Ordenador lento que no deja iniciar bien!

#1

Buenas tardes, tengo el ordenador que no me inicia bien el windows7, hace días de repente se me descargaron actualizaciones de Windows y desde entonces está muy inestable y seguramente sea porque tiene algún virus, malware, troyano…y el norton se lo ha saltado que ni lo ha detectado. ¿Qué puedo hacer para solucionarlo? Saludos y gracias.

Ordenador lento que no me deja iniciar ni nada!
Ordenador lento que no me deja iniciar ni nada!
#2

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes, para que sepas usarlo y configurarlo.

  • Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
  • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
  • Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.


#3

Gracias por responder, tengo una duda ya que cuando inicio el ordenador no me inicia bien y por ello no puedo hacer lo que me has pedido en modo normal, ¿lo podría hacer en modo seguro? Saludos.

#4

Realizar en modo seguro con red

#5

Buenas, aquí dejo el reporte del malware.

PUP.Optional.ASK.OPC, C:\USERS\ADMIN\DOWNLOADS\UTORRENT.EXE, En cuarentena, [12927], [639652],1.0.9724
Generic.Malware/Suspicious, C:\USERS\ADMIN\DOWNLOADS\DAEMON4124-LITE.EXE\DAEMON4124-LITE.EXE, En cuarentena, [0], [392686],1.0.9724
PUP.Optional.SecretSauce, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpebffoameokfhnaaedmefjncfboino\1.0.0_0\content.js, En cuarentena, [156], [179497],1.0.9724
PUP.Optional.SecretSauce, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpebffoameokfhnaaedmefjncfboino\1.0.0_0\icon.png, En cuarentena, [156], [179497],1.0.9724
PUP.Optional.SecretSauce, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpebffoameokfhnaaedmefjncfboino\1.0.0_0\manifest.json, En cuarentena, [156], [179497],1.0.9724
PUP.Optional.SecretSauce, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [156], [179497],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\appCntrl.js, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\bg.html, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\bg.js, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\ct.js, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\CTB.dll, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\dpk.js, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\hprtkMsg.htm, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\hprtkMsg.js, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\json2.min.js, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\logo.png, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\manifest.json, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\pref.json, En cuarentena, [96], [177750],1.0.9724
PUP.Optional.Iminent, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [96], [177750],1.0.9724

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)

(end)
#6

Aquí el del adwcleaner. <

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-19-2019
# Duration: 00:00:15
# OS:       Windows 7 Home Premium
# Cleaned:  19
# Failed:   130


***** [ Services ] *****

Not Deleted   SrvUpdater

***** [ Folders ] *****

Deleted       C:\ProgramData\Tarma Installer
Deleted       C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
Deleted       C:\_acestream_cache_
Deleted       C:\Users\admin\AppData\LocalLow\.acestream
Deleted       C:\Users\admin\AppData\Roaming\.acestream
Deleted       C:\Users\admin\AppData\Roaming\acestream
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Deleted       C:\Program Files\myfree codec
Deleted       C:\Users\admin\AppData\Local\PutLockerDownloader
Deleted       C:\Users\admin\AppData\Roaming\YourFileDownloader

***** [ Files ] *****

Deleted       C:\Windows\System32\roboot.exe
Deleted       C:\Users\admin\daemonprocess.txt

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Not Deleted   HKCU\SOFTWARE\5e4dbdbe53ee513
Not Deleted   HKLM\SOFTWARE\5e4dbdbe53ee513
Not Deleted   HKCU\Software\Classes\acestream
Deleted       HKCU\Software\RegisteredApplications|AceStream
Not Deleted   HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Not Deleted   HKCU\Software\YahooPartnerToolbar
Not Deleted   HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3387845806-4141466983-921437045-1000\Software\vShare
Not Deleted   HKCU\Software\UpToDown
Not Deleted   HKLM\Software\Uniblue
Not Deleted   HKCU\Software\InstalledBrowserExtensions
Not Deleted   HKLM\Software\dt soft\daemon tools toolbar
Not Deleted   HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3387845806-4141466983-921437045-1000\Software\AceStream
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Not Deleted   HKCU\Software\AceStream
Not Deleted   HKLM\Software\YourFileDownloader
Not Deleted   HKCU\Software\Myfree Codec
Not Deleted   HKLM\Software\Myfree Codec
Not Deleted   HKCU\Software\GetPrivate
Not Deleted   HKLM\Software\Bench
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Not Deleted   HKCU\Software\Classes\DVD\shell\PlayWithACEStream
Not Deleted   HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
Not Deleted   HKCU\SOFTWARE\Classes\Applications\ace_player.exe
Not Deleted   HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Not Deleted   HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Not Deleted   HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Not Deleted   HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Not Deleted   HKLM\Software\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Not Deleted   HKLM\Software\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Not Deleted   HKLM\Software\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Not Deleted   HKLM\Software\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Not Deleted   HKLM\Software\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Not Deleted   HKLM\Software\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Not Deleted   HKLM\Software\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Not Deleted   HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Not Deleted   HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Not Deleted   HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Not Deleted   HKLM\Software\Classes\CLSID\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Not Deleted   HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Not Deleted   HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Not Deleted   HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Not Deleted   HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Not Deleted   HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Not Deleted   HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Not Deleted   HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Not Deleted   HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Not Deleted   HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Not Deleted   HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Not Deleted   HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Not Deleted   HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Not Deleted   HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Not Deleted   HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Not Deleted   HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Not Deleted   HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Not Deleted   HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Not Deleted   HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Not Deleted   HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Not Deleted   HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Not Deleted   HKLM\Software\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Not Deleted   HKLM\Software\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Not Deleted   HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Not Deleted   HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Not Deleted   HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Not Deleted   HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Not Deleted   HKLM\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Not Deleted   HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Not Deleted   HKLM\Software\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Not Deleted   HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Not Deleted   HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Not Deleted   HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Not Deleted   HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Not Deleted   HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Not Deleted   HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Not Deleted   HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Not Deleted   HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Not Deleted   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Not Deleted   HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Not Deleted   HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Not Deleted   HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Not Deleted   HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Not Deleted   HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Not Deleted   HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Not Deleted   HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Not Deleted   HKLM\Software\Classes\TypeLib\{162E06EC-4E38-4809-AE76-BF2400D34334}
Not Deleted   HKLM\Software\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Not Deleted   HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Not Deleted   HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Not Deleted   HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Not Deleted   HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Not Deleted   HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B31F4815-AECA-42FD-8286-284F40610B83}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D439C189-B197-4AE1-A6B0-5A9D13FB2B0A}
Not Deleted   HKCU\Software\Classes\.acestream
Not Deleted   HKLM\Software\Classes\.acestream
Not Deleted   HKLM\Software\Classes\Prod.cap
Not Deleted   HKCU\Software\Classes\.tslive
Not Deleted   HKCU\Software\Classes\.acemedia
Not Deleted   HKCU\Software\Classes\.acelive
Not Deleted   HKLM\System\CurrentControlSet\Services\EventLog\Application\SrvUpdater
Not Deleted   HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\movistartv.codeplex.com
Not Deleted   HKCU\Software\Softonic
Not Deleted   HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3387845806-4141466983-921437045-1000\Software\SweetIM
Not Deleted   HKLM\Software\DivX\Install\Setup\WizardLayout\UniblueDriverScanner
Not Deleted   HKLM\Software\Classes\driverscanner
Not Deleted   HKLM\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted       HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.
#7

Otra cosa, al principio cuando descargué el malware se puso sin darme cuenta a realizar un análisis rápido y encontró un adware seekmo y lo eliminé y después hizo el análisis personalizado. Ahora después de realizar todo, el ordenador sigue lento, quizás un poco menos que antes pero ya no se apaga ni se enciende sólo, pero se sigue quedando pillado, por ejemplo el chrome no se me abre y el administrador de tareas le cuesta. Saludos.

#8

El log de Malwarebytes no esta entero y el Adwcleaner fallo a l eliminar la mayoria de elementos

Ejecuta de nuevo Adwclener y me pegas el nuevo log y ademas estos otros:




#9

Aquí te dejo el reporte del adwcleaner que ahora sí los ha eliminado. Ahora va un poco mejor que antes el ordenador, pero sigue con errores y se sigue pillando. Voy a realizar las otras dos herramientas. Gracias.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-19-2019
# Duration: 00:00:08
# OS:       Windows 7 Home Premium
# Cleaned:  116
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\SOFTWARE\5e4dbdbe53ee513
Deleted       HKCU\Software\Classes\acestream
Deleted       HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted       HKCU\Software\YahooPartnerToolbar
Deleted       HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3387845806-4141466983-921437045-1000\Software\vShare
Deleted       HKCU\Software\UpToDown
Deleted       HKLM\Software\dt soft\daemon tools toolbar
Deleted       HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3387845806-4141466983-921437045-1000\Software\AceStream
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Deleted       HKCU\Software\AceStream
Deleted       HKLM\Software\YourFileDownloader
Deleted       HKCU\Software\Myfree Codec
Deleted       HKLM\Software\Myfree Codec
Deleted       HKCU\Software\GetPrivate
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
Deleted       HKCU\SOFTWARE\Classes\Applications\ace_player.exe
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Deleted       HKLM\Software\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Deleted       HKLM\Software\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted       HKLM\Software\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted       HKLM\Software\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted       HKLM\Software\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Deleted       HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Deleted       HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Deleted       HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Deleted       HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Deleted       HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Deleted       HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Deleted       HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Deleted       HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Deleted       HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Deleted       HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Deleted       HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Deleted       HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Deleted       HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Deleted       HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Deleted       HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Deleted       HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Deleted       HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Deleted       HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Deleted       HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Deleted       HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Deleted       HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Deleted       HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Deleted       HKLM\Software\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Deleted       HKLM\Software\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Deleted       HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Deleted       HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Deleted       HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Deleted       HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Deleted       HKLM\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Deleted       HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Deleted       HKLM\Software\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Deleted       HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Deleted       HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Deleted       HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Deleted       HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Deleted       HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Deleted       HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Deleted       HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Deleted       HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Deleted       HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Deleted       HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Deleted       HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Deleted       HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Deleted       HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Deleted       HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Deleted       HKLM\Software\Classes\TypeLib\{162E06EC-4E38-4809-AE76-BF2400D34334}
Deleted       HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Deleted       HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Deleted       HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Deleted       HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Deleted       HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Deleted       HKCU\Software\Classes\.acestream
Deleted       HKLM\Software\Classes\.acestream
Deleted       HKLM\Software\Classes\Prod.cap
Deleted       HKCU\Software\Classes\.tslive
Deleted       HKCU\Software\Classes\.acemedia
Deleted       HKCU\Software\Classes\.acelive
Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\SrvUpdater
Deleted       HKCU\Software\Softonic
Deleted       HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3387845806-4141466983-921437045-1000\Software\SweetIM
Deleted       HKLM\Software\DivX\Install\Setup\WizardLayout\UniblueDriverScanner
Deleted       HKLM\Software\Classes\driverscanner
Deleted       HKLM\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [16793 octets] - [19/03/2019 09:31:15]
AdwCleaner[C00].txt - [14288 octets] - [19/03/2019 09:32:36]
AdwCleaner[S01].txt - [14046 octets] - [19/03/2019 20:08:10]
AdwCleaner[S02].txt - [14108 octets] - [19/03/2019 20:38:08]
AdwCleaner[C02].txt - [12205 octets] - [19/03/2019 20:38:45]
AdwCleaner[S03].txt - [14232 octets] - [19/03/2019 20:50:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
#10

Ok, sigue con el resto, y si puedes ponme los logs como indique pegandolos directamente , usando la respuestas necesarias

#12

Buenas aquí te dejo el log del eset:

21:47:18 # product=EOS
# version=8
# ESETOnlineScanner_ESL.exe=3.0.17.0
# country="Spain"
# lang=13322
21:47:56 # stats_enabled=136578880
# scan_type=1302148
08:51:28 # product=EOS
# version=8
# ESETOnlineScanner_ESL.exe=3.0.17.0
# country="Spain"
# lang=13322
08:53:16 Updating
08:53:16 Update Init
08:53:20 Update Download
08:56:22 esets_scanner_reload returned 0
08:56:22 g_uiModuleBuild: 40769
08:56:22 Update Finalize
08:56:22 Call m_esets_charon_send
08:56:22 Call m_esets_charon_destroy
08:56:22 Updated modules version: 40769
08:56:36 Scanner engine: 40769
13:09:00 Call m_esets_charon_send
13:09:00 Call m_esets_charon_destroy
#13

Aquí el del zhpcleaner:

~ ZHPCleaner v2019.3.14.32 by Nicolas Coolman (2019/03/14)
~ Run by admin (Administrator)  (20/03/2019 13:52:25)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\admin\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\admin\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (3)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (133)
MOVIDO carpeta: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected]    =>PUP.Optional.PutLocker
MOVIDO carpeta: C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [ - Language Application]  =>Heuristic.Salus
MOVIDO carpeta: C:\Windows\Installer\MSI2CBA.tmp    =>.SUP.MSIInstaller
MOVIDO carpeta: C:\Windows\Installer\MSI6A59.tmp    =>.SUP.MSIInstaller
MOVIDO carpeta: C:\Windows\Installer\MSI8D66.tmp    =>.SUP.MSIInstaller
MOVIDO carpeta: C:\Windows\Installer\MSICD42.tmp    =>.SUP.MSIInstaller
MOVIDO carpeta: C:\Windows\Installer\1b6cc.msp    =>.SUP.Obsolete.Adobe
MOVIDO carpeta: C:\Windows\Installer\3250b.msp    =>.SUP.Obsolete.Adobe
MOVIDO carpeta: C:\Windows\Installer\3250c.msp    =>.SUP.Obsolete.Adobe
MOVIDO carpeta: C:\Windows\Installer\38189372.msp    =>.SUP.Obsolete.Adobe
MOVIDO carpeta: C:\Windows\Installer\3c446.msp    =>.SUP.Obsolete.Adobe
MOVIDO carpeta: C:\Windows\Installer\3c447.msp    =>.SUP.Obsolete.Adobe
MOVIDO carpeta^: C:\Users\admin\AppData\Local\Temp\IMG4ECA.tmp    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\IMGAB0D.tmp    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\IMGBF0A.tmp    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF0598B0792E8C4205.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF0BF6A6EC45421654.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF107E60DED7E948DB.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF1687533281581D0F.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF170534C8390AF711.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF18EE29E429AD2E5F.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF19960205A4CFAAD3.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF19AB25CCC608865A.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF27E02BAD5782A6A5.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF328E6CD817498C9F.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF43B7E4908EDDF82D.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF50ED9B116E1D13D5.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF50FF489F1CD782B5.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF552E5CBD654104DF.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF5A0FE518E3FCD618.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF5C845CEE18A0B7E5.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF5D8DA06DAAA81E6D.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF80159364C9796ABE.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF8634D8B9D0EC7EE1.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF87070C10C2851AA6.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF8DB8BDDC7A991B7A.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DF9C11FBFC3B976EA0.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFAAE25354FF4F161B.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFACD2FB1460FCBDEF.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFB3998A06499BFDAB.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFB5CC9F29AE54D018.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFB893F76AF78FD81A.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFBD06AC323CB4A4A8.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFC11D081DE209D03A.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFC98451FE39B39BD9.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFCB3BEA5B4DEBF7BF.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFD2ADB72344EB7736.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFDAA23C57750FCA3B.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFDCB807D434A0D89A.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFE18FCB96537C9ED3.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFEFEF65A3ABA3F900.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFF3ABB80ACFCC1C24.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFF867292ADD323799.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\admin\AppData\Local\Temp\~DFFBE12CDE98B00B35.TMP    =>.SUP.Temporary.Other
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir1336_31855  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir2356_31779  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir3608_15852  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4108_12769  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4188_28248  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4252_8103  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4304_22954  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4316_27768  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4320_5315  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4328_10292  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4408_11229  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4448_8635  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4452_29776  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4508_11494  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir4836_26976  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir5328_28821  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir5352_5960  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir5760_29566  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir5808_18037  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir604_12581  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Temp\scoped_dir7072_3407  =>.SUP.Temporary.Steam
MOVIDO archivo: C:\Users\admin\AppData\Local\Google\Update  =>Heuristic.Suspect
MOVIDO archivo: C:\Users\admin\AppData\Local\{0046065D-5064-498C-9F7E-735E7B48F9BF}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{04DBE0E2-10A0-4EB7-AFC1-032511E6359E}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{05E2281E-DC03-4E4E-B8AC-6FC1A94C6936}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{0BA23F56-8EA3-4C46-92B2-2ECF6F66EDB0}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{0ECFB62B-AACB-4DE4-BF2D-B8A8F50DEDDA}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{1420B65E-A04D-4F00-A85A-6A988C3F1AF7}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{14CCBA6D-593D-4AD6-966A-4E6E4C2A2CAE}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{1E995E6C-E99B-4C44-8DCA-DD293EA0E053}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{20794779-DED7-41D6-AEB2-94B8FC9B1155}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{20CC89E2-1BA7-48A4-BCDC-15FE075A02A2}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{26FC66EB-6B39-43C5-8CB2-C33322F33F64}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{2D87D6A1-06F6-43A2-A23B-C6B09C2D530A}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{2FD896B4-0E85-4AD3-89D2-C674C8222FAF}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{332C94E4-38A7-41E7-AAE3-2F12DEFC1BB7}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{3EC45C88-4046-48C6-A61B-F8C7A3582196}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{3ED045DF-D32D-46C9-AFF1-C5260CC54C61}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{4025981A-DB59-49F5-8F31-44FFC35CF291}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{447BEEA5-ED5B-4D06-9066-80703CD3A289}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{450677EF-26F6-40E3-9A5A-312918998B2E}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{45EE72E0-69A4-4946-82CF-7A12AE7974CD}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{527C0551-B309-4377-BA5E-C6289DD53058}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{562295C6-D7CD-4973-9F37-F4BE9B8CC04D}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{5968C5B1-837F-488D-8BDB-0299CABD6B6A}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{5A516C59-AAE0-42F3-BF94-170BFC08FDB8}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{617655E7-5072-4E60-8C8B-6E344A4C94EA}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{67BE27EC-51F9-4064-B276-1AB82677B0AD}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{67D5183A-19A4-402B-9EDC-A1B3C15942FA}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{713EB573-A1F3-40E6-B456-95543AAACF41}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{71E8ED94-4D2C-4910-8362-76C37A37F4A1}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{7A06209A-ACCA-4A07-ABE9-C6DF1542C231}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{8238E10E-93EF-4878-AF46-E3F91B0517A0}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{829BA554-C5FC-40C0-943D-A5E2705E38D8}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{865CAA99-7437-4361-A5CF-F8BAA06CF1DB}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{8E4641F7-4B0D-4F7B-AD20-D4973BBCA748}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{8F44CF48-F431-46DE-BFB8-7F0E79F066C4}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{928A4479-C927-4FFC-89C1-DD018C03BFC4}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{99BD4BD6-67EF-4D5D-B877-B89B91273791}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{9A9A0F5D-14B2-488A-80F4-399A75A2A749}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{9D5355CD-DD34-4813-AA30-348DD698CC10}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{A6434C23-8BF9-4679-97E2-8F7B0984EA23}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{A786C1DF-CB0E-40DC-9771-995ACCE65CB8}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{A8DC2F2B-FA46-4BA2-84F5-E94E32FDC7D2}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{B8A6B608-9A5D-4517-A23F-EABF1A4D98B6}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{BC8805DD-AE68-4899-99DB-7F22E93B9E73}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{C18FC2B2-51D5-4138-B4A1-9921C5DE8B46}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{D26B655D-F3BF-4D06-9D6B-9A641F3BB9CA}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{D2A2DED8-ABC9-4B16-863B-0DBD4AABE5A2}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{D4853FD7-475C-48FA-977C-41A8230D4863}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{E3FC764E-E9B9-435D-8B5B-5DA7D65C3B09}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{E4CEB3BA-E31E-404F-A25F-CEA7A92F8132}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{EBE9DFB4-B023-4EF7-A2F1-1ADB2ED061BB}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{F853FB3C-53D3-4BAC-AB27-CC740C36C27D}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\Local\{F9E0D71B-7DDD-4E26-AC86-BFC45EF62343}  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\LocalLow\Apple Computer  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\LocalLow\EmieBrowserModeList  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\LocalLow\EmieSiteList  =>.SUP.Empty
MOVIDO archivo: C:\Users\admin\AppData\LocalLow\EmieUserList  =>.SUP.Empty


---\\  Registro ( Claves, Valores, Datos) (4)
BORRADOS clave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)
BORRADOS clave*: HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman]  =>PUP.Optional.Camec
BORRADOS clave*: HKLM\SOFTWARE\Classes\TorntvDownloader []  =>Adware.TornTV
BORRADOS valor: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\LanguageShortcut [C:\Program Files\CyberLink\PowerDVD\Language\Language.exe]  =>Heuristic.Salus


---\\  Resumen de elementos en su estación de trabajo (12)
https://www.nicolascoolman.com/fr/spyware-putlocker/  =>PUP.Optional.PutLocker
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>Heuristic.Salus
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.MSIInstaller
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.Adobe
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Other
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Steam
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.Camec
https://nicolascoolman.eu/2017/10/21/adware-torntv/  =>Adware.TornTV


---\\ Limpieza adicional. (3)
~ Clave de registro Tracing borrados (3)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ falta este navegador! (Mozilla Firefox)
~ falta este navegador! (Opera Software)
~ El sistema ha sido reiniciado.


---\\ STATISTIQUES
~ Items escaneado : 1189
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 12/12
~ Ahorro de espacio (bytes) : 4285952


~ End of clean in 00h00mn26s

---\\  Reporte (2)
ZHPCleaner-S]-20032019-13_38_59.txt
ZHPCleaner-R]-20032019-13_52_51.txt
#14

El ordenador en modo normal se sigue quedando pillado, lo tengo que seguir haciendo desde el modo seguro con función de red, incluso todos estos reportes te los hago desde ahí ya que el ordenador se enciende y a los poco minutos se queda pillado o desaparecen todos los iconos del escritorio e incluso la barra y se queda con el fondo de la imagen. Gracias.

#15
  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Recuerda poner los logs enteros…el de Eset falta casi todo…pegamelo bien…puedes editar esa respuesta del log de Eset y pegarlo bien

#16

Aquí dejo el log Frst.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-03-2019
Ran by admin (administrator) on ADMIN1 (20-03-2019 20:57:09)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-04] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG) [File not signed]
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [206128 2008-10-10] (Hewlett-Packard Company ->  Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-09-23] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [69216 2006-12-06] (CyberLink -> Cyberlink Corp.) [File not signed]
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-02-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] (DivX, LLC -> )
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [jswtrayutil] => C:\Program Files\Jumpstart\jswtrayutil.exe [528384 2008-09-26] (Atheros Communications, Inc.) [File not signed]
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [147456 2007-01-15] (Nero AG) [File not signed]
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company) [File not signed]
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [653440 2018-04-26] (OpenVPN Technologies, Inc. -> )
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] => C:\Program Files\Google\Chrome\Application\chrome.exe [1534448 2019-03-01] (Google LLC -> Google Inc.)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\MountPoints2: {3dd3b832-71ad-11df-a109-00269e5e4a70} - G:\Launcher.exe -a
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\MountPoints2: {7e1bad6d-3b2a-11df-aafe-00269e5e4a70} - F:\autorun.exe
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\MountPoints2: {add3582b-515c-11e0-90fd-00269e5e4a70} - H:\autorun.exe
HKU\S-1-5-18\...\Run: [Norton Download Manager{NIS2281014-SHPD-FSD57026}] => C:\Users\Public\Downloads\Norton\{NIS2281014-SHPD-FSD57026}\NISFSD.exe [1107280 2016-11-25] (Symantec Corporation -> Symantec Corporation)
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [130048 2008-12-07] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [118784 2007-09-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [67584 2009-02-09] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-05] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{f614806b-ce60-40cd-990f-e8e07df79e49}] -> 
CHR HKU\S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{4165F51C-9647-45B1-AE74-D0E4A16C2B5F}: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{6CD76D63-47AA-47B4-868B-AAB0719B31B5}: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{8538EDBD-D70C-43EE-967B-FAC6ECA67512}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{A05CFFE5-198E-4776-B3CF-0285633DFC78}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E9C9B02D-F143-49A6-82B7-18636DDE5F53}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FB88D55D-4B3C-4867-88BD-3380C0BDEAF0}: [DhcpNameServer] 80.58.61.250 80.58.61.254

Internet Explorer:
==================
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_es&c=91&bd=Presario&pf=cnnb
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
SearchScopes: HKLM -> {58075C17-0D4C-4BC2-8526-503C960426BD} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1127&query={searchTerms}&invocationType=tb50hpcnnbie7-es-es
SearchScopes: HKLM -> {943224BF-1A7E-4565-821B-45CC7732E7C4} URL = hxxp://es.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913937
SearchScopes: HKLM -> {D3361F76-187D-4FC8-A363-94C9B5452926} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> {58075C17-0D4C-4BC2-8526-503C960426BD} URL = 
SearchScopes: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> {943224BF-1A7E-4565-821B-45CC7732E7C4} URL = 
SearchScopes: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> {D3361F76-187D-4FC8-A363-94C9B5452926} URL = 
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC -> DivX, LLC)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation -> Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31] (Symantec Corporation -> Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02] (AOL LLC -> AOL LLC)
BHO: Windows Live Aplicación auxiliar de inicio de sesión -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02] (AOL LLC -> AOL LLC)
Toolbar: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {01113300-3E00-11D2-8470-0060089874ED} hxxp://web.atar.rima-tde.net/sdccommon/download/tgctlcm.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {B6F0855B-A06D-498B-A537-80AFF04A1B4E} hxxps://www.movistar.es/o1/http/WSClient.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldes-es.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.1.14\coFFAddon => not found
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\IPSFFPlgn
FF Extension: (Symantec IPS) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\IPSFFPlgn [2019-01-04] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\coFFPlgn_2011_7_13_2
FF Extension: (Norton Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\coFFPlgn_2011_7_13_2 [2019-03-20] [Legacy] [not signed]
FF HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\admin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.) [File not signed]
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC -> DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [No File]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-05-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @pandasecurity.com/activescan -> C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll [2010-07-27] (Panda Security S.L -> Panda Security, S.L.)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) [File not signed]
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype Software Sarl -> Skype)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin: @veoh.com/VeohPlayer -> C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll [2008-04-01] (Veoh Networks Inc) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-07-30] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3387845806-4141466983-921437045-1000: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\admin\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3387845806-4141466983-921437045-1000: RSATom.name/FBVLC -> C:\Users\admin\AppData\Roaming\RSATom\FBVLC\0081A1~1.7\npFBVLC.dll [2013-10-09] (RSATom) [File not signed]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2019-03-20]
CHR Extension: (Documentos) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-14]
CHR Extension: (Búsqueda de Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-02-15]
CHR Extension: (ZenMate VPN - Mejor seguridad para Internet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2018-10-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (VXG Media Player) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncknjnnbahamgpjoafdebabmoamcnni [2019-03-15]
CHR Extension: (Agencia Estatal de Meteorología - AEM...) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhgepamdboolgoocpmekmpknhjohchbf [2018-12-24]
CHR Extension: (Player para ver Movistar+) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2019-03-07]
CHR Extension: (Ace Script) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-12-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (<video> de HTML5 de DivX Plus Web Player) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-09-08]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-16]
CHR Extension: (Llamadas de Skype) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk [2015-12-25]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-19]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKU\S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icdlolokpejjhocomjelllhkhoeedlgf] - C:\Program Files\DivX Flash Codec\flash2.crx [2013-01-05]
CHR HKU\S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ifdhgolccnkcbgpclpngdpjfahlnalig] - C:\Program Files\Viderio\viderio.crx <not found>
CHR HKU\S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [81920 2009-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Software AS -> EasyBits Sofware AS) [File not signed]
S2 gupdate1ca481abe6c9f47; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 jswpbapi; C:\Program Files\Jumpstart\jswpbapi.exe [188416 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S3 jswpsapi; C:\Program Files\Jumpstart\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S2 NIS; C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation -> Symantec Corporation)
S3 NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG) [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. ->  )
S2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64128 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64128 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S2 Realtek87B; C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [File not signed]
S2 RealtekWlanU; C:\Program Files\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-12-23] (SoftThinks -> )
S2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] (CyberLink -> )
S2 RTLDHCPService; C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
S2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S2 SupportSoft RemoteAssist; C:\Program Files\Common Files\supportsoft\bin\ssrc.exe [386424 2009-11-06] (SupportSoft, Inc. -> SupportSoft, Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S2 tgsrvc_telefonica; C:\Program Files\Telefonica\bin\tgsrvc.exe [148768 2009-11-06] (SupportSoft, Inc. -> SupportSoft, Inc.)
S4 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [86096 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S4 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [358480 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S4 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719416 2013-08-26] (VMware, Inc. -> VMware, Inc.)
S4 VMware NAT Service; C:\Windows\system32\vmnat.exe [437328 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-14] () [File not signed]
S2 .1248049333; C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.5.0.134\bntr1248049333.exe [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1172992 2009-09-22] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20190318.001\BHDrvx86.sys [1421016 2019-03-05] (Symantec Corporation -> Symantec Corporation)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2009-12-18] (Intel(R) Graphics DSS -> )
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-03-18] (DT Soft Ltd -> DT Soft Ltd)
S1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [399568 2019-01-25] (Symantec Corporation -> Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [122064 2019-02-02] (Symantec Corporation -> Symantec Corporation)
S1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S2 hcmon; C:\Windows\system32\drivers\hcmon.sys [43192 2013-08-26] (VMware, Inc. -> VMware, Inc.)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [16768 2007-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Development Company, L.P.)
S1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20190318.061\IDSvix86.sys [1092832 2019-01-25] (Symantec Corporation -> Symantec Corporation)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [8746496 2010-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [127488 2010-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R1 jswpslwf; C:\Windows\System32\DRIVERS\jswpslwf.sys [20384 2008-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-03-20] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [107168 2019-03-19] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [63552 2019-03-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-03-20] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [85232 2019-03-19] (Malwarebytes Corporation -> Malwarebytes)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20190319.002\NAVENG.SYS [104656 2019-03-04] (Symantec Corporation -> Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20190319.002\NAVEX15.SYS [1649232 2019-03-04] (Symantec Corporation -> Symantec Corporation)
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S0 pavboot; C:\Windows\System32\drivers\pavboot.sys [28552 2009-06-30] (Panda Security S.L -> Panda Security, S.L.)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2006-10-02] (Padus, Inc.) [File not signed]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh86.sys [138240 2008-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3127000 2014-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 RTSTOR; C:\Windows\System32\drivers\RTSTOR.SYS [60416 2008-12-29] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2009-10-31] (Duplex Secure Ltd -> Duplex Secure Ltd.)
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1207020.003\SRTSP.SYS [516216 2011-03-31] (Symantec Corporation -> Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NIS\1207020.003\SRTSPX.SYS [50168 2011-03-31] (Symantec Corporation -> Symantec Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 STHDA; C:\Windows\System32\DRIVERS\stwrt.sys [423424 2010-03-23] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R0 SymDS; C:\Windows\System32\drivers\NIS\1207020.003\SYMDS.SYS [340088 2011-01-27] (Symantec Corporation -> Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1207020.003\SYMEFA.SYS [744568 2011-03-15] (Symantec Corporation -> Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [126584 2019-01-03] (Symantec Corporation -> Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NIS\1207020.003\Ironx86.SYS [136312 2011-01-27] (Symantec Corporation -> Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NIS\1207020.003\SYMNETS.SYS [299640 2011-04-21] (Symantec Corporation -> Symantec Corporation)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [41976 2017-04-21] (Windscribe Limited -> The OpenVPN Project)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25808 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [17104 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37456 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S3 vmusb; C:\Windows\System32\DRIVERS\vmusb.sys [31928 2013-08-26] (VMware, Inc. -> VMware, Inc.)
S2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [65488 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [13560 2006-11-02] (CyberLink -> Cyberlink Corp.)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not
#17

Segunda parte…

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-20 20:57 - 2019-03-20 21:00 - 000036718 _____ C:\Users\admin\Desktop\FRST.txt
2019-03-20 20:27 - 2019-03-20 20:57 - 000000000 ____D C:\FRST
2019-03-20 20:25 - 2019-03-20 20:26 - 001793024 _____ (Farbar) C:\Users\admin\Desktop\FRST.exe
2019-03-20 13:52 - 2019-03-20 13:52 - 000016192 _____ C:\Users\admin\Desktop\ZHPCleaner (R).txt
2019-03-20 13:38 - 2019-03-20 13:38 - 000016644 _____ C:\Users\admin\Desktop\ZHPCleaner (S).txt
2019-03-20 13:13 - 2019-03-20 13:52 - 000000000 ____D C:\Users\admin\AppData\Roaming\ZHP
2019-03-20 13:13 - 2019-03-20 13:13 - 000000792 _____ C:\Users\admin\Desktop\ZHPCleaner.lnk
2019-03-20 13:13 - 2019-03-20 13:13 - 000000000 ____D C:\Users\admin\AppData\Local\ZHP
2019-03-20 13:12 - 2019-03-20 13:12 - 003323264 _____ C:\Users\admin\Desktop\ZHPCleaner.exe
2019-03-20 08:39 - 2019-03-20 08:39 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2019-03-19 21:47 - 2019-03-19 21:47 - 000000000 ____D C:\Users\admin\AppData\Local\ESET
2019-03-19 21:46 - 2019-03-19 21:46 - 007666296 _____ (ESET spol. s r.o.) C:\Users\admin\Desktop\ESETOnlineScanner_ESL.exe
2019-03-19 21:03 - 2019-03-20 14:11 - 000063552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-03-19 21:02 - 2019-03-19 21:02 - 000107168 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-03-19 21:02 - 2019-03-19 21:02 - 000085232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-03-19 20:53 - 2019-03-20 14:31 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-03-19 18:47 - 2019-03-20 14:31 - 000664810 _____ C:\Windows\ntbtlog.txt
2019-03-19 11:05 - 2019-03-19 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-03-19 10:55 - 2019-03-19 10:55 - 000003458 _____ C:\Users\admin\Desktop\reporte malware.txt
2019-03-19 09:26 - 2019-03-19 09:32 - 000000000 ____D C:\AdwCleaner
2019-03-17 23:06 - 2019-03-20 14:31 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-03-17 23:06 - 2019-03-17 23:06 - 000000000 ____D C:\Users\admin\AppData\Local\mbamtray
2019-03-17 23:06 - 2019-03-17 23:06 - 000000000 ____D C:\Users\admin\AppData\Local\mbam
2019-03-17 23:05 - 2019-03-17 23:05 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-17 23:05 - 2019-03-17 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-17 23:05 - 2019-03-17 23:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-17 23:05 - 2019-03-17 23:05 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-17 23:05 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-03-17 23:00 - 2019-03-17 23:00 - 007316688 _____ (Malwarebytes) C:\Users\admin\Desktop\adwcleaner_7.2.7.0.exe
2019-03-17 22:05 - 2019-03-17 22:05 - 000000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2019-03-15 14:31 - 2019-03-15 14:31 - 000000000 _____ C:\Users\admin\AppData\Local\{CFE5A103-3F6B-4109-A016-28D931A1A63E}
2019-03-14 11:29 - 2019-03-14 11:29 - 000000000 ____H C:\Users\admin\AppData\Local\BIT21D5.tmp
2019-03-14 11:29 - 2019-03-14 11:29 - 000000000 _____ C:\Users\admin\AppData\Local\{F9C77B6D-579B-4CFC-B49C-51D2D1061B5F}
2019-03-13 11:44 - 2019-02-26 22:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-03-13 11:44 - 2019-02-26 08:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-03-13 11:44 - 2019-02-26 08:19 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-03-13 11:44 - 2019-02-26 08:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-13 11:44 - 2019-02-26 08:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-03-13 11:44 - 2019-02-26 08:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-03-13 11:44 - 2019-02-26 08:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-03-13 11:44 - 2019-02-26 08:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-03-13 11:44 - 2019-02-26 08:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-03-13 11:44 - 2019-02-26 07:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-03-13 11:44 - 2019-02-26 07:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-13 11:44 - 2019-02-26 07:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-13 11:44 - 2019-02-26 07:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-03-13 11:44 - 2019-02-26 07:57 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-03-13 11:44 - 2019-02-26 07:51 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-03-13 11:44 - 2019-02-26 07:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-03-13 11:44 - 2019-02-26 07:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-03-13 11:44 - 2019-02-26 07:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-03-13 11:44 - 2019-02-26 07:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-03-13 11:44 - 2019-02-26 07:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-03-13 11:44 - 2019-02-26 07:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-03-13 11:44 - 2019-02-26 07:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-03-13 11:44 - 2019-02-26 07:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-03-13 11:44 - 2019-02-26 07:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-03-13 11:44 - 2019-02-26 07:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-03-13 11:44 - 2019-02-26 07:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-03-13 11:44 - 2019-02-26 07:31 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-03-13 11:44 - 2019-02-26 07:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-03-13 11:44 - 2019-02-26 07:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-13 11:44 - 2019-02-26 07:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-13 11:44 - 2019-02-26 07:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-13 11:44 - 2019-02-26 07:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-03-13 11:43 - 2019-03-06 04:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-03-13 11:43 - 2019-03-06 04:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-13 11:43 - 2019-03-06 04:04 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-03-13 11:43 - 2019-03-06 04:04 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-03-13 11:43 - 2019-03-06 04:04 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-03-13 11:43 - 2019-03-06 04:04 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-03-13 11:43 - 2019-03-06 04:04 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-03-13 11:43 - 2019-03-06 04:02 - 001310520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-03-13 11:43 - 2019-03-06 04:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 03:41 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-03-13 11:43 - 2019-03-06 03:41 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-03-13 11:43 - 2019-03-06 03:41 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-03-13 11:43 - 2019-03-06 03:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-03-13 11:43 - 2019-03-06 03:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-03-13 11:43 - 2019-03-06 03:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-03-13 11:43 - 2019-03-06 03:39 - 002405376 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-13 11:43 - 2019-03-06 03:39 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-03-13 11:43 - 2019-03-06 03:39 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-03-13 11:43 - 2019-03-06 03:39 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-03-13 11:43 - 2019-03-06 03:37 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-03-13 11:43 - 2019-03-06 03:37 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-13 11:43 - 2019-03-06 03:37 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-13 11:43 - 2019-03-06 03:37 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-03-13 11:43 - 2019-03-06 03:37 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-13 11:43 - 2019-03-06 03:37 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-13 11:43 - 2019-03-06 03:36 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-03-13 11:43 - 2019-03-06 03:36 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-03-13 11:43 - 2019-03-06 03:36 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-03-13 11:43 - 2019-03-06 03:36 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-03-13 11:43 - 2019-03-06 03:36 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-03-13 11:43 - 2019-03-06 03:36 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-03-13 11:43 - 2019-03-06 03:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-03-13 11:43 - 2019-03-06 03:36 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-13 11:43 - 2019-03-06 03:36 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-03-13 11:43 - 2019-03-06 03:36 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-03-13 11:43 - 2019-03-06 03:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 03:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 03:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 11:43 - 2019-03-06 03:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-13 11:43 - 2019-03-05 03:40 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-03-13 11:43 - 2019-03-05 03:40 - 000026368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-13 11:43 - 2019-03-05 03:40 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-03-13 11:43 - 2019-02-26 08:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-13 11:43 - 2019-02-26 08:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-03-13 11:43 - 2019-02-26 08:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-13 11:43 - 2019-02-26 07:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-13 11:43 - 2019-02-22 03:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-03-13 11:43 - 2019-02-22 03:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-13 11:43 - 2019-02-22 03:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2019-03-13 11:43 - 2019-02-16 06:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-13 11:43 - 2019-02-16 06:50 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-13 11:43 - 2019-02-16 06:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-03-13 11:43 - 2019-02-16 06:50 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-13 11:43 - 2019-02-16 06:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-13 11:43 - 2019-02-16 06:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-03-13 11:43 - 2019-02-16 06:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-03-13 11:43 - 2019-02-15 16:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-13 11:43 - 2019-02-15 16:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-13 11:43 - 2019-02-15 16:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-13 11:43 - 2019-02-15 16:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-03-13 11:43 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-03-13 11:43 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-03-13 11:43 - 2019-02-10 17:43 - 001214176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-13 11:43 - 2019-02-10 17:18 - 000247296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-13 11:43 - 2019-02-10 17:18 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-13 11:43 - 2019-02-10 17:18 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-13 11:43 - 2019-02-10 17:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-13 11:43 - 2019-02-08 16:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-13 11:43 - 2019-02-08 16:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-13 11:43 - 2019-02-08 16:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-03-13 11:43 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-03-13 11:43 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-03-13 11:43 - 2019-02-07 16:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-03-13 11:43 - 2019-02-07 16:53 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-13 11:43 - 2019-02-07 16:42 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-03-13 11:43 - 2019-02-07 16:42 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-03-13 11:43 - 2019-02-03 16:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-13 11:43 - 2019-01-04 17:00 - 000122600 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-13 11:43 - 2019-01-04 16:56 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-13 11:43 - 2019-01-04 15:04 - 002703872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-13 11:43 - 2019-01-04 15:04 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-13 11:43 - 2019-01-04 15:04 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-13 11:43 - 2019-01-04 15:04 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-13 11:43 - 2019-01-04 15:04 - 000377856 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-03-13 11:43 - 2019-01-04 15:04 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-13 11:43 - 2019-01-04 15:04 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-13 11:43 - 2019-01-04 15:04 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-13 11:43 - 2019-01-03 16:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-13 11:29 - 2019-02-10 17:43 - 000078560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-03-13 11:29 - 2019-02-10 17:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-03-13 11:29 - 2019-02-10 17:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-03-13 11:29 - 2019-02-10 17:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-03-13 11:29 - 2019-02-10 17:37 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-03-13 11:29 - 2019-02-10 17:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-03-13 11:29 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-03-13 11:29 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-03-13 11:29 - 2019-02-10 17:28 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-13 11:29 - 2019-02-10 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-03-13 11:29 - 2019-02-10 17:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-03-13 11:29 - 2019-02-10 17:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-03-13 11:29 - 2019-02-10 17:19 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-03-13 11:29 - 2019-02-10 17:19 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-03-13 11:29 - 2019-02-10 17:19 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-20 14:38 - 2009-10-09 16:44 - 000000069 _____ C:\Windows\NeroDigital.ini
2019-03-20 14:24 - 2008-05-06 19:41 - 000000286 _____ C:\ProgramData\hpqp.ini
2019-03-20 14:23 - 2009-10-08 14:15 - 000000000 ____D C:\Users\admin\Tracing
2019-03-20 14:22 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-20 13:52 - 2009-10-08 14:17 - 000000000 ____D C:\Users\admin\AppData\Local\Google
2019-03-20 13:06 - 2009-10-10 18:04 - 000000000 ____D C:\Users\admin\Desktop\Norton Internet security 2010 +TrialReset 2010 v1.5.0 (Cracked by BOX!)
2019-03-20 11:00 - 2009-10-24 14:14 - 000000000 ____D C:\Users\admin\Downloads\jdownloader
2019-03-20 08:45 - 2009-11-11 20:26 - 000000000 ____D C:\Program Files\CCleaner
2019-03-20 08:17 - 2015-12-27 12:26 - 000000000 ____D C:\Users\admin\AppData\Roaming\Skype
2019-03-19 21:09 - 2008-05-06 18:36 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-19 21:09 - 2008-05-06 18:36 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-19 21:03 - 2009-11-04 22:22 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2019-03-19 11:59 - 2009-07-14 05:53 - 000032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-03-19 11:27 - 2008-05-06 19:41 - 000154952 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2019-03-19 11:26 - 2009-07-14 05:33 - 003923984 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-19 11:25 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2019-03-19 11:20 - 2014-04-25 15:14 - 000000000 ____D C:\Users\admin\AppData\Roaming\uTorrent
2019-03-19 11:20 - 2010-12-04 19:49 - 000000000 ____D C:\Users\admin\AppData\Roaming\Media Player Classic
2019-03-19 11:20 - 2010-03-27 09:52 - 000000000 ____D C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
2019-03-19 11:19 - 2010-06-06 13:29 - 000000000 ____D C:\Windows\Minidump
2019-03-19 11:19 - 2008-05-07 04:31 - 000000000 ____D C:\Windows\Panther
2019-03-19 09:55 - 2009-10-08 14:16 - 000000000 ____D C:\Program Files\Google
2019-03-19 09:32 - 2008-05-06 18:39 - 000000000 ____D C:\Users\admin
2019-03-19 00:18 - 2009-10-08 13:58 - 000001819 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay compra y vende de todo.lnk
2019-03-18 13:21 - 2011-06-04 11:18 - 000000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2019-03-17 21:35 - 2012-07-21 10:59 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2019-03-17 16:29 - 2012-03-23 20:23 - 000000000 ____D C:\Users\admin\AppData\Roaming\HpUpdate
2019-03-14 17:22 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2019-03-14 16:12 - 2009-08-07 06:19 - 000769176 _____ C:\Windows\system32\perfh00A.dat
2019-03-14 16:12 - 2009-08-07 06:19 - 000166878 _____ C:\Windows\system32\perfc00A.dat
2019-03-14 16:12 - 2008-05-06 19:42 - 001724816 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-14 16:02 - 2014-12-16 12:27 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-14 16:02 - 2014-05-09 09:50 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-03-14 16:02 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\Dism
2019-03-12 23:32 - 2012-04-01 12:34 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-03-12 23:32 - 2011-05-16 22:06 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-03-12 23:31 - 2009-03-03 07:18 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-09 18:28 - 2018-12-06 17:32 - 000000000 ____D C:\Users\admin\AppData\Roaming\Kodi
2019-03-05 21:49 - 2016-01-19 17:01 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2019-03-05 13:45 - 2011-11-11 21:45 - 000000000 ____D C:\Users\admin\Downloads\wifiway-2.0.1definitivisimo
2019-03-05 11:09 - 2013-09-08 12:27 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-05 11:09 - 2013-09-08 12:27 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-01 16:06 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\NDF
2019-02-23 15:06 - 2015-09-20 16:28 - 000000000 ____D C:\Users\admin\Documents\Virtual Machines
2019-02-23 15:06 - 2015-09-20 16:25 - 000000000 ____D C:\Users\admin\AppData\Local\VMware
2019-02-23 14:50 - 2015-09-20 16:25 - 000000000 ____D C:\Users\admin\AppData\Roaming\VMware
2019-02-23 14:49 - 2015-09-20 16:20 - 000000000 ____D C:\ProgramData\VMware
2019-02-18 14:45 - 2017-02-27 02:19 - 000000505 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-02-18 13:08 - 2013-11-07 11:22 - 000007880 _____ C:\Users\admin\Documents\mac wifi plasencia piso.txt

==================== Files in the root of some directories =======

2016-04-19 19:36 - 2018-12-02 18:48 - 000029184 ___SH () C:\Users\admin\AppData\Roaming\Thumbs.db
2009-10-23 09:55 - 2009-10-23 09:55 - 000024206 _____ () C:\Users\admin\AppData\Roaming\UserTile.png
2018-05-12 17:20 - 2019-02-11 16:20 - 000000600 _____ () C:\Users\admin\AppData\Roaming\winscp.rnd
2012-05-08 15:15 - 2013-05-16 21:52 - 000001456 _____ () C:\Users\admin\AppData\Local\Adobe Guardar para Web 11.0 Prefs
2008-05-06 19:41 - 2008-05-06 19:41 - 000000000 _____ () C:\Users\admin\AppData\Local\AtStart.txt
2019-03-14 11:29 - 2019-03-14 11:29 - 000000000 ____H () C:\Users\admin\AppData\Local\BIT21D5.tmp
2010-04-30 15:57 - 2016-09-26 23:55 - 000011776 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-05-06 19:41 - 2008-05-06 19:41 - 000000000 _____ () C:\Users\admin\AppData\Local\DSwitch.txt
2008-05-06 19:41 - 2008-05-06 19:41 - 000000000 _____ () C:\Users\admin\AppData\Local\QSwitch.txt
2011-04-28 12:50 - 2013-09-18 17:13 - 000007597 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2019-03-15 14:31 - 2019-03-15 14:31 - 000000000 _____ () C:\Users\admin\AppData\Local\{CFE5A103-3F6B-4109-A016-28D931A1A63E}
2019-03-14 11:29 - 2019-03-14 11:29 - 000000000 _____ () C:\Users\admin\AppData\Local\{F9C77B6D-579B-4CFC-B49C-51D2D1061B5F}

Some zero byte size files/folders:
==========================
C:\Windows\System32\nsprs.dll
C:\Windows\System32\serauth1.dll
C:\Windows\System32\serauth2.dll
C:\Windows\System32\ssprs.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-14 00:05

==================== End of FRST.txt ============================
#18

Aquí te dejo el log de addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-03-2019
Ran by admin (20-03-2019 21:00:37)
Running from C:\Users\admin\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2008-05-06 18:40:31)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-3387845806-4141466983-921437045-1000 - Administrator - Enabled) => C:\Users\admin
Administrador (S-1-5-21-3387845806-4141466983-921437045-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3387845806-4141466983-921437045-1002 - Limited - Enabled)
Invitado (S-1-5-21-3387845806-4141466983-921437045-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Projector Gateway (HKLM\...\Acer Projector Gateway_is1) (Version:  - )
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{1D106581-6726-4D1B-ABEC-0CA02410F24F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.2 (HKLM\...\{12A54F16-7F2E-4D42-BBCA-E0CC3CBF0457}) (Version: 5.2.1 - Adobe)
Adobe Reader 9.4.6 - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-A94000000001}) (Version: 9.4.6 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC)
Ares 2.2.4 (HKLM\...\Ares) (Version: 2.2.4-Build#3048 - Ares Development Group)
Art Effects for PDR10 (HKLM\...\NewBlue Art Effects for PDR10) (Version: 2.0 - NewBlue)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 7.7 - Atheros)
AutoCAD 2008 - Español (HKLM\...\{5783F2D7-6001-040A-0002-0060B0CE6BBA}) (Version: 17.1.51.0 - Autodesk) Hidden
AutoCAD 2008 - Español (HKLM\...\AutoCAD 2008 - Español) (Version: 17.1.51.0 - Autodesk)
Autodesk DWF Viewer 7 (HKLM\...\{9A346205-EA92-4406-B1AB-50379DA3F057}) (Version: 7.2.0 - Autodesk, Inc.)
AXIS Media Control Embedded (HKLM\...\AXIS Media Control Embedded) (Version:  - )
AXIS Media Control Embedded Installer (HKLM\...\{FD727056-F0C4-4811-9688-9EBF450D22C4}) (Version: 4.1.4 - Axis Communications)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM\...\DPP) (Version: 3.8.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities Original Data Security Tools (HKLM\...\Original Data Security Tools) (Version: 1.8.0.1 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
CanoScan Toolbox Ver4.1 (HKLM\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version:  - )
Capicom 2.1.0.2 FNMT-RCM (HKLM\...\{E06DBD80-CD9B-4A3F-BD83-ED1AA4CB1E3A}) (Version: 1.00.0000 - FNMT-RCM)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compresor WinRAR (HKLM\...\WinRAR archiver) (Version: 4.20 Beta 3 (64 Bits) - )
Configurador_FNMT (HKLM\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.5 - FNMT-RCM)
Counter-Strike 1.0 (HKLM\...\Counter-Strike) (Version: 1.0 - )
Counter-Strike 1.6 (HKLM\...\Counter-Strike 1.6) (Version:  - )
Cuadro de mensaje de excepción de Microsoft (HKLM\...\{B194E30B-22C6-4FEA-A4A9-D839E243D31D}) (Version: 9.00.5000.00 - Microsoft Corporation) Hidden
CutePDF Printer Setup (HKLM\...\CutePDF Port Monitor) (Version:  - )
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2424 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.1129b - CyberLink Corp.)
CyberLink WaveEditor (HKLM\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2512 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
DivX Flash Codec version 12.6.402.278 (HKLM\...\DivX Flash Codec_is1) (Version: 12.6.402.278 - )
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM\...\dreamboxEDIT) (Version:  - )
eMule (HKLM\...\eMule) (Version: 0.50a - )
Estudio de mejora de productos de HP Deskjet 1000 J110 series (HKLM\...\{D8449AEE-63A2-42CF-AA83-BDC99C91EF81}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FireBreathed VLC (HKLM\...\{C316CD29-2158-4F0A-8A76-5C297AABC97B}) (Version: 0.0.7 - RSATom)
Galería fotográfica de Windows Live (HKLM\...\{A7BBE3D6-F19A-40E6-96EC-84E1DC88F262}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Hewlett-Packard ACLM.NET v1.1.1.0 (HKLM\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Deskjet 1000 J110 series Ayuda (HKLM\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Quick Launch Buttons 6.40 M1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 M1 - Hewlett-Packard)
HP Support Assistant (HKLM\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.5991.2847 - Hewlett-Packard)
HP Total Care Setup (HKLM\...\{95A747E0-DF19-46CB-A622-20A0107201BD}) (Version: 1.1.2413.2876 - Hewlett-Packard Company)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HP User Guides 0138 (HKLM\...\{17050C48-16CB-4500-A102-CEAD750CE11E}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{E5E29403-3D25-40C6-892B-F9FEE2A95585}) (Version: 3.50 A6 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6140.0 - IDT)
Instalación de DivX (HKLM\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
IPTViewr para movistar+ 1.5 “Kruger 60” alpha 4 (HKLM\...\{5BE7CB08-BCB3-44A2-9B29-AFF68FF70249}) (Version: 1.5.40.0 - hxxp://movistartv.codeplex.com)
Java 7 Update 7 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Jumpstart Installation Program (HKLM\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version:  - Atheros)
K-Lite Mega Codec Pack 4.6.2 (HKLM\...\KLiteCodecPack_is1) (Version: 4.6.2 - )
Kodi (HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Kodi) (Version:  - XBMC-Foundation)
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1224 - CyberLink Corp.) Hidden
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1224 - CyberLink Corp.)
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Magic Desktop (HKLM\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Matemáticas de Microsoft (HKLM\...\{07143840-959A-4B0D-8825-2C533F0DDB19}) (Version: 2007 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ESN (HKLM\...\{A0B1FC80-5965-4021-9048-5FA9590D535C}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Student con Encarta Premium 2009 (HKLM\...\{09141881-2C94-4A67-8E55-8483C019C7D2}) (Version: 2009 - Microsoft Corporation)
Microsoft Sync Framework for Devices CTP1 (HKLM\...\{D0077228-CFBE-4BFF-99CB-3D8B23709175}) (Version: 0.94.1210.0 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}) (Version: 7.0.35.7918 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Nero 7 Ultra Edition (HKLM\...\{9A3D392C-B0BB-400A-A761-4B1497911034}) (Version: 7.02.4717 - Nero AG)
Norton Internet Security (HKLM\...\NIS) (Version: 18.7.2.3 - Symantec Corporation)
Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
Octave UPM R8.2 (HKLM\...\Octave UPM R8.2) (Version: R8.2 - )
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenVPN 2.4.6-I602  (HKLM\...\OpenVPN) (Version: 2.4.6-I602 - OpenVPN Technologies, Inc.)
Panda ActiveScan 2.0 (HKLM\...\ActiveScan 2.0) (Version: 01.04.01.0000 - Panda Security)
Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - esn) (Version:  - Microsoft Corporation)
PDF Settings CS6 (HKLM\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerStars (HKLM\...\PokerStars) (Version:  - PokerStars)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2423 - CyberLink Corp.) Hidden
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2423 - CyberLink Corp.)
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2424 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2424 - CyberLink Corp.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.2.2414.0 - CyberLink Corporation)
Pro Cycling Manager - La Vuelta - Temporada 2012 versión 1.3.0. (HKLM\...\Pro Cycling Manager 2012_is1) (Version: 1.3.0.0 - Cyanide)
Pro Evolution Soccer 2010 (HKLM\...\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2013 (HKLM\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2013 Patch 1.01 (HKLM\...\Pro Evolution Soccer 2013 Patch 1.01_is1) (Version:  - Konami Digital Entertainment, Inc)
Pro Evolution Soccer 2014 (HKLM\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.00.0000 - KONAMI)
QGIS Dufour 2.0.1 Dufour (HKLM\...\QGIS Dufour) (Version:  - QGIS Development Team)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20115 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - ALFA NETWORK Inc..)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0253 - REALTEK Semiconductor Corp.)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SimpleTV 0.4.7 r2 (HKLM\...\{7EEB77C3-FDDC-4BC6-9ABA-F4E22B12AC63}_is1) (Version:  - SergeyVS)
Skype Web Plugin (HKLM\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
Software básico del dispositivo HP Deskjet 1000 J110 series (HKLM\...\{0974A4AF-1BE8-416A-885F-47BE510EBA18}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
SPORE Creature Creator Trial Edition (HKLM\...\{ECEE0279-785F-4CB3-9F28-E69813234BF8}) (Version: 1.00.0000 - Electronic Arts)
SPSS 15.0 para Windows (HKLM\...\{471F79CC-41F5-458F-B768-7F687F97B6EC}) (Version: 15.0.1 - SPSS Inc.)
SupportSoft ActiveX Controls 20091106_Cli (HKLM\...\{C5DB0A18-F6BA-47D2-A91C-33BF849D2748}) (Version: 15 - SupportSoft)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.1.0.0 - Synaptics)
System Requirements Lab for Intel (HKLM\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Tennis Elbow 2011 1.0c (HKLM\...\Tennis Elbow 2011) (Version: 1.0c - Mana Games)
Total Video Converter 3.71 100812 (HKLM\...\Total Video Converter 3.71_is1) (Version:  - EffectMatrix Inc.)
Tusor's Ultimate Patch (HKLM\...\Tusor's Ultimate Patch) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2627.4) (HKLM\...\{5545EEE9-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VeohTV BETA (HKLM\...\{0405E51E-9582-4207-8F38-AC44201D3808}) (Version: 3.9.1 - Veoh Networks, Inc.) Hidden
VeohTV BETA (HKLM\...\InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}) (Version: 3.9.1 - Veoh Networks, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Player (HKLM\...\{E452E727-86B8-4233-8CC3-41FD817AFAFF}) (Version: 6.0.0 - VMware, Inc.) Hidden
VMware Player (HKLM\...\VMware_Player) (Version: 6.0.0 - VMware, Inc)
Windows Live Asistente para el inicio de sesión (HKLM\...\{7593234B-2AEB-4FC9-B02D-C9B30D86084C}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{914DD274-9C5D-44CA-9AC7-12B8D2D4DA08}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinSCP 5.13 (HKLM\...\winscp3_is1) (Version: 5.13 - Martin Prikryl)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2008\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{52D4E39E-6CBD-524B-9922-E932946F6D1E}\InprocServer32 -> C:\Users\admin\AppData\Roaming\RSATom\FBVLC\0.0.7\npFBVLC.dll (RSATom) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{5E2663C1-51B3-49B7-B081-70181C2AF816}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD 2008\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2008\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{88007BE6-7171-46F0-858B-852DAD96016D}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{AFA95F79-06AC-4B9A-B261-D415063DC2B3}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2008\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{F69B7E4A-4A83-4485-8860-85DAA196D745}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
ShellExecuteHooks: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll [51656 2010-01-15] (EasyBits Software AS -> EasyBits Software Corp.) [File not signed]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  -> No File
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  -> No File
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [Identif. de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2007-02-12] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files\Common Files\Autodesk Shared\dwf Common\DWFShellExtension.dll [2006-11-09] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-01-08] (Nero AG) [File not signed]
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\NavShExt.dll [2012-06-08] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => C:\Program Files\Total Video Converter\TVCShellExt.dll [2010-07-29] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-01-17] () [File not signed]
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\NavShExt.dll [2012-06-08] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers2: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files\VMware\VMware Player\vmdkShellExt.dll [2013-08-27] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-01-17] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\NavShExt.dll [2012-06-08] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-01-17] () [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BAA1A8-CA9B-4035-A835-BB1386D76A8C} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe
Task: {21565C3E-C991-43A6-8FAE-5D17151143AF} - System32\Tasks\RunAsStdUser Task => C:\Program Files\MossySky\bin\1.0.16.0\MossySkySA.exe
Task: {2D5B17C4-600C-4C2F-97A9-F93B3442B51C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3131F4B4-D836-459B-A92E-7A19EEA24804} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files\Hewlett-Packard\HP Support Framework\HPTuneUp.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {3CA2E419-7077-492C-AF98-07D7132DE620} - System32\Tasks\{3AD7D87D-2E0A-4731-9E17-6520562FB380} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Downloads\wifiway-2.0.1definitivisimo\dumpeer v.80\JumpStart\setup.exe" -d "C:\Users\admin\Downloads\wifiway-2.0.1definitivisimo\dumpeer v.80\JumpStart"
Task: {40E00403-6FBD-42B0-A6CE-EEF76773A93A} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe (Symantec Corporation -> Symantec Corporation)
Task: {4B807266-8D7E-448D-8CCA-F51C0290B7FA} - System32\Tasks\{FC0C6388-83E9-4E1D-B4CF-6A8B5BD9AC4A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\EA Sports\FIFA 11\Support\FIFA 11_uninst.exe" -d "C:\Program Files\EA Sports\FIFA 11\Support"
Task: {5CECDB8E-4984-459D-B851-A4C94414C830} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5E1CFB6A-CC44-4CDA-9BFE-6B829AA744CB} - System32\Tasks\{517ACB3D-2BB7-4511-B8FD-D89DEC7A01D2} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Downloads\sapientest\sapienstest\INSTALAR [email protected]" -d C:\Users\admin\Downloads\sapientest\sapienstest
Task: {689D75DB-4F13-444F-BB61-7ECEF6CC3668} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {6AE4A974-54CD-45B4-9B04-3F711136EFBE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7231F2A4-EF11-4A6F-8300-BD0D15F8163B} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe (Hewlett-Packard Company -> Hewlett-Packard)
Task: {792D9ADB-E90E-48D8-A68F-9A7F85F69DFA} - System32\Tasks\Microsoft\Office Genuine Advantage\OGALogon => C:\Windows\system32\OGAExec.exe (Microsoft Corporation -> )
Task: {830174E5-EA23-4651-9C34-E2AFF8F51AA8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe (Hewlett-Packard Company -> Hewlett-Packard)
Task: {87B60643-0881-441D-A229-EF849D53CA5D} - System32\Tasks\{4F55587D-550E-4A25-BBEF-4F04D3762697} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Desktop\Norton Internet security 2010 +TrialReset 2010 v1.5.0 (Cracked by BOX!)\Norton Trial Reset v2.9.6\Desinstalar version anterior Norton\Norton_Removal_Tool.exe" -d "C:\Users\admin\Desktop\Norton Internet security 2010 +TrialReset 2010 v1.5.0 (Cracked by BOX!)\Norton Trial Re (the data entry has 47 more characters).
Task: {8E43E177-8D47-4DDC-9F85-290CCBA95622} - System32\Tasks\{18896D9A-6CFC-427D-A0D7-93F0ED22F58E} => C:\Windows\system32\pcalua.exe -a C:\Users\admin\Desktop\psp\escaner\lide20lide30n670un676un1240uvst7031a_xpen\SetupSG.exe -d C:\Users\admin\Desktop\psp\escaner\lide20lide30n670un676un1240uvst7031a_xpen
Task: {92295D95-B97E-412B-860E-8C940A13B444} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe
Task: {9AD51D24-4F91-4B27-BC6B-B87826F304BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {9F55FF20-A285-424E-88B8-BF4F9BA7C0B7} - System32\Tasks\{510CFE89-EC22-432D-BB12-15C074B96058} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\KONAMI\Pro Evolution Soccer 2010\kitserver\setup.exe" -d "C:\Program Files\KONAMI\Pro Evolution Soccer 2010\kitserver"
Task: {A6139324-0089-4541-B7D4-1A54D40F0B2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {AABFE75A-615B-4230-AAEE-3E143BEC6FB3} - System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series => C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe (Hewlett Packard -> Hewlett-Packard Co.)
Task: {AFAEDAB5-550E-4CB5-99A2-831761830182} - System32\Tasks\PresentationSettingsTurnOff_admin1_admin => C:\Windows\system32\PresentationSettings.exe
Task: {C23DB3B3-661B-4502-848C-C9A6EFA8756E} - System32\Tasks\Google Update => C:\Windows\upr.exe <==== ATTENTION
Task: {CE31E1AF-DAFD-46E8-BB93-68A344D62F15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {E8B28D26-B7EC-4D9B-BF1E-BE993122BC59} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe (Symantec Corporation -> Symantec Corporation)
Task: {EA655102-F8D5-4110-B8B9-4775A332026A} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe (Symantec Corporation -> Symantec Corporation)
Task: {F74C94AC-9E02-44E3-AD92-E1B589EB796E} - System32\Tasks\{7D322BA4-F9B2-47DE-A7AB-FFEF7EBE8941} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Downloads\Spain Euro 2012 Kit Pack\Spain Euro 2012 Kit Pack\Spain EURO 2012 Kit Pack.exe" -d "C:\Users\admin\Downloads\Spain Euro 2012 Kit Pack\Spain Euro 2012 Kit Pack"
Task: {FB6D6DE1-1B70-4D60-9069-11466E0F8B23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\admin\Downloads\SimpleTV (2.1.5)\work\Channel\logo\logo - Ярлык.lnk -> E:\PortableApps\SimpleTV Pre\work\Channel\logo (No File) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2013-06-03 13:34 - 2010-11-20 03:20 - 000988160 _____ () C:\Windows\system32\PROPSYS.dll
2011-06-18 11:50 - 2011-06-18 11:50 - 000097280 _____ () C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2011-06-18 11:50 - 2011-06-18 11:50 - 001093120 _____ () C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2003-03-19 05:14 - 2003-03-19 05:14 - 000499712 _____ () c:\program files\common files\ahead\dsfilter\msvcp71.dll
2003-02-21 13:42 - 2003-02-21 13:42 - 000348160 _____ () c:\program files\common files\ahead\dsfilter\MSVCR71.dll
2007-01-09 14:35 - 2007-01-09 14:35 - 003035136 _____ () C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll
2007-01-15 16:15 - 2007-01-15 16:15 - 000073728 _____ () C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
2003-03-18 19:12 - 2003-03-18 19:12 - 001047552 _____ () C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
2009-10-08 14:24 - 2007-01-17 16:36 - 000129024 _____ () C:\Program Files\WinRAR\rarext.dll
2012-04-07 21:24 - 2010-07-29 17:19 - 000234496 _____ () C:\Program Files\Total Video Converter\TVCShellExt.dll
2007-01-08 13:13 - 2007-01-08 13:13 - 001953792 _____ () C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
2003-03-19 05:20 - 2003-03-19 05:20 - 001060864 _____ () C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL
2019-03-17 23:05 - 2019-02-01 10:56 - 003084800 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 005139968 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-17 23:05 - 2019-02-01 10:55 - 005010944 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 002950144 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 002234880 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 004571648 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000438272 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 001181184 _____ () C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000124928 _____ () C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000026112 _____ () C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000020992 _____ () C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000259584 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000729088 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000073216 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000179712 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000101888 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-03-17 23:05 - 2019-02-01 10:56 - 000035328 _____ () C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Classes\.scr: AutoCADScriptFile => "C:\Windows\system32\notepad.exe" "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\gob.es -> hxxp://fnmt.gob.es

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-01-31 19:37 - 2019-01-31 19:36 - 000001821 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

2017-02-27 02:19 - 2019-02-18 14:45 - 000000505 _____ C:\Windows\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go;C:\Program Files\Common Files\DivX Shared\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.26.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.
#19

Segunda parte…

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{4B562C7D-02F8-415F-8F83-3EE8966A79C2}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A073BB77-F575-491F-9A89-7DD09EC3F0AA}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B7806DB5-262E-4ABA-87BC-FB599FB612B1}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{9CF9EFBA-68D4-4560-AFCD-8787E45C2ACA}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{E92049E2-64F1-4045-A343-FE1651F5B77F}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{B6A1F378-E965-48D3-9EE7-DBDCC5F4430D}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{8C362369-D4B6-4F75-8466-5B923F424A28}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{E2B04E01-5CB6-4E32-BA50-49811514DEFA}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{2B8CF920-D4F9-4E6C-9296-BB780264A9EC}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{11DC1FB0-BCC9-436E-9AEE-0F515AF67520}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{43BE490E-951A-4F13-9C06-79A1D1A16DC0}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{AF869DE1-8605-45F5-8921-93C8E9130EB6}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{CDEFC28F-2746-41A5-AF87-DD0C26756353}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{5A796B94-7D66-462A-AA81-C0D39389E1BC}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{39C962BB-8303-40FE-9859-4976F6FD5D18}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [{AFAECF47-F2C1-4F0B-851A-8C6239161764}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [{14C574B1-4005-4C0C-BE2C-575736127C86}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [{E82F772C-314E-4E56-969C-229A41A4C1D7}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [UDP Query User{A977BB7D-EEB1-4923-9732-A4D0ADD03080}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [TCP Query User{26CE9AB7-945E-4C40-B917-D5784F2F412D}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [UDP Query User{9EB37DC6-325F-4BA4-B77D-2783F8EFE955}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [TCP Query User{10545477-4592-4D1D-BA44-7C3B44351694}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [{65BDF675-FDE7-40F0-9DA4-40B10B79BBE6}] => (Allow) C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{2AFE4CCF-2A20-4296-9A36-38E08D18FA7C}] => (Allow) C:\Program Files\HP\QuickPlay\QP.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{79C8F8A2-C4F1-4D38-A01B-C6584C25CDE0}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [TCP Query User{C66BDE64-A7A0-40D7-8A52-25E6EFA2F969}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [UDP Query User{059878F3-9520-4DB9-923E-4576260F3A27}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [TCP Query User{727B0E39-6633-44E3-828F-635C4941632D}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [UDP Query User{D085809E-6450-459B-B0C3-439CBF9EC607}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [{7C8AB61B-8E2C-4911-85B6-13092241B31F}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{419F5789-6B7A-415F-955E-AA7894BA296A}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A1799263-8688-4BA2-97B0-221F09C5F689}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40683AB7-AA03-44C4-97F9-DEABF8FFE24F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A37A95E9-93EF-4B28-9AEE-C0D1ACAEFEA0}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C2DE80A-08F2-41FB-A352-9588090FFADE}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ED89A0B3-F828-45A6-8FD2-455A04653C17}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{042E2E6E-E123-47BC-ACE4-501EDB71186F}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{4EF24FF5-8409-4570-A55A-E09331D3C66B}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\PCM.exe (Focus Home Interactive -> Cyanide)
FirewallRules: [{E9A3582D-ADBD-4417-9186-B799D5A1DC1D}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\PCM.exe (Focus Home Interactive -> Cyanide)
FirewallRules: [{2781EBC6-AFEB-48BE-8226-57447A6869DB}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\Autorun\Exe\Autorun.exe (Focus Home Interactive -> )
FirewallRules: [{9E1290D6-4EC7-488B-96C9-4505AB74705D}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\Autorun\Exe\Autorun.exe (Focus Home Interactive -> )
FirewallRules: [{279B8FFC-100C-49F3-B69F-71B358FC64A1}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{63D7E408-6992-4AC1-9653-DC8120C0BFE1}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{A1CA1DB8-8484-41E8-A8E8-3C85FEC9D1DA}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{B49ADAFD-69CC-4417-8775-4C0D43AEF89D}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{991A7548-F0BD-4DAE-AFB1-BD6DAA0610EC}] => (Allow) H:\SKIDROW\pes2013.exe No File
FirewallRules: [{A0C7ED3F-F499-4FE8-A56D-4228130D3DA6}] => (Allow) H:\SKIDROW\pes2013.exe No File
FirewallRules: [TCP Query User{3ED6C208-7ABB-4502-A62E-B8A8A6970EE7}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{82209141-B89F-47E8-93E0-163FD2499450}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{679C0B96-1479-4AE6-A532-99BECBC9D982}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D18F6AD9-C229-495C-BD11-0E6C63E76E10}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{7EA58023-FFC8-4220-8B0F-F9F086C4755F}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5D6CB9DB-1968-4E3B-8D3E-A4A4B20AFBFA}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D5EA2C20-CA18-4004-B1C3-B3676AAE6040}] => (Allow) C:\Program Files\SkypeWebPlugin\3.2.0.23388\SkypeWebPlugin.exe (Skype Software Sarl -> Skype)
FirewallRules: [{27217E78-E2AA-4AFF-B6CF-C0070005B27B}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{EFAA79C2-19F9-46E4-96F1-5B0B29DF47A3}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{799CD8F3-6349-4615-8CDD-F797A272DFA1}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03CFF6A9-1D80-485E-B1A2-08AE8B4DEB4A}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{A132E40F-98F3-4FC3-A365-5024E979F200}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{173B39A3-3274-4857-B8DE-CAE731D3AF4F}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F2B935C6-B142-426D-B358-E35640483838}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{7066876D-8502-48EB-9B7D-53DE3E082F6D}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{ACE69AE6-D9F3-4546-92CB-C9B1D780A2D8}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{DDA159D9-89C6-46DB-B3EF-7E8135EAAC29}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{78B36B72-9282-4255-8CD4-D5E32F2A7C27}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{43067907-7385-43B4-AF58-F477DEC416D1}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{40342DD1-B2B1-43B8-8E62-9502592B00B6}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{44198D15-88CE-4AE3-904B-FA8CE9815B19}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{706D01ED-FF4F-4742-AE48-A18637743381}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{0B0F1ABA-CCB7-4557-BD1B-EC829872CBFE}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{AFE3BD89-D24D-46EF-8231-1D6CB217650D}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2D854BD6-164D-48F9-B819-299F027F07FA}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{55775C88-6F4F-48C2-ADBC-C93FAA9AB4DF}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{F023205A-EEE4-4A5F-8D9B-A9D780EF914B}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F19848DE-2C06-4C8C-813F-2146BC401C2F}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F6443872-AD0A-49AE-9019-E57016C15506}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{BA4F7BF4-0FBB-4D5C-92AD-2988A35DF1A8}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{2AB9301C-F5FC-4F32-B373-F0E626A5C4F3}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{C440DE5F-B46F-447A-BABB-F0D510011455}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{974F07E8-057F-470C-A742-CE0D291AC2CC}] => (Allow) LPort=53
FirewallRules: [{E8E92D17-EF74-49AC-AF1D-700580EBC589}] => (Allow) C:\PROGRA~1\REALTEK\USBWIR~1\RtWlan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{ED76E1B6-E431-4048-BFA9-D10BC3EFF556}] => (Allow) LPort=1542
FirewallRules: [{6D0A5863-CDD9-4C15-AE2A-5F777FF60D9F}] => (Allow) LPort=1542
FirewallRules: [{FB4D5AF6-BE37-4799-8B3E-2BDDC1FF3CD3}] => (Allow) LPort=53
FirewallRules: [{C74A148A-9858-4E34-9123-D3F0E69395CE}] => (Allow) C:\PROGRA~1\REALTEK\USBWIR~1\Rtldhcp.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{03930836-00DD-4193-98C5-164B87303CDC}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{00997E0A-FDFE-4862-9E10-D6036AF79BF3}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{3DACF7BA-7E1B-4E33-A29B-A8AC902BE7A4}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F4B8BEC0-D58D-4DEB-A2D9-D4A303C7AFB5}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{6FE6DF7A-FA42-477E-9A95-1E3B173A8EFF}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{9E757D98-D70C-4797-9E6A-9937AF24A47B}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{82596C9B-0270-41D1-BC0A-4A0661BBFD12}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware VMCI Host Device
Description: VMware VMCI Host Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: vmci
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (03/20/2019 02:02:21 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo C:\Windows\System32\msvcrt.dll por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Explorador de Windows por este error.

Programa: Explorador de Windows
Archivo: C:\Windows\System32\msvcrt.dll

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:C0000185
Tipo de disco: 3

Error: (03/20/2019 02:02:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: explorer.exe, versión: 6.1.7601.23537, marca de tiempo: 0x57c44cc4
Nombre del módulo con errores: msvcrt.dll, versión: 7.0.7601.17744, marca de tiempo: 0x4eeaf722
Código de excepción: 0xc0000006
Desplazamiento de errores: 0x00014f10
Id. del proceso con errores: 0xc90
Hora de inicio de la aplicación con errores: 0x01d4df1cd418fca4
Ruta de acceso de la aplicación con errores: C:\Windows\explorer.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\msvcrt.dll
Id. del informe: 654310f2-4b10-11e9-a92b-00269e9eb835

Error: (03/20/2019 08:46:53 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo C:\Windows\System32\VAN.dll por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Explorador de Windows por este error.

Programa: Explorador de Windows
Archivo: C:\Windows\System32\VAN.dll

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:C0000185
Tipo de disco: 3

Error: (03/20/2019 08:46:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 6.1.7601.23537, marca de tiempo: 0x57c44cc4
Nombre del módulo con errores: USER32.dll, versión: 6.1.7601.23594, marca de tiempo: 0x58249e2b
Código de excepción: 0xc0000006
Desplazamiento de errores: 0x0000a189
Id. del proceso con errores: 0x578
Hora de inicio de la aplicación con errores: 0x01d4def005328342
Ruta de acceso de la aplicación con errores: C:\Windows\Explorer.EXE
Ruta de acceso del módulo con errores: C:\Windows\system32\USER32.dll
Id. del informe: 5388a05d-4ae4-11e9-8822-00269e9eb835

Error: (03/20/2019 08:46:05 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo C:\Windows\System32\dwmcore.dll por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Administrador de ventanas del escritorio por este error.

Programa: Administrador de ventanas del escritorio
Archivo: C:\Windows\System32\dwmcore.dll

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:C0000185
Tipo de disco: 3

Error: (03/20/2019 08:46:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Dwm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc225
Nombre del módulo con errores: dwmcore.dll, versión: 6.1.7601.18917, marca de tiempo: 0x559eb13e
Código de excepción: 0xc0000006
Desplazamiento de errores: 0x0007cd12
Id. del proceso con errores: 0x58c
Hora de inicio de la aplicación con errores: 0x01d4def0057529c9
Ruta de acceso de la aplicación con errores: C:\Windows\system32\Dwm.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\dwmcore.dll
Id. del informe: 3722cec8-4ae4-11e9-8822-00269e9eb835

Error: (03/20/2019 08:46:02 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo C:\Windows\System32\spoolsv.exe por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Aplicación de subsistema de cola por este error.

Programa: Aplicación de subsistema de cola
Archivo: C:\Windows\System32\spoolsv.exe

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:C0000185
Tipo de disco: 3

Error: (03/20/2019 08:46:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: spoolsv.exe, versión: 6.1.7601.24000, marca de tiempo: 0x5a4993e0
Nombre del módulo con errores: spoolsv.exe, versión: 6.1.7601.24000, marca de tiempo: 0x5a4993e0
Código de excepción: 0xc0000006
Desplazamiento de errores: 0x00038905
Id. del proceso con errores: 0x5c8
Hora de inicio de la aplicación con errores: 0x01d4def005ae4ad0
Ruta de acceso de la aplicación con errores: C:\Windows\System32\spoolsv.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\spoolsv.exe
Id. del informe: 34d6dae4-4ae4-11e9-8822-00269e9eb835


System errors:
=============
Error: (03/20/2019 08:59:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/20/2019 08:59:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/20/2019 08:59:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/20/2019 08:57:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/20/2019 08:57:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/20/2019 08:57:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/20/2019 08:52:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/20/2019 08:52:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.


Windows Defender:
===================================
Date: 2010-09-28 21:22:06.698
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:[email protected]\Software\GabPath;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-09-28 21:03:10.518
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:[email protected]\Software\GabPath;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-09-28 18:17:29.028
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:[email protected]\Software\GabPath;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-09-25 22:23:22.865
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:[email protected]\Software\GabPath;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\Servicio de red
Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe

Date: 2010-09-19 15:29:52.460
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\gabpath.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;process:pid:6200;regkey:[email protected]\Software\GabPath;regkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:[email protected]\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2010-05-13 22:04:31.901
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070003
Descripción de error:El sistema no puede encontrar la ruta especificada. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 46%
Total physical RAM: 2974.93 MB
Available physical RAM: 1601.34 MB
Total Virtual: 5948.22 MB
Available Virtual: 4753.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:455.38 GB) (Free:274.57 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.38 GB) (Free:1.74 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D58413DB)
Partition 1: (Active) - (Size=455.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
#20

Esto era lo que faltaba del eset:

20/03/2019 13:06:17
Archivos explorados: 524010
Archivos infectados: 12
Amenazas eliminadas: 12
Tiempo total de exploración 04:07:44
Estado de la exploración: Finalizado
#21

En cuanto revise te doy respuesta…

De Eset falta mas…pues no se ve que elimino de amenazas…

Pegalo entero de nuevo