GDIPFONTCACHEV1.DAT
2019-11-20 22:22 - 2009-07-14 01:45 - 000373912 _____ C:\Windows\system32\FNTCACHE.DAT
2019-11-19 02:31 - 2017-12-02 16:25 - 000000000 ____D C:\Users\kapotik
2019-11-18 20:23 - 2019-03-02 20:53 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-15 18:42 - 2019-04-16 01:43 - 000000000 ____D C:\Users\kapotik\Desktop\Nestor
2019-11-13 20:48 - 2018-09-14 20:10 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-11-13 20:48 - 2018-09-14 20:10 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-11-13 20:45 - 2018-09-14 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-11-13 20:42 - 2017-12-02 16:28 - 001650540 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-11-13 20:39 - 2017-12-02 16:47 - 000000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories ========

2019-01-10 22:19 - 2019-01-10 22:21 - 000002667 _____ () C:\ProgramData\MainApp.dll
2019-01-10 22:17 - 2019-11-26 23:21 - 000099384 _____ () C:\Users\kapotik\AppData\Roaming\inst.exe
2019-01-10 22:17 - 2019-11-26 23:21 - 000007859 _____ () C:\Users\kapotik\AppData\Roaming\pcouffin.cat
2019-01-10 22:17 - 2019-11-26 23:21 - 000001167 _____ () C:\Users\kapotik\AppData\Roaming\pcouffin.inf
2019-01-10 22:18 - 2019-11-26 23:21 - 000000033 _____ () C:\Users\kapotik\AppData\Roaming\pcouffin.log
2019-01-10 22:17 - 2019-11-26 23:21 - 000082816 _____ (VSO Software) C:\Users\kapotik\AppData\Roaming\pcouffin.sys
2018-12-06 23:31 - 2018-12-06 23:31 - 000000001 _____ () C:\Users\kapotik\AppData\Local\llftool.4.25.agreement
2019-09-19 13:55 - 2019-09-19 14:07 - 000000128 _____ () C:\Users\kapotik\AppData\Local\PUTTY.RND
2018-08-06 13:22 - 2018-08-06 13:22 - 000000001 _____ () C:\Users\kapotik\AppData\Local\RawCopy.1.02.agreement
2018-08-11 22:26 - 2018-10-29 00:08 - 000000045 _____ () C:\Users\kapotik\AppData\Local\RawCopy.opendialog.dir
2018-08-11 22:26 - 2018-10-29 00:08 - 000000001 _____ () C:\Users\kapotik\AppData\Local\RawCopy.opendialog.filterindex
2018-08-11 22:26 - 2018-10-29 11:21 - 000000058 _____ () C:\Users\kapotik\AppData\Local\RawCopy.sourcedisk.filepath
2018-08-11 22:26 - 2018-10-29 11:21 - 000000001 _____ () C:\Users\kapotik\AppData\Local\RawCopy.sourcedisk.index
2019-11-26 23:00 - 2019-11-26 23:00 - 000007630 _____ () C:\Users\kapotik\AppData\Local\Resmon.ResmonCfg
2019-03-02 20:00 - 2019-03-02 20:00 - 000000003 _____ () C:\Users\kapotik\AppData\Local\wbem.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-10 12:05
==================== End of FRST.txt ========================

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1093526214-897072642-617415864-1000\...\MountPoints2: {b5a4ea92-6394-11e8-9353-001cc0810fd1} - I:\SISetup.exe
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (Chrome Media Router) - C:\Users\kapotik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-06]
U3 a8cnm0d9; C:\Windows\System32\Drivers\a8cnm0d9.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S1 Njc0YWIwMjk; \??\C:\Windows\system32\drivers\Njc0YWIwMjk [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
FirewallRules: [TCP Query User{97B4D899-359B-4C78-BCB7-8158F094E6E4}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [UDP Query User{5856BBD1-671D-4146-9399-4875100A447A}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [TCP Query User{5B61E5CE-A0C6-454E-B5C6-C7CC4A14173A}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe No File
FirewallRules: [UDP Query User{1330D392-F418-4F08-8C84-DBA02076D6B1}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe No File
FirewallRules: [TCP Query User{ECB56E24-8D83-4F7B-96EC-FCC224774E56}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [UDP Query User{63037286-B09B-421A-81EC-A47B1B7473CC}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Inicia en modo seguro, para trabajar desde ese modo de windows.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo