Ordenador lento que no deja iniciar bien!

Reporte de FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2019
Ran by admin (administrator) on ADMIN1 (Hewlett-Packard ) (24-04-2019 18:43:59)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG) [File not signed]
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [206128 2008-10-10] (Hewlett-Packard Company ->  Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-09-23] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [69216 2006-12-06] (CyberLink -> Cyberlink Corp.) [File not signed]
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-02-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] (DivX, LLC -> )
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [jswtrayutil] => C:\Program Files\Jumpstart\jswtrayutil.exe [528384 2008-09-26] (Atheros Communications, Inc.) [File not signed]
HKLM\...\RunOnce: [ZHPCleaner_File1] => CMD /c DEL "C:\Users\admin\AppData\Local\Temp\IMG118E.tmp" /F /Q <==== ATTENTION
HKLM\...\RunOnce: [ZHPCleaner] => C:\Users\admin\AppData\Roaming\ZHP\ZHPCleaner.txt [2881 2019-04-24] () [File not signed]
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [147456 2007-01-15] (Nero AG) [File not signed]
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company) [File not signed]
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [653440 2018-04-26] (OpenVPN Technologies, Inc. -> )
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] => C:\Program Files\Google\Chrome\Application\chrome.exe [1544176 2019-04-04] (Google LLC -> Google Inc.)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Run: [Norton Download Manager{NIS2281014-SHPD-FSD57026}] => C:\Users\Public\Downloads\Norton\{NIS2281014-SHPD-FSD57026}\NISFSD.exe [1107280 2016-11-25] (Symantec Corporation -> Symantec Corporation)
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [130048 2008-12-07] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [118784 2007-09-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [67584 2009-02-09] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{f614806b-ce60-40cd-990f-e8e07df79e49}] -> 

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BAA1A8-CA9B-4035-A835-BB1386D76A8C} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe
Task: {21565C3E-C991-43A6-8FAE-5D17151143AF} - System32\Tasks\RunAsStdUser Task => C:\Program Files\MossySky\bin\1.0.16.0\MossySkySA.exe
Task: {2D5B17C4-600C-4C2F-97A9-F93B3442B51C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3131F4B4-D836-459B-A92E-7A19EEA24804} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [17976 2011-03-22] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {3CA2E419-7077-492C-AF98-07D7132DE620} - System32\Tasks\{3AD7D87D-2E0A-4731-9E17-6520562FB380} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Downloads\wifiway-2.0.1definitivisimo\dumpeer v.80\JumpStart\setup.exe" -d "C:\Users\admin\Downloads\wifiway-2.0.1definitivisimo\dumpeer v.80\JumpStart"
Task: {4B807266-8D7E-448D-8CCA-F51C0290B7FA} - System32\Tasks\{FC0C6388-83E9-4E1D-B4CF-6A8B5BD9AC4A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\EA Sports\FIFA 11\Support\FIFA 11_uninst.exe" -d "C:\Program Files\EA Sports\FIFA 11\Support"
Task: {5CECDB8E-4984-459D-B851-A4C94414C830} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5E1CFB6A-CC44-4CDA-9BFE-6B829AA744CB} - System32\Tasks\{517ACB3D-2BB7-4511-B8FD-D89DEC7A01D2} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Downloads\sapientest\sapienstest\INSTALAR [email protected]" -d C:\Users\admin\Downloads\sapientest\sapienstest
Task: {689D75DB-4F13-444F-BB61-7ECEF6CC3668} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [727608 2011-06-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {69FF88EF-B203-45BD-B248-0A420553626B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-22] (Google Inc -> Google Inc.)
Task: {7231F2A4-EF11-4A6F-8300-BD0D15F8163B} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [1248312 2011-08-11] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {73065355-E18A-4A2E-843A-B4F79B51E4FC} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [1346024 2015-08-06] (Symantec Corporation -> Symantec Corporation)
Task: {78710BB3-CC7D-47D5-8A70-783B17011FE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-22] (Google Inc -> Google Inc.)
Task: {792D9ADB-E90E-48D8-A68F-9A7F85F69DFA} - System32\Tasks\Microsoft\Office Genuine Advantage\OGALogon => C:\Windows\system32\OGAExec.exe [230768 2009-08-03] (Microsoft Corporation -> )
Task: {830174E5-EA23-4651-9C34-E2AFF8F51AA8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [739232 2012-10-18] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {87B60643-0881-441D-A229-EF849D53CA5D} - System32\Tasks\{4F55587D-550E-4A25-BBEF-4F04D3762697} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Desktop\Norton Internet security 2010 +TrialReset 2010 v1.5.0 (Cracked by BOX!)\Norton Trial Reset v2.9.6\Desinstalar version anterior Norton\Norton_Removal_Tool.exe" -d "C:\Users\admin\Desktop\Norton Internet security 2010 +TrialReset 2010 v1.5.0 (Cracked by BOX!)\Norton Trial Re (the data entry has 47 more characters).
Task: {8E43E177-8D47-4DDC-9F85-290CCBA95622} - System32\Tasks\{18896D9A-6CFC-427D-A0D7-93F0ED22F58E} => C:\Windows\system32\pcalua.exe -a C:\Users\admin\Desktop\psp\escaner\lide20lide30n670un676un1240uvst7031a_xpen\SetupSG.exe -d C:\Users\admin\Desktop\psp\escaner\lide20lide30n670un676un1240uvst7031a_xpen
Task: {92295D95-B97E-412B-860E-8C940A13B444} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe
Task: {9F55FF20-A285-424E-88B8-BF4F9BA7C0B7} - System32\Tasks\{510CFE89-EC22-432D-BB12-15C074B96058} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\KONAMI\Pro Evolution Soccer 2010\kitserver\setup.exe" -d "C:\Program Files\KONAMI\Pro Evolution Soccer 2010\kitserver"
Task: {A6139324-0089-4541-B7D4-1A54D40F0B2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [7120952 2011-06-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {AABFE75A-615B-4230-AAEE-3E143BEC6FB3} - System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series => C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2551656 2010-11-16] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {AFAEDAB5-550E-4CB5-99A2-831761830182} - System32\Tasks\PresentationSettingsTurnOff_admin1_admin => C:\Windows\system32\PresentationSettings.exe
Task: {CE31E1AF-DAFD-46E8-BB93-68A344D62F15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [7120952 2011-06-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {E8B28D26-B7EC-4D9B-BF1E-BE993122BC59} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [1295832 2012-06-08] (Symantec Corporation -> Symantec Corporation)
Task: {EA655102-F8D5-4110-B8B9-4775A332026A} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [1295832 2012-06-08] (Symantec Corporation -> Symantec Corporation)
Task: {F74C94AC-9E02-44E3-AD92-E1B589EB796E} - System32\Tasks\{7D322BA4-F9B2-47DE-A7AB-FFEF7EBE8941} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Downloads\Spain Euro 2012 Kit Pack\Spain Euro 2012 Kit Pack\Spain EURO 2012 Kit Pack.exe" -d "C:\Users\admin\Downloads\Spain Euro 2012 Kit Pack\Spain Euro 2012 Kit Pack"
Task: {FB6D6DE1-1B70-4D60-9069-11466E0F8B23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\admin\Desktop\adwcleaner_7.3.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{4165F51C-9647-45B1-AE74-D0E4A16C2B5F}: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{6CD76D63-47AA-47B4-868B-AAB0719B31B5}: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{8538EDBD-D70C-43EE-967B-FAC6ECA67512}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{A05CFFE5-198E-4776-B3CF-0285633DFC78}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E9C9B02D-F143-49A6-82B7-18636DDE5F53}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FB88D55D-4B3C-4867-88BD-3380C0BDEAF0}: [DhcpNameServer] 80.58.61.250 80.58.61.254

Internet Explorer:
==================
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_es&c=91&bd=Presario&pf=cnnb
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
SearchScopes: HKLM -> {58075C17-0D4C-4BC2-8526-503C960426BD} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1127&query={searchTerms}&invocationType=tb50hpcnnbie7-es-es
SearchScopes: HKLM -> {943224BF-1A7E-4565-821B-45CC7732E7C4} URL = hxxp://es.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913937
SearchScopes: HKLM -> {D3361F76-187D-4FC8-A363-94C9B5452926} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC -> DivX, LLC)
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation -> Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31] (Symantec Corporation -> Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02] (AOL LLC -> AOL LLC)
BHO: Windows Live Aplicación auxiliar de inicio de sesión -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02] (AOL LLC -> AOL LLC)
Toolbar: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {01113300-3E00-11D2-8470-0060089874ED} hxxp://web.atar.rima-tde.net/sdccommon/download/tgctlcm.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {B6F0855B-A06D-498B-A537-80AFF04A1B4E} hxxps://www.movistar.es/o1/http/WSClient.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldes-es.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.1.14\coFFAddon => not found
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\IPSFFPlgn
FF Extension: (Symantec IPS) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\IPSFFPlgn [2019-01-04] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\coFFPlgn_2011_7_13_2
FF Extension: (Norton Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\coFFPlgn_2011_7_13_2 [2019-04-24] [Legacy] [not signed]
FF HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\admin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.) [File not signed]
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC -> DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [No File]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-05-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @pandasecurity.com/activescan -> C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll [2010-07-27] (Panda Security S.L -> Panda Security, S.L.)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) [File not signed]
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype Software Sarl -> Skype)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin: @veoh.com/VeohPlayer -> C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll [2008-04-01] (Veoh Networks Inc) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-07-30] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3387845806-4141466983-921437045-1000: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\admin\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3387845806-4141466983-921437045-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\admin\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3387845806-4141466983-921437045-1000: RSATom.name/FBVLC -> C:\Users\admin\AppData\Roaming\RSATom\FBVLC\0081A1~1.7\npFBVLC.dll [2013-10-09] (RSATom) [File not signed]

Continuación…

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://www.aemet.es/favicon.ico
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2019-04-24]
CHR Extension: (Presentaciones) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-22]
CHR Extension: (Documentos) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-22]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-22]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-22]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-20]
CHR Extension: (Tampermonkey) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-03-22]
CHR Extension: (ZenMate VPN - Mejor seguridad para Internet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2019-03-22]
CHR Extension: (Hojas de cálculo) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-22]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-23]
CHR Extension: (VXG Media Player) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncknjnnbahamgpjoafdebabmoamcnni [2019-03-22]
CHR Extension: (Agencia Estatal de Meteorología - AEM...) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhgepamdboolgoocpmekmpknhjohchbf [2019-03-24]
CHR Extension: (Player para ver Movistar+) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2019-03-22]
CHR Extension: (Ace Script) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-03-30]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-22]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-22]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-22]
CHR Extension: (Llamadas de Skype) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk [2019-03-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKU\S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icdlolokpejjhocomjelllhkhoeedlgf] - C:\Program Files\DivX Flash Codec\flash2.crx [2013-01-05]
CHR HKU\S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ifdhgolccnkcbgpclpngdpjfahlnalig] - C:\Program Files\Viderio\viderio.crx <not found>
CHR HKU\S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [81920 2009-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Software AS -> EasyBits Sofware AS) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 jswpbapi; C:\Program Files\Jumpstart\jswpbapi.exe [188416 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S3 jswpsapi; C:\Program Files\Jumpstart\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S2 NIS; C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation -> Symantec Corporation)
S3 NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG) [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. ->  )
S2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64128 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64128 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S2 Realtek87B; C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [File not signed]
S2 RealtekWlanU; C:\Program Files\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-12-23] (SoftThinks -> )
S2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] (CyberLink -> )
S2 RTLDHCPService; C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
S2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S2 SupportSoft RemoteAssist; C:\Program Files\Common Files\supportsoft\bin\ssrc.exe [386424 2009-11-06] (SupportSoft, Inc. -> SupportSoft, Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S2 tgsrvc_telefonica; C:\Program Files\Telefonica\bin\tgsrvc.exe [148768 2009-11-06] (SupportSoft, Inc. -> SupportSoft, Inc.)
S4 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [86096 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S4 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [358480 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S4 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719416 2013-08-26] (VMware, Inc. -> VMware, Inc.)
S4 VMware NAT Service; C:\Windows\system32\vmnat.exe [437328 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-14] () [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1172992 2009-09-22] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20190422.001\BHDrvx86.sys [1421016 2019-03-05] (Symantec Corporation -> Symantec Corporation)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2009-12-18] (Intel(R) Graphics DSS -> )
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-03-18] (DT Soft Ltd -> DT Soft Ltd)
S1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [399568 2019-01-25] (Symantec Corporation -> Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [122064 2019-03-27] (Symantec Corporation -> Symantec Corporation)
S2 hcmon; C:\Windows\system32\drivers\hcmon.sys [43192 2013-08-26] (VMware, Inc. -> VMware, Inc.)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [16768 2007-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Development Company, L.P.)
S1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20190419.063\IDSvix86.sys [1092832 2019-01-25] (Symantec Corporation -> Symantec Corporation)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [8746496 2010-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [127488 2010-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R1 jswpslwf; C:\Windows\System32\DRIVERS\jswpslwf.sys [20384 2008-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-04-24] (Malwarebytes Corporation -> Malwarebytes)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20190423.002\NAVENG.SYS [104656 2019-03-04] (Symantec Corporation -> Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20190423.002\NAVEX15.SYS [1649232 2019-03-04] (Symantec Corporation -> Symantec Corporation)
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S0 pavboot; C:\Windows\System32\drivers\pavboot.sys [28552 2009-06-30] (Panda Security S.L -> Panda Security, S.L.)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2006-10-02] (Padus, Inc.) [File not signed]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh86.sys [138240 2008-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3127000 2014-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 RTSTOR; C:\Windows\System32\drivers\RTSTOR.SYS [60416 2008-12-29] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2009-10-31] (Duplex Secure Ltd -> Duplex Secure Ltd.)
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1207020.003\SRTSP.SYS [516216 2011-03-31] (Symantec Corporation -> Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NIS\1207020.003\SRTSPX.SYS [50168 2011-03-31] (Symantec Corporation -> Symantec Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 STHDA; C:\Windows\System32\DRIVERS\stwrt.sys [423424 2010-03-23] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R0 SymDS; C:\Windows\System32\drivers\NIS\1207020.003\SYMDS.SYS [340088 2011-01-27] (Symantec Corporation -> Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1207020.003\SYMEFA.SYS [744568 2011-03-15] (Symantec Corporation -> Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [126584 2019-01-03] (Symantec Corporation -> Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NIS\1207020.003\Ironx86.SYS [136312 2011-01-27] (Symantec Corporation -> Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NIS\1207020.003\SYMNETS.SYS [299640 2011-04-21] (Symantec Corporation -> Symantec Corporation)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [41976 2017-04-21] (Windscribe Limited -> The OpenVPN Project)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25808 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [17104 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37456 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S3 vmusb; C:\Windows\System32\DRIVERS\vmusb.sys [31928 2013-08-26] (VMware, Inc. -> VMware, Inc.)
S2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [65488 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [13560 2006-11-02] (CyberLink -> Cyberlink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-24 18:43 - 2019-04-24 18:46 - 000042132 _____ C:\Users\admin\Desktop\FRST.txt
2019-04-24 18:43 - 2019-04-24 18:43 - 000000000 ____D C:\Users\admin\Desktop\FRST-OlderVersion
2019-04-24 18:34 - 2019-04-24 18:34 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-24 13:35 - 2019-04-24 13:35 - 007666296 _____ (ESET spol. s r.o.) C:\Users\admin\Desktop\ESETOnlineScanner_ESL.exe
2019-04-24 11:08 - 2019-04-24 18:43 - 000000000 ____D C:\FRST
2019-04-24 11:07 - 2019-04-24 18:43 - 001788928 _____ (Farbar) C:\Users\admin\Desktop\FRST.exe
2019-04-24 10:50 - 2019-04-24 18:35 - 000413862 _____ C:\Windows\ntbtlog.txt
2019-04-24 10:48 - 2019-04-24 10:48 - 000002878 _____ C:\Users\admin\Desktop\ZHPCleaner (R).txt
2019-04-24 10:46 - 2019-04-24 10:46 - 000002768 _____ C:\Users\admin\Desktop\ZHPCleaner (S).txt
2019-04-24 10:18 - 2019-04-24 10:18 - 003133312 _____ C:\Users\admin\Desktop\ZHPCleaner.exe
2019-04-24 09:30 - 2019-04-24 12:46 - 000000280 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-04-24 09:28 - 2019-04-24 09:30 - 000000000 ____D C:\AdwCleaner
2019-04-24 09:27 - 2019-04-24 09:27 - 007025360 _____ (Malwarebytes) C:\Users\admin\Desktop\adwcleaner_7.3.exe
2019-04-09 21:38 - 2019-04-09 21:38 - 000096456 _____ C:\Users\admin\Downloads\resource.language.es_es-3.0.15.zip
2019-04-08 23:27 - 2019-04-08 23:27 - 002486077 _____ C:\Users\admin\Downloads\Rpts completa FUNCIONARIOS .pdf
2019-03-30 15:47 - 2019-03-30 15:55 - 086412328 _____ C:\Users\admin\Downloads\Ace_Stream_Media_3.1.32.exe
2019-03-27 22:17 - 2019-03-27 22:17 - 001324062 _____ C:\Users\admin\Downloads\tratamientos_selvicolas PLAN FORESTAL 1989.pdf
2019-03-26 21:39 - 2019-03-31 17:22 - 000000975 _____ C:\DelFix.txt
2019-03-26 21:39 - 2019-03-26 21:39 - 000000000 ____D C:\Windows\ERUNT

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-24 18:28 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-24 18:24 - 2009-10-10 19:04 - 000000000 ____D C:\Users\admin\Desktop\Norton Internet security 2010 +TrialReset 2010 v1.5.0 (Cracked by BOX!)
2019-04-24 12:19 - 2009-08-07 07:19 - 000768926 _____ C:\Windows\system32\perfh00A.dat
2019-04-24 12:19 - 2009-08-07 07:19 - 000166660 _____ C:\Windows\system32\perfc00A.dat
2019-04-24 12:19 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-04-24 12:19 - 2008-05-06 20:42 - 001724816 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-24 10:48 - 2019-03-20 14:13 - 000000000 ____D C:\Users\admin\AppData\Roaming\ZHP
2019-04-24 09:59 - 2009-10-08 15:15 - 000000000 ____D C:\Users\admin\Tracing
2019-04-24 09:58 - 2010-06-06 14:29 - 000000000 ____D C:\Windows\Minidump
2019-04-24 09:58 - 2009-11-04 23:22 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2019-04-24 09:33 - 2008-05-06 20:41 - 000000286 _____ C:\ProgramData\hpqp.ini
2019-04-24 00:33 - 2009-11-11 21:26 - 000000000 ____D C:\Program Files\CCleaner
2019-04-24 00:28 - 2015-12-27 13:26 - 000000000 ____D C:\Users\admin\AppData\Roaming\Skype
2019-04-23 23:50 - 2009-07-14 06:53 - 000032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-23 23:20 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\NDF
2019-04-23 18:57 - 2018-12-06 18:32 - 000000000 ____D C:\Users\admin\AppData\Roaming\Kodi
2019-04-23 14:08 - 2008-05-06 19:36 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-23 14:08 - 2008-05-06 19:36 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-21 14:05 - 2012-07-21 11:59 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2019-04-16 19:29 - 2012-03-23 21:23 - 000000000 ____D C:\Users\admin\AppData\Roaming\HpUpdate
2019-04-15 21:18 - 2008-05-06 19:39 - 000000000 ____D C:\Users\admin
2019-04-11 16:16 - 2016-11-05 16:13 - 000000123 _____ C:\Users\admin\Documents\peliculas.txt
2019-04-11 11:30 - 2019-03-22 19:08 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 11:30 - 2019-03-22 19:08 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-09 13:31 - 2012-04-01 13:34 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-04-09 13:31 - 2011-05-16 23:06 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-04-09 13:31 - 2009-03-03 08:18 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-31 17:22 - 2011-06-26 14:51 - 000000000 ____D C:\Program Files\Trend Micro
2019-03-30 15:44 - 2016-01-19 18:01 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2019-03-26 22:10 - 2010-12-27 10:39 - 000475136 ___SH C:\Users\admin\Documents\Thumbs.db

==================== Files in the root of some directories =======

2016-04-19 20:36 - 2018-12-02 19:48 - 000029184 ___SH () C:\Users\admin\AppData\Roaming\Thumbs.db
2009-10-23 10:55 - 2009-10-23 10:55 - 000024206 _____ () C:\Users\admin\AppData\Roaming\UserTile.png
2018-05-12 18:20 - 2019-02-11 17:20 - 000000600 _____ () C:\Users\admin\AppData\Roaming\winscp.rnd
2012-05-08 16:15 - 2013-05-16 22:52 - 000001456 _____ () C:\Users\admin\AppData\Local\Adobe Guardar para Web 11.0 Prefs
2008-05-06 20:41 - 2008-05-06 20:41 - 000000000 _____ () C:\Users\admin\AppData\Local\AtStart.txt
2010-04-30 16:57 - 2016-09-27 00:55 - 000011776 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-05-06 20:41 - 2008-05-06 20:41 - 000000000 _____ () C:\Users\admin\AppData\Local\DSwitch.txt
2008-05-06 20:41 - 2008-05-06 20:41 - 000000000 _____ () C:\Users\admin\AppData\Local\QSwitch.txt
2011-04-28 13:50 - 2013-09-18 18:13 - 000007597 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg

Some zero byte size files/folders:
==========================
C:\Windows\System32\nsprs.dll
C:\Windows\System32\serauth1.dll
C:\Windows\System32\serauth2.dll
C:\Windows\System32\ssprs.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-23 16:32
==================== End of FRST.txt ============================

Reporte Addition:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2019
Ran by admin (24-04-2019 18:46:51)
Running from C:\Users\admin\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2008-05-06 18:40:31)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-3387845806-4141466983-921437045-1000 - Administrator - Enabled) => C:\Users\admin
Administrador (S-1-5-21-3387845806-4141466983-921437045-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3387845806-4141466983-921437045-1002 - Limited - Enabled)
Invitado (S-1-5-21-3387845806-4141466983-921437045-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Projector Gateway (HKLM\...\Acer Projector Gateway_is1) (Version:  - )
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.171 - Adobe)
Adobe Photoshop CS6 (HKLM\...\{1D106581-6726-4D1B-ABEC-0CA02410F24F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.2 (HKLM\...\{12A54F16-7F2E-4D42-BBCA-E0CC3CBF0457}) (Version: 5.2.1 - Adobe)
Adobe Reader 9.4.6 - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-A94000000001}) (Version: 9.4.6 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC)
Ares 2.2.4 (HKLM\...\Ares) (Version: 2.2.4-Build#3048 - Ares Development Group)
Art Effects for PDR10 (HKLM\...\NewBlue Art Effects for PDR10) (Version: 2.0 - NewBlue)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 7.7 - Atheros)
AutoCAD 2008 - Español (HKLM\...\{5783F2D7-6001-040A-0002-0060B0CE6BBA}) (Version: 17.1.51.0 - Autodesk) Hidden
AutoCAD 2008 - Español (HKLM\...\AutoCAD 2008 - Español) (Version: 17.1.51.0 - Autodesk)
Autodesk DWF Viewer 7 (HKLM\...\{9A346205-EA92-4406-B1AB-50379DA3F057}) (Version: 7.2.0 - Autodesk, Inc.)
AXIS Media Control Embedded (HKLM\...\AXIS Media Control Embedded) (Version:  - )
AXIS Media Control Embedded Installer (HKLM\...\{FD727056-F0C4-4811-9688-9EBF450D22C4}) (Version: 4.1.4 - Axis Communications)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM\...\DPP) (Version: 3.8.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities Original Data Security Tools (HKLM\...\Original Data Security Tools) (Version: 1.8.0.1 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
CanoScan Toolbox Ver4.1 (HKLM\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version:  - )
Capicom 2.1.0.2 FNMT-RCM (HKLM\...\{E06DBD80-CD9B-4A3F-BD83-ED1AA4CB1E3A}) (Version: 1.00.0000 - FNMT-RCM)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compresor WinRAR (HKLM\...\WinRAR archiver) (Version: 4.20 Beta 3 (64 Bits) - )
Configurador_FNMT (HKLM\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.5 - FNMT-RCM)
Counter-Strike 1.0 (HKLM\...\Counter-Strike) (Version: 1.0 - )
Counter-Strike 1.6 (HKLM\...\Counter-Strike 1.6) (Version:  - )
Cuadro de mensaje de excepción de Microsoft (HKLM\...\{B194E30B-22C6-4FEA-A4A9-D839E243D31D}) (Version: 9.00.5000.00 - Microsoft Corporation) Hidden
CutePDF Printer Setup (HKLM\...\CutePDF Port Monitor) (Version:  - )
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2424 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.1129b - CyberLink Corp.)
CyberLink WaveEditor (HKLM\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2512 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
DivX Flash Codec version 12.6.402.278 (HKLM\...\DivX Flash Codec_is1) (Version: 12.6.402.278 - )
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM\...\dreamboxEDIT) (Version:  - )
eMule (HKLM\...\eMule) (Version: 0.50a - )
Estudio de mejora de productos de HP Deskjet 1000 J110 series (HKLM\...\{D8449AEE-63A2-42CF-AA83-BDC99C91EF81}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FireBreathed VLC (HKLM\...\{C316CD29-2158-4F0A-8A76-5C297AABC97B}) (Version: 0.0.7 - RSATom)
Galería fotográfica de Windows Live (HKLM\...\{A7BBE3D6-F19A-40E6-96EC-84E1DC88F262}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Hewlett-Packard ACLM.NET v1.1.1.0 (HKLM\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Deskjet 1000 J110 series Ayuda (HKLM\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Quick Launch Buttons 6.40 M1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 M1 - Hewlett-Packard)
HP Support Assistant (HKLM\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.5991.2847 - Hewlett-Packard)
HP Total Care Setup (HKLM\...\{95A747E0-DF19-46CB-A622-20A0107201BD}) (Version: 1.1.2413.2876 - Hewlett-Packard Company)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HP User Guides 0138 (HKLM\...\{17050C48-16CB-4500-A102-CEAD750CE11E}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{E5E29403-3D25-40C6-892B-F9FEE2A95585}) (Version: 3.50 A6 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6140.0 - IDT)
Instalación de DivX (HKLM\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
IPTViewr para movistar+ 1.5 “Kruger 60” alpha 4 (HKLM\...\{5BE7CB08-BCB3-44A2-9B29-AFF68FF70249}) (Version: 1.5.40.0 - hxxp://movistartv.codeplex.com)
Java 7 Update 7 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Jumpstart Installation Program (HKLM\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version:  - Atheros)
K-Lite Mega Codec Pack 4.6.2 (HKLM\...\KLiteCodecPack_is1) (Version: 4.6.2 - )
Kodi (HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Kodi) (Version:  - XBMC-Foundation)
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1224 - CyberLink Corp.) Hidden
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1224 - CyberLink Corp.)
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Magic Desktop (HKLM\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Matemáticas de Microsoft (HKLM\...\{07143840-959A-4B0D-8825-2C533F0DDB19}) (Version: 2007 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ESN (HKLM\...\{A0B1FC80-5965-4021-9048-5FA9590D535C}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Student con Encarta Premium 2009 (HKLM\...\{09141881-2C94-4A67-8E55-8483C019C7D2}) (Version: 2009 - Microsoft Corporation)
Microsoft Sync Framework for Devices CTP1 (HKLM\...\{D0077228-CFBE-4BFF-99CB-3D8B23709175}) (Version: 0.94.1210.0 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}) (Version: 7.0.35.7918 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Nero 7 Ultra Edition (HKLM\...\{9A3D392C-B0BB-400A-A761-4B1497911034}) (Version: 7.02.4717 - Nero AG)
Norton Internet Security (HKLM\...\NIS) (Version: 18.7.2.3 - Symantec Corporation)
Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
Octave UPM R8.2 (HKLM\...\Octave UPM R8.2) (Version: R8.2 - )
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenVPN 2.4.6-I602  (HKLM\...\OpenVPN) (Version: 2.4.6-I602 - OpenVPN Technologies, Inc.)
Panda ActiveScan 2.0 (HKLM\...\ActiveScan 2.0) (Version: 01.04.01.0000 - Panda Security)
Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - esn) (Version:  - Microsoft Corporation)
PDF Settings CS6 (HKLM\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerStars (HKLM\...\PokerStars) (Version:  - PokerStars)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2423 - CyberLink Corp.) Hidden
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2423 - CyberLink Corp.)
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2424 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2424 - CyberLink Corp.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.2.2414.0 - CyberLink Corporation)
Pro Cycling Manager - La Vuelta - Temporada 2012 versión 1.3.0. (HKLM\...\Pro Cycling Manager 2012_is1) (Version: 1.3.0.0 - Cyanide)
Pro Evolution Soccer 2010 (HKLM\...\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2013 (HKLM\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2013 Patch 1.01 (HKLM\...\Pro Evolution Soccer 2013 Patch 1.01_is1) (Version:  - Konami Digital Entertainment, Inc)
Pro Evolution Soccer 2014 (HKLM\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.00.0000 - KONAMI)
QGIS Dufour 2.0.1 Dufour (HKLM\...\QGIS Dufour) (Version:  - QGIS Development Team)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20115 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - ALFA NETWORK Inc..)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0253 - REALTEK Semiconductor Corp.)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SimpleTV 0.4.7 r2 (HKLM\...\{7EEB77C3-FDDC-4BC6-9ABA-F4E22B12AC63}_is1) (Version:  - SergeyVS)
Skype Web Plugin (HKLM\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
Software básico del dispositivo HP Deskjet 1000 J110 series (HKLM\...\{0974A4AF-1BE8-416A-885F-47BE510EBA18}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
SPORE Creature Creator Trial Edition (HKLM\...\{ECEE0279-785F-4CB3-9F28-E69813234BF8}) (Version: 1.00.0000 - Electronic Arts)
SPSS 15.0 para Windows (HKLM\...\{471F79CC-41F5-458F-B768-7F687F97B6EC}) (Version: 15.0.1 - SPSS Inc.)
SupportSoft ActiveX Controls 20091106_Cli (HKLM\...\{C5DB0A18-F6BA-47D2-A91C-33BF849D2748}) (Version: 15 - SupportSoft)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.1.0.0 - Synaptics)
System Requirements Lab for Intel (HKLM\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Tennis Elbow 2011 1.0c (HKLM\...\Tennis Elbow 2011) (Version: 1.0c - Mana Games)
Total Video Converter 3.71 100812 (HKLM\...\Total Video Converter 3.71_is1) (Version:  - EffectMatrix Inc.)
Tusor's Ultimate Patch (HKLM\...\Tusor's Ultimate Patch) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2627.4) (HKLM\...\{5545EEE9-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VeohTV BETA (HKLM\...\{0405E51E-9582-4207-8F38-AC44201D3808}) (Version: 3.9.1 - Veoh Networks, Inc.) Hidden
VeohTV BETA (HKLM\...\InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}) (Version: 3.9.1 - Veoh Networks, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Player (HKLM\...\{E452E727-86B8-4233-8CC3-41FD817AFAFF}) (Version: 6.0.0 - VMware, Inc.) Hidden
VMware Player (HKLM\...\VMware_Player) (Version: 6.0.0 - VMware, Inc)
Windows Live Asistente para el inicio de sesión (HKLM\...\{7593234B-2AEB-4FC9-B02D-C9B30D86084C}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{914DD274-9C5D-44CA-9AC7-12B8D2D4DA08}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinSCP 5.13 (HKLM\...\winscp3_is1) (Version: 5.13 - Martin Prikryl)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2008\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{52D4E39E-6CBD-524B-9922-E932946F6D1E}\InprocServer32 -> C:\Users\admin\AppData\Roaming\RSATom\FBVLC\0.0.7\npFBVLC.dll (RSATom) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{5E2663C1-51B3-49B7-B081-70181C2AF816}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD 2008\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2008\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{88007BE6-7171-46F0-858B-852DAD96016D}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{AFA95F79-06AC-4B9A-B261-D415063DC2B3}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2008\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{F69B7E4A-4A83-4485-8860-85DAA196D745}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
ShellExecuteHooks: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll [51656 2010-01-15] (EasyBits Software AS -> EasyBits Software Corp.) [File not signed]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [Identif. de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2007-02-12] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files\Common Files\Autodesk Shared\dwf Common\DWFShellExtension.dll [2006-11-09] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-01-08] (Nero AG) [File not signed]
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\NavShExt.dll [2012-06-08] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => C:\Program Files\Total Video Converter\TVCShellExt.dll [2010-07-29] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-01-17] () [File not signed]
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\NavShExt.dll [2012-06-08] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers2: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files\VMware\VMware Player\vmdkShellExt.dll [2013-08-27] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-01-17] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\NavShExt.dll [2012-06-08] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-01-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\admin\Downloads\SimpleTV (2.1.5)\work\Channel\logo\logo - Ярлык.lnk -> E:\PortableApps\SimpleTV Pre\work\Channel\logo (No File) <==== Cyrillic

ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\VXG Media Player.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google Inc.) ->  --profile-directory=Default --app-id=hncknjnnbahamgpjoafdebabmoamcnni

==================== Loaded Modules (Whitelisted) ==============

2013-06-03 14:34 - 2010-11-20 04:20 - 000988160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\PROPSYS.dll
2011-06-18 12:50 - 2011-06-18 12:50 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2011-06-18 12:50 - 2011-06-18 12:50 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2003-02-21 14:42 - 2003-02-21 14:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll
2003-03-18 20:12 - 2003-03-18 20:12 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Ahead\Lib\MFC71U.DLL
2003-03-19 06:14 - 2003-03-19 06:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll
2007-01-15 17:15 - 2007-01-15 17:15 - 000073728 _____ (Nero AG) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
2009-10-08 15:24 - 2007-01-17 17:36 - 000129024 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2012-04-07 22:24 - 2010-07-29 18:19 - 000234496 _____ () [File not signed] C:\Program Files\Total Video Converter\TVCShellExt.dll
2007-01-08 14:13 - 2007-01-08 14:13 - 001953792 _____ (Nero AG) [File not signed] C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
2003-03-19 06:20 - 2003-03-19 06:20 - 001060864 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL
2019-03-18 00:05 - 2019-03-22 13:14 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Classes\.scr: AutoCADScriptFile => "C:\Windows\system32\notepad.exe" "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\gob.es -> hxxp://fnmt.gob.es

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-01-31 20:37 - 2019-03-26 21:57 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


2017-02-27 03:19 - 2019-02-18 15:45 - 000000505 _____ C:\Windows\system32\drivers\etc\hosts.ics

Continuación…

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go;C:\Program Files\Common Files\DivX Shared\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.26.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{4B562C7D-02F8-415F-8F83-3EE8966A79C2}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A073BB77-F575-491F-9A89-7DD09EC3F0AA}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B7806DB5-262E-4ABA-87BC-FB599FB612B1}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{9CF9EFBA-68D4-4560-AFCD-8787E45C2ACA}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{E92049E2-64F1-4045-A343-FE1651F5B77F}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{B6A1F378-E965-48D3-9EE7-DBDCC5F4430D}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{8C362369-D4B6-4F75-8466-5B923F424A28}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{E2B04E01-5CB6-4E32-BA50-49811514DEFA}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{2B8CF920-D4F9-4E6C-9296-BB780264A9EC}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{11DC1FB0-BCC9-436E-9AEE-0F515AF67520}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{43BE490E-951A-4F13-9C06-79A1D1A16DC0}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{AF869DE1-8605-45F5-8921-93C8E9130EB6}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{CDEFC28F-2746-41A5-AF87-DD0C26756353}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{5A796B94-7D66-462A-AA81-C0D39389E1BC}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{39C962BB-8303-40FE-9859-4976F6FD5D18}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [{AFAECF47-F2C1-4F0B-851A-8C6239161764}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [{14C574B1-4005-4C0C-BE2C-575736127C86}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [{E82F772C-314E-4E56-969C-229A41A4C1D7}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [UDP Query User{A977BB7D-EEB1-4923-9732-A4D0ADD03080}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [TCP Query User{26CE9AB7-945E-4C40-B917-D5784F2F412D}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [UDP Query User{9EB37DC6-325F-4BA4-B77D-2783F8EFE955}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [TCP Query User{10545477-4592-4D1D-BA44-7C3B44351694}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [{65BDF675-FDE7-40F0-9DA4-40B10B79BBE6}] => (Allow) C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{2AFE4CCF-2A20-4296-9A36-38E08D18FA7C}] => (Allow) C:\Program Files\HP\QuickPlay\QP.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{79C8F8A2-C4F1-4D38-A01B-C6584C25CDE0}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [TCP Query User{C66BDE64-A7A0-40D7-8A52-25E6EFA2F969}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [UDP Query User{059878F3-9520-4DB9-923E-4576260F3A27}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [TCP Query User{727B0E39-6633-44E3-828F-635C4941632D}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [UDP Query User{D085809E-6450-459B-B0C3-439CBF9EC607}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [{7C8AB61B-8E2C-4911-85B6-13092241B31F}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{419F5789-6B7A-415F-955E-AA7894BA296A}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A1799263-8688-4BA2-97B0-221F09C5F689}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40683AB7-AA03-44C4-97F9-DEABF8FFE24F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A37A95E9-93EF-4B28-9AEE-C0D1ACAEFEA0}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C2DE80A-08F2-41FB-A352-9588090FFADE}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ED89A0B3-F828-45A6-8FD2-455A04653C17}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{042E2E6E-E123-47BC-ACE4-501EDB71186F}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{4EF24FF5-8409-4570-A55A-E09331D3C66B}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\PCM.exe (Focus Home Interactive -> Cyanide)
FirewallRules: [{E9A3582D-ADBD-4417-9186-B799D5A1DC1D}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\PCM.exe (Focus Home Interactive -> Cyanide)
FirewallRules: [{2781EBC6-AFEB-48BE-8226-57447A6869DB}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\Autorun\Exe\Autorun.exe (Focus Home Interactive -> )
FirewallRules: [{9E1290D6-4EC7-488B-96C9-4505AB74705D}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\Autorun\Exe\Autorun.exe (Focus Home Interactive -> )
FirewallRules: [{279B8FFC-100C-49F3-B69F-71B358FC64A1}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{63D7E408-6992-4AC1-9653-DC8120C0BFE1}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{A1CA1DB8-8484-41E8-A8E8-3C85FEC9D1DA}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{B49ADAFD-69CC-4417-8775-4C0D43AEF89D}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{991A7548-F0BD-4DAE-AFB1-BD6DAA0610EC}] => (Allow) H:\SKIDROW\pes2013.exe No File
FirewallRules: [{A0C7ED3F-F499-4FE8-A56D-4228130D3DA6}] => (Allow) H:\SKIDROW\pes2013.exe No File
FirewallRules: [TCP Query User{3ED6C208-7ABB-4502-A62E-B8A8A6970EE7}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{82209141-B89F-47E8-93E0-163FD2499450}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{679C0B96-1479-4AE6-A532-99BECBC9D982}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D18F6AD9-C229-495C-BD11-0E6C63E76E10}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{7EA58023-FFC8-4220-8B0F-F9F086C4755F}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5D6CB9DB-1968-4E3B-8D3E-A4A4B20AFBFA}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D5EA2C20-CA18-4004-B1C3-B3676AAE6040}] => (Allow) C:\Program Files\SkypeWebPlugin\3.2.0.23388\SkypeWebPlugin.exe (Skype Software Sarl -> Skype)
FirewallRules: [{27217E78-E2AA-4AFF-B6CF-C0070005B27B}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{EFAA79C2-19F9-46E4-96F1-5B0B29DF47A3}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{799CD8F3-6349-4615-8CDD-F797A272DFA1}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03CFF6A9-1D80-485E-B1A2-08AE8B4DEB4A}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{A132E40F-98F3-4FC3-A365-5024E979F200}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{173B39A3-3274-4857-B8DE-CAE731D3AF4F}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F2B935C6-B142-426D-B358-E35640483838}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{7066876D-8502-48EB-9B7D-53DE3E082F6D}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{ACE69AE6-D9F3-4546-92CB-C9B1D780A2D8}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{DDA159D9-89C6-46DB-B3EF-7E8135EAAC29}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{78B36B72-9282-4255-8CD4-D5E32F2A7C27}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{43067907-7385-43B4-AF58-F477DEC416D1}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{40342DD1-B2B1-43B8-8E62-9502592B00B6}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{44198D15-88CE-4AE3-904B-FA8CE9815B19}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{706D01ED-FF4F-4742-AE48-A18637743381}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{0B0F1ABA-CCB7-4557-BD1B-EC829872CBFE}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{AFE3BD89-D24D-46EF-8231-1D6CB217650D}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2D854BD6-164D-48F9-B819-299F027F07FA}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{55775C88-6F4F-48C2-ADBC-C93FAA9AB4DF}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{F023205A-EEE4-4A5F-8D9B-A9D780EF914B}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F19848DE-2C06-4C8C-813F-2146BC401C2F}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F6443872-AD0A-49AE-9019-E57016C15506}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{BA4F7BF4-0FBB-4D5C-92AD-2988A35DF1A8}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{2AB9301C-F5FC-4F32-B373-F0E626A5C4F3}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{C440DE5F-B46F-447A-BABB-F0D510011455}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{974F07E8-057F-470C-A742-CE0D291AC2CC}] => (Allow) LPort=53
FirewallRules: [{E8E92D17-EF74-49AC-AF1D-700580EBC589}] => (Allow) C:\PROGRA~1\REALTEK\USBWIR~1\RtWlan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{ED76E1B6-E431-4048-BFA9-D10BC3EFF556}] => (Allow) LPort=1542
FirewallRules: [{6D0A5863-CDD9-4C15-AE2A-5F777FF60D9F}] => (Allow) LPort=1542
FirewallRules: [{FB4D5AF6-BE37-4799-8B3E-2BDDC1FF3CD3}] => (Allow) LPort=53
FirewallRules: [{C74A148A-9858-4E34-9123-D3F0E69395CE}] => (Allow) C:\PROGRA~1\REALTEK\USBWIR~1\Rtldhcp.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{03930836-00DD-4193-98C5-164B87303CDC}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{00997E0A-FDFE-4862-9E10-D6036AF79BF3}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{3DACF7BA-7E1B-4E33-A29B-A8AC902BE7A4}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F4B8BEC0-D58D-4DEB-A2D9-D4A303C7AFB5}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{6FE6DF7A-FA42-477E-9A95-1E3B173A8EFF}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{9E757D98-D70C-4797-9E6A-9937AF24A47B}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{45070F04-5CF9-4E37-9483-A3F971BEC7E2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware VMCI Host Device
Description: VMware VMCI Host Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: vmci
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2019 12:53:30 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo C:\Windows\Prefetch\TASKMGR.EXE-72398DC0.pf por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Proceso host para los servicios de Windows por este error.

Programa: Proceso host para los servicios de Windows
Archivo: C:\Windows\Prefetch\TASKMGR.EXE-72398DC0.pf

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:C0000185
Tipo de disco: 3

Error: (04/24/2019 12:52:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_SysMain, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc100
Nombre del módulo con errores: sysmain.dll, versión: 6.1.7601.24000, marca de tiempo: 0x5a49963b
Código de excepción: 0xc0000006
Desplazamiento de errores: 0x0000d230
Id. del proceso con errores: 0x33c
Hora de inicio de la aplicación con errores: 0x01d4fa8b42630f00
Ruta de acceso de la aplicación con errores: C:\Windows\System32\svchost.exe
Ruta de acceso del módulo con errores: c:\windows\system32\sysmain.dll
Id. del informe: 09a60397-667f-11e9-bf81-00269e9eb835

Error: (04/24/2019 12:52:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: lpksetup.exe, versión: 6.1.7601.17514, marca de tiempo: 0x4ce79791
Nombre del módulo con errores: msvcrt.dll, versión: 7.0.7601.17744, marca de tiempo: 0x4eeaf722
Código de excepción: 0x40000015
Desplazamiento de errores: 0x0005620a
Id. del proceso con errores: 0xbf0
Hora de inicio de la aplicación con errores: 0x01d4fa8b5e83b19d
Ruta de acceso de la aplicación con errores: C:\Windows\system32\lpksetup.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\msvcrt.dll
Id. del informe: 076ab955-667f-11e9-bf81-00269e9eb835

Error: (04/24/2019 12:49:24 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/24/2019 12:49:24 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: El servicio de búsqueda detectó archivos de datos dañados en el índice {id=4400}. Este servicio intentará corregir este problema automáticamente mediante la nueva generación del índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/24/2019 12:49:24 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/24/2019 12:49:24 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.

Contexto: aplicación Windows

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/24/2019 12:49:24 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: No se puede inicializar el objeto Recopilador.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (04/24/2019 06:43:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/24/2019 06:43:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/24/2019 06:43:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/24/2019 06:43:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/24/2019 06:43:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/24/2019 06:43:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/24/2019 06:43:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/24/2019 06:43:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.


Windows Defender:
===================================
Date: 2010-09-28 21:22:06.698
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\Software\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-09-28 21:03:10.518
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\Software\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-09-28 18:17:29.028
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\Software\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-09-25 22:23:22.865
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\Software\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\Servicio de red
Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe

Date: 2010-09-19 15:29:52.460
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\gabpath.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;process:pid:6200;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\Software\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2010-05-13 22:04:31.901
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070003
Descripción de error:El sistema no puede encontrar la ruta especificada. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

==================== Memory info =========================== 

BIOS: Hewlett-Packard F.20 10/13/2009
Motherboard: Hewlett-Packard 3069
Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 43%
Total physical RAM: 2974.93 MB
Available physical RAM: 1670.16 MB
Total Virtual: 5948.22 MB
Available Virtual: 4734.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:455.38 GB) (Free:275.49 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.38 GB) (Free:1.74 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D58413DB)
Partition 1: (Active) - (Size=455.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Por favor repite los últimos análisis pero en modo normal pues no se ha indicado ningún momento que se realiza en modo seguro.

en nuestras primeras posts, las herramientas eliminaron acestream,que está considerado como un programa no deseado…y lo has vuelto a instalar

En modo normal no te lo puedo hacer porque se queda pillado, por eso lo hice todo en modo seguro. El acestream lo descargué de la página oficial, no entiendo por qué es un programa no deseado, es algo que me resulta muy curioso. ¿qué puedo hacer entonces?

Vale, dejalo asi por ahora y reviso para darte respuesta

Pra hacer unas pruebas mientras, desinstalas tu antivirus, Norton, y coméntame como funciona el pc sin el

Pues he desinstalado el norton desde el modo seguro, he reiniciado y ha entrado sin bloqueos ni nada en modo normal, vamos que funciona bien. ¿Pudiera ser que el virus se hubiera metido en el norton? De todas formas he realizado ahora desde el modo normal lo que me dijistes y ahora te pongo los reportes correspondientes por si ves algo raro.

Reporte FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2019
Ran by admin (administrator) on ADMIN1 (Hewlett-Packard ) (24-04-2019 21:38:27)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(SoftThinks -> ) C:\Program Files\SMINST\BLService.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe
(SupportSoft, Inc. -> SupportSoft, Inc.) C:\Program Files\Telefonica\bin\tgsrvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Hewlett-Packard Company ->  Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(CyberLink -> CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(OpenVPN Technologies, Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Hewlett-Packard Company -> ) C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG) [File not signed]
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [206128 2008-10-10] (Hewlett-Packard Company ->  Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-09-23] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [69216 2006-12-06] (CyberLink -> Cyberlink Corp.) [File not signed]
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-02-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] (DivX, LLC -> )
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [jswtrayutil] => C:\Program Files\Jumpstart\jswtrayutil.exe [528384 2008-09-26] (Atheros Communications, Inc.) [File not signed]
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [147456 2007-01-15] (Nero AG) [File not signed]
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company) [File not signed]
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [653440 2018-04-26] (OpenVPN Technologies, Inc. -> )
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] => C:\Program Files\Google\Chrome\Application\chrome.exe [1544176 2019-04-04] (Google LLC -> Google Inc.)
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Run: [Norton Download Manager{NIS2281014-SHPD-FSD57026}] => C:\Users\Public\Downloads\Norton\{NIS2281014-SHPD-FSD57026}\NISFSD.exe [1107280 2016-11-25] (Symantec Corporation -> Symantec Corporation)
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [130048 2008-12-07] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [118784 2007-09-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [67584 2009-02-09] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{f614806b-ce60-40cd-990f-e8e07df79e49}] -> 

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BAA1A8-CA9B-4035-A835-BB1386D76A8C} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe
Task: {21565C3E-C991-43A6-8FAE-5D17151143AF} - System32\Tasks\RunAsStdUser Task => C:\Program Files\MossySky\bin\1.0.16.0\MossySkySA.exe
Task: {2D5B17C4-600C-4C2F-97A9-F93B3442B51C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3131F4B4-D836-459B-A92E-7A19EEA24804} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [17976 2011-03-22] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {3CA2E419-7077-492C-AF98-07D7132DE620} - System32\Tasks\{3AD7D87D-2E0A-4731-9E17-6520562FB380} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Downloads\wifiway-2.0.1definitivisimo\dumpeer v.80\JumpStart\setup.exe" -d "C:\Users\admin\Downloads\wifiway-2.0.1definitivisimo\dumpeer v.80\JumpStart"
Task: {4B807266-8D7E-448D-8CCA-F51C0290B7FA} - System32\Tasks\{FC0C6388-83E9-4E1D-B4CF-6A8B5BD9AC4A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\EA Sports\FIFA 11\Support\FIFA 11_uninst.exe" -d "C:\Program Files\EA Sports\FIFA 11\Support"
Task: {5CECDB8E-4984-459D-B851-A4C94414C830} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5E1CFB6A-CC44-4CDA-9BFE-6B829AA744CB} - System32\Tasks\{517ACB3D-2BB7-4511-B8FD-D89DEC7A01D2} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Downloads\sapientest\sapienstest\INSTALAR [email protected]" -d C:\Users\admin\Downloads\sapientest\sapienstest
Task: {689D75DB-4F13-444F-BB61-7ECEF6CC3668} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [727608 2011-06-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {69FF88EF-B203-45BD-B248-0A420553626B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-22] (Google Inc -> Google Inc.)
Task: {7231F2A4-EF11-4A6F-8300-BD0D15F8163B} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [1248312 2011-08-11] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {73065355-E18A-4A2E-843A-B4F79B51E4FC} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [1346024 2015-08-06] (Symantec Corporation -> Symantec Corporation)
Task: {78710BB3-CC7D-47D5-8A70-783B17011FE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-22] (Google Inc -> Google Inc.)
Task: {792D9ADB-E90E-48D8-A68F-9A7F85F69DFA} - System32\Tasks\Microsoft\Office Genuine Advantage\OGALogon => C:\Windows\system32\OGAExec.exe [230768 2009-08-03] (Microsoft Corporation -> )
Task: {830174E5-EA23-4651-9C34-E2AFF8F51AA8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [739232 2012-10-18] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {87B60643-0881-441D-A229-EF849D53CA5D} - System32\Tasks\{4F55587D-550E-4A25-BBEF-4F04D3762697} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Desktop\Norton Internet security 2010 +TrialReset 2010 v1.5.0 (Cracked by BOX!)\Norton Trial Reset v2.9.6\Desinstalar version anterior Norton\Norton_Removal_Tool.exe" -d "C:\Users\admin\Desktop\Norton Internet security 2010 +TrialReset 2010 v1.5.0 (Cracked by BOX!)\Norton Trial Re (the data entry has 47 more characters).
Task: {8E43E177-8D47-4DDC-9F85-290CCBA95622} - System32\Tasks\{18896D9A-6CFC-427D-A0D7-93F0ED22F58E} => C:\Windows\system32\pcalua.exe -a C:\Users\admin\Desktop\psp\escaner\lide20lide30n670un676un1240uvst7031a_xpen\SetupSG.exe -d C:\Users\admin\Desktop\psp\escaner\lide20lide30n670un676un1240uvst7031a_xpen
Task: {92295D95-B97E-412B-860E-8C940A13B444} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe
Task: {9F55FF20-A285-424E-88B8-BF4F9BA7C0B7} - System32\Tasks\{510CFE89-EC22-432D-BB12-15C074B96058} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\KONAMI\Pro Evolution Soccer 2010\kitserver\setup.exe" -d "C:\Program Files\KONAMI\Pro Evolution Soccer 2010\kitserver"
Task: {A6139324-0089-4541-B7D4-1A54D40F0B2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [7120952 2011-06-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {AABFE75A-615B-4230-AAEE-3E143BEC6FB3} - System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series => C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2551656 2010-11-16] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {AFAEDAB5-550E-4CB5-99A2-831761830182} - System32\Tasks\PresentationSettingsTurnOff_admin1_admin => C:\Windows\system32\PresentationSettings.exe
Task: {CE31E1AF-DAFD-46E8-BB93-68A344D62F15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [7120952 2011-06-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {E8B28D26-B7EC-4D9B-BF1E-BE993122BC59} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe
Task: {EA655102-F8D5-4110-B8B9-4775A332026A} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe
Task: {F74C94AC-9E02-44E3-AD92-E1B589EB796E} - System32\Tasks\{7D322BA4-F9B2-47DE-A7AB-FFEF7EBE8941} => C:\Windows\system32\pcalua.exe -a "C:\Users\admin\Downloads\Spain Euro 2012 Kit Pack\Spain Euro 2012 Kit Pack\Spain EURO 2012 Kit Pack.exe" -d "C:\Users\admin\Downloads\Spain Euro 2012 Kit Pack\Spain Euro 2012 Kit Pack"
Task: {FB6D6DE1-1B70-4D60-9069-11466E0F8B23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\admin\Desktop\adwcleaner_7.3.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{4165F51C-9647-45B1-AE74-D0E4A16C2B5F}: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{6CD76D63-47AA-47B4-868B-AAB0719B31B5}: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{8538EDBD-D70C-43EE-967B-FAC6ECA67512}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{A05CFFE5-198E-4776-B3CF-0285633DFC78}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E9C9B02D-F143-49A6-82B7-18636DDE5F53}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FB88D55D-4B3C-4867-88BD-3380C0BDEAF0}: [DhcpNameServer] 80.58.61.250 80.58.61.254

Internet Explorer:
==================
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_es&c=91&bd=Presario&pf=cnnb
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
SearchScopes: HKLM -> {58075C17-0D4C-4BC2-8526-503C960426BD} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1127&query={searchTerms}&invocationType=tb50hpcnnbie7-es-es
SearchScopes: HKLM -> {943224BF-1A7E-4565-821B-45CC7732E7C4} URL = hxxp://es.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913937
SearchScopes: HKLM -> {D3361F76-187D-4FC8-A363-94C9B5452926} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC -> DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02] (AOL LLC -> AOL LLC)
BHO: Windows Live Aplicación auxiliar de inicio de sesión -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02] (AOL LLC -> AOL LLC)
Toolbar: HKU\S-1-5-21-3387845806-4141466983-921437045-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {01113300-3E00-11D2-8470-0060089874ED} hxxp://web.atar.rima-tde.net/sdccommon/download/tgctlcm.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {B6F0855B-A06D-498B-A537-80AFF04A1B4E} hxxps://www.movistar.es/o1/http/WSClient.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldes-es.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.1.14\coFFAddon => not found
FF HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\admin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.) [File not signed]
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC -> DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [No File]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-05-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @pandasecurity.com/activescan -> C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll [2010-07-27] (Panda Security S.L -> Panda Security, S.L.)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) [File not signed]
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype Software Sarl -> Skype)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin: @veoh.com/VeohPlayer -> C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll [2008-04-01] (Veoh Networks Inc) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-07-30] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3387845806-4141466983-921437045-1000: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\admin\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3387845806-4141466983-921437045-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\admin\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3387845806-4141466983-921437045-1000: RSATom.name/FBVLC -> C:\Users\admin\AppData\Roaming\RSATom\FBVLC\0081A1~1.7\npFBVLC.dll [2013-10-09] (RSATom) [File not signed]

Continuación:

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://www.aemet.es/favicon.ico
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2019-04-24]
CHR Extension: (Presentaciones) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-22]
CHR Extension: (Documentos) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-22]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-22]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-22]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-20]
CHR Extension: (Tampermonkey) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-03-22]
CHR Extension: (ZenMate VPN - Mejor seguridad para Internet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2019-03-22]
CHR Extension: (Hojas de cálculo) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-22]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-23]
CHR Extension: (VXG Media Player) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncknjnnbahamgpjoafdebabmoamcnni [2019-03-22]
CHR Extension: (Agencia Estatal de Meteorología - AEM...) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhgepamdboolgoocpmekmpknhjohchbf [2019-03-24]
CHR Extension: (Player para ver Movistar+) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2019-03-22]
CHR Extension: (Ace Script) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-03-30]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-22]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-22]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-22]
CHR Extension: (Llamadas de Skype) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk [2019-03-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKU\S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icdlolokpejjhocomjelllhkhoeedlgf] - C:\Program Files\DivX Flash Codec\flash2.crx [2013-01-05]
CHR HKU\S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ifdhgolccnkcbgpclpngdpjfahlnalig] - C:\Program Files\Viderio\viderio.crx <not found>
CHR HKU\S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [81920 2009-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Software AS -> EasyBits Sofware AS) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 jswpbapi; C:\Program Files\Jumpstart\jswpbapi.exe [188416 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S3 jswpsapi; C:\Program Files\Jumpstart\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
R3 NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG) [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. ->  )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64128 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64128 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S2 Realtek87B; C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [File not signed]
S2 RealtekWlanU; C:\Program Files\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-12-23] (SoftThinks -> )
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] (CyberLink -> )
S2 RTLDHCPService; C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S2 SupportSoft RemoteAssist; C:\Program Files\Common Files\supportsoft\bin\ssrc.exe [386424 2009-11-06] (SupportSoft, Inc. -> SupportSoft, Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 tgsrvc_telefonica; C:\Program Files\Telefonica\bin\tgsrvc.exe [148768 2009-11-06] (SupportSoft, Inc. -> SupportSoft, Inc.)
S4 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [86096 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S4 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [358480 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S4 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719416 2013-08-26] (VMware, Inc. -> VMware, Inc.)
S4 VMware NAT Service; C:\Windows\system32\vmnat.exe [437328 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-14] () [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1172992 2009-09-22] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2009-12-18] (Intel(R) Graphics DSS -> )
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-03-18] (DT Soft Ltd -> DT Soft Ltd)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [43192 2013-08-26] (VMware, Inc. -> VMware, Inc.)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [16768 2007-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Development Company, L.P.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [8746496 2010-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [127488 2010-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R1 jswpslwf; C:\Windows\System32\DRIVERS\jswpslwf.sys [20384 2008-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-04-24] (Malwarebytes Corporation -> Malwarebytes)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pavboot; C:\Windows\System32\drivers\pavboot.sys [28552 2009-06-30] (Panda Security S.L -> Panda Security, S.L.)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2006-10-02] (Padus, Inc.) [File not signed]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh86.sys [138240 2008-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3127000 2014-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 RTSTOR; C:\Windows\System32\drivers\RTSTOR.SYS [60416 2008-12-29] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2009-10-31] (Duplex Secure Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt.sys [423424 2010-03-23] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [41976 2017-04-21] (Windscribe Limited -> The OpenVPN Project)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25808 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [17104 2013-08-27] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37456 2013-08-27] (VMware, Inc. -> VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-08-27] (VMware, Inc. -> VMware, Inc.)
S3 vmusb; C:\Windows\System32\DRIVERS\vmusb.sys [31928 2013-08-26] (VMware, Inc. -> VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [65488 2013-08-27] (VMware, Inc. -> VMware, Inc.)
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [13560 2006-11-02] (CyberLink -> Cyberlink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-24 21:38 - 2019-04-24 21:40 - 000040930 _____ C:\Users\admin\Desktop\FRST.txt
2019-04-24 21:31 - 2019-04-24 21:31 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-24 13:35 - 2019-04-24 13:35 - 007666296 _____ (ESET spol. s r.o.) C:\Users\admin\Desktop\ESETOnlineScanner_ESL.exe
2019-04-24 11:08 - 2019-04-24 21:38 - 000000000 ____D C:\FRST
2019-04-24 11:07 - 2019-04-24 18:43 - 001788928 _____ (Farbar) C:\Users\admin\Desktop\FRST.exe
2019-04-24 10:50 - 2019-04-24 21:29 - 000496810 _____ C:\Windows\ntbtlog.txt
2019-04-24 10:48 - 2019-04-24 10:48 - 000002878 _____ C:\Users\admin\Desktop\ZHPCleaner (R).txt
2019-04-24 10:46 - 2019-04-24 10:46 - 000002768 _____ C:\Users\admin\Desktop\ZHPCleaner (S).txt
2019-04-24 10:18 - 2019-04-24 10:18 - 003133312 _____ C:\Users\admin\Desktop\ZHPCleaner.exe
2019-04-24 09:30 - 2019-04-24 12:46 - 000000280 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-04-24 09:28 - 2019-04-24 09:30 - 000000000 ____D C:\AdwCleaner
2019-04-24 09:27 - 2019-04-24 09:27 - 007025360 _____ (Malwarebytes) C:\Users\admin\Desktop\adwcleaner_7.3.exe
2019-04-09 21:38 - 2019-04-09 21:38 - 000096456 _____ C:\Users\admin\Downloads\resource.language.es_es-3.0.15.zip
2019-04-08 23:27 - 2019-04-08 23:27 - 002486077 _____ C:\Users\admin\Downloads\Rpts completa FUNCIONARIOS .pdf
2019-03-30 15:47 - 2019-03-30 15:55 - 086412328 _____ C:\Users\admin\Downloads\Ace_Stream_Media_3.1.32.exe
2019-03-27 22:17 - 2019-03-27 22:17 - 001324062 _____ C:\Users\admin\Downloads\tratamientos_selvicolas PLAN FORESTAL 1989.pdf
2019-03-26 21:39 - 2019-03-31 17:22 - 000000975 _____ C:\DelFix.txt
2019-03-26 21:39 - 2019-03-26 21:39 - 000000000 ____D C:\Windows\ERUNT

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-24 21:36 - 2009-08-07 07:19 - 000769176 _____ C:\Windows\system32\perfh00A.dat
2019-04-24 21:36 - 2009-08-07 07:19 - 000166878 _____ C:\Windows\system32\perfc00A.dat
2019-04-24 21:36 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-04-24 21:36 - 2008-05-06 20:42 - 001724816 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-24 21:34 - 2015-12-27 13:26 - 000000000 ____D C:\Users\admin\AppData\Roaming\Skype
2019-04-24 21:32 - 2009-10-08 15:15 - 000000000 ____D C:\Users\admin\Tracing
2019-04-24 21:32 - 2008-05-06 20:41 - 000000286 _____ C:\ProgramData\hpqp.ini
2019-04-24 21:31 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-24 21:30 - 2019-01-03 16:04 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2019-04-24 21:29 - 2011-11-14 23:32 - 000000000 ____D C:\ProgramData\Norton
2019-04-24 21:24 - 2009-10-09 17:44 - 000000069 _____ C:\Windows\NeroDigital.ini
2019-04-24 21:21 - 2009-10-10 19:04 - 000000000 ____D C:\Users\admin\Desktop\Norton Internet security 2010 +TrialReset 2010 v1.5.0 (Cracked by BOX!)
2019-04-24 10:48 - 2019-03-20 14:13 - 000000000 ____D C:\Users\admin\AppData\Roaming\ZHP
2019-04-24 09:58 - 2010-06-06 14:29 - 000000000 ____D C:\Windows\Minidump
2019-04-24 09:58 - 2009-11-04 23:22 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2019-04-24 00:33 - 2009-11-11 21:26 - 000000000 ____D C:\Program Files\CCleaner
2019-04-23 23:50 - 2009-07-14 06:53 - 000032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-23 23:20 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\NDF
2019-04-23 18:57 - 2018-12-06 18:32 - 000000000 ____D C:\Users\admin\AppData\Roaming\Kodi
2019-04-23 14:08 - 2008-05-06 19:36 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-23 14:08 - 2008-05-06 19:36 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-21 14:05 - 2012-07-21 11:59 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2019-04-16 19:29 - 2012-03-23 21:23 - 000000000 ____D C:\Users\admin\AppData\Roaming\HpUpdate
2019-04-15 21:18 - 2008-05-06 19:39 - 000000000 ____D C:\Users\admin
2019-04-11 16:16 - 2016-11-05 16:13 - 000000123 _____ C:\Users\admin\Documents\peliculas.txt
2019-04-11 11:30 - 2019-03-22 19:08 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 11:30 - 2019-03-22 19:08 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-09 13:31 - 2012-04-01 13:34 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-04-09 13:31 - 2011-05-16 23:06 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-04-09 13:31 - 2009-03-03 08:18 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-31 17:22 - 2011-06-26 14:51 - 000000000 ____D C:\Program Files\Trend Micro
2019-03-30 15:44 - 2016-01-19 18:01 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2019-03-26 22:10 - 2010-12-27 10:39 - 000475136 ___SH C:\Users\admin\Documents\Thumbs.db

==================== Files in the root of some directories =======

2016-04-19 20:36 - 2018-12-02 19:48 - 000029184 ___SH () C:\Users\admin\AppData\Roaming\Thumbs.db
2009-10-23 10:55 - 2009-10-23 10:55 - 000024206 _____ () C:\Users\admin\AppData\Roaming\UserTile.png
2018-05-12 18:20 - 2019-02-11 17:20 - 000000600 _____ () C:\Users\admin\AppData\Roaming\winscp.rnd
2012-05-08 16:15 - 2013-05-16 22:52 - 000001456 _____ () C:\Users\admin\AppData\Local\Adobe Guardar para Web 11.0 Prefs
2008-05-06 20:41 - 2008-05-06 20:41 - 000000000 _____ () C:\Users\admin\AppData\Local\AtStart.txt
2010-04-30 16:57 - 2016-09-27 00:55 - 000011776 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-05-06 20:41 - 2008-05-06 20:41 - 000000000 _____ () C:\Users\admin\AppData\Local\DSwitch.txt
2008-05-06 20:41 - 2008-05-06 20:41 - 000000000 _____ () C:\Users\admin\AppData\Local\QSwitch.txt
2011-04-28 13:50 - 2013-09-18 18:13 - 000007597 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg

Some zero byte size files/folders:
==========================
C:\Windows\System32\nsprs.dll
C:\Windows\System32\serauth1.dll
C:\Windows\System32\serauth2.dll
C:\Windows\System32\ssprs.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-23 16:32
==================== End of FRST.txt ============================

Addition:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2019
Ran by admin (24-04-2019 21:41:05)
Running from C:\Users\admin\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2008-05-06 18:40:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-3387845806-4141466983-921437045-1000 - Administrator - Enabled) => C:\Users\admin
Administrador (S-1-5-21-3387845806-4141466983-921437045-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3387845806-4141466983-921437045-1002 - Limited - Enabled)
Invitado (S-1-5-21-3387845806-4141466983-921437045-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Projector Gateway (HKLM\...\Acer Projector Gateway_is1) (Version:  - )
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.171 - Adobe)
Adobe Photoshop CS6 (HKLM\...\{1D106581-6726-4D1B-ABEC-0CA02410F24F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.2 (HKLM\...\{12A54F16-7F2E-4D42-BBCA-E0CC3CBF0457}) (Version: 5.2.1 - Adobe)
Adobe Reader 9.4.6 - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-A94000000001}) (Version: 9.4.6 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC)
Ares 2.2.4 (HKLM\...\Ares) (Version: 2.2.4-Build#3048 - Ares Development Group)
Art Effects for PDR10 (HKLM\...\NewBlue Art Effects for PDR10) (Version: 2.0 - NewBlue)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 7.7 - Atheros)
AutoCAD 2008 - Español (HKLM\...\{5783F2D7-6001-040A-0002-0060B0CE6BBA}) (Version: 17.1.51.0 - Autodesk) Hidden
AutoCAD 2008 - Español (HKLM\...\AutoCAD 2008 - Español) (Version: 17.1.51.0 - Autodesk)
Autodesk DWF Viewer 7 (HKLM\...\{9A346205-EA92-4406-B1AB-50379DA3F057}) (Version: 7.2.0 - Autodesk, Inc.)
AXIS Media Control Embedded (HKLM\...\AXIS Media Control Embedded) (Version:  - )
AXIS Media Control Embedded Installer (HKLM\...\{FD727056-F0C4-4811-9688-9EBF450D22C4}) (Version: 4.1.4 - Axis Communications)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM\...\DPP) (Version: 3.8.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities Original Data Security Tools (HKLM\...\Original Data Security Tools) (Version: 1.8.0.1 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
CanoScan Toolbox Ver4.1 (HKLM\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version:  - )
Capicom 2.1.0.2 FNMT-RCM (HKLM\...\{E06DBD80-CD9B-4A3F-BD83-ED1AA4CB1E3A}) (Version: 1.00.0000 - FNMT-RCM)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compresor WinRAR (HKLM\...\WinRAR archiver) (Version: 4.20 Beta 3 (64 Bits) - )
Configurador_FNMT (HKLM\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.5 - FNMT-RCM)
Counter-Strike 1.0 (HKLM\...\Counter-Strike) (Version: 1.0 - )
Counter-Strike 1.6 (HKLM\...\Counter-Strike 1.6) (Version:  - )
Cuadro de mensaje de excepción de Microsoft (HKLM\...\{B194E30B-22C6-4FEA-A4A9-D839E243D31D}) (Version: 9.00.5000.00 - Microsoft Corporation) Hidden
CutePDF Printer Setup (HKLM\...\CutePDF Port Monitor) (Version:  - )
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2424 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.1129b - CyberLink Corp.)
CyberLink WaveEditor (HKLM\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2512 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
DivX Flash Codec version 12.6.402.278 (HKLM\...\DivX Flash Codec_is1) (Version: 12.6.402.278 - )
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM\...\dreamboxEDIT) (Version:  - )
eMule (HKLM\...\eMule) (Version: 0.50a - )
Estudio de mejora de productos de HP Deskjet 1000 J110 series (HKLM\...\{D8449AEE-63A2-42CF-AA83-BDC99C91EF81}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FireBreathed VLC (HKLM\...\{C316CD29-2158-4F0A-8A76-5C297AABC97B}) (Version: 0.0.7 - RSATom)
Galería fotográfica de Windows Live (HKLM\...\{A7BBE3D6-F19A-40E6-96EC-84E1DC88F262}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Hewlett-Packard ACLM.NET v1.1.1.0 (HKLM\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Deskjet 1000 J110 series Ayuda (HKLM\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Quick Launch Buttons 6.40 M1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 M1 - Hewlett-Packard)
HP Support Assistant (HKLM\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.5991.2847 - Hewlett-Packard)
HP Total Care Setup (HKLM\...\{95A747E0-DF19-46CB-A622-20A0107201BD}) (Version: 1.1.2413.2876 - Hewlett-Packard Company)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HP User Guides 0138 (HKLM\...\{17050C48-16CB-4500-A102-CEAD750CE11E}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{E5E29403-3D25-40C6-892B-F9FEE2A95585}) (Version: 3.50 A6 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6140.0 - IDT)
Instalación de DivX (HKLM\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
IPTViewr para movistar+ 1.5 “Kruger 60” alpha 4 (HKLM\...\{5BE7CB08-BCB3-44A2-9B29-AFF68FF70249}) (Version: 1.5.40.0 - hxxp://movistartv.codeplex.com)
Java 7 Update 7 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Jumpstart Installation Program (HKLM\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version:  - Atheros)
K-Lite Mega Codec Pack 4.6.2 (HKLM\...\KLiteCodecPack_is1) (Version: 4.6.2 - )
Kodi (HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\Kodi) (Version:  - XBMC-Foundation)
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1224 - CyberLink Corp.) Hidden
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1224 - CyberLink Corp.)
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Magic Desktop (HKLM\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Matemáticas de Microsoft (HKLM\...\{07143840-959A-4B0D-8825-2C533F0DDB19}) (Version: 2007 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ESN (HKLM\...\{A0B1FC80-5965-4021-9048-5FA9590D535C}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Student con Encarta Premium 2009 (HKLM\...\{09141881-2C94-4A67-8E55-8483C019C7D2}) (Version: 2009 - Microsoft Corporation)
Microsoft Sync Framework for Devices CTP1 (HKLM\...\{D0077228-CFBE-4BFF-99CB-3D8B23709175}) (Version: 0.94.1210.0 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}) (Version: 7.0.35.7918 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Nero 7 Ultra Edition (HKLM\...\{9A3D392C-B0BB-400A-A761-4B1497911034}) (Version: 7.02.4717 - Nero AG)
Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
Octave UPM R8.2 (HKLM\...\Octave UPM R8.2) (Version: R8.2 - )
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenVPN 2.4.6-I602  (HKLM\...\OpenVPN) (Version: 2.4.6-I602 - OpenVPN Technologies, Inc.)
Panda ActiveScan 2.0 (HKLM\...\ActiveScan 2.0) (Version: 01.04.01.0000 - Panda Security)
Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - esn) (Version:  - Microsoft Corporation)
PDF Settings CS6 (HKLM\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerStars (HKLM\...\PokerStars) (Version:  - PokerStars)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2423 - CyberLink Corp.) Hidden
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2423 - CyberLink Corp.)
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2424 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2424 - CyberLink Corp.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.2.2414.0 - CyberLink Corporation)
Pro Cycling Manager - La Vuelta - Temporada 2012 versión 1.3.0. (HKLM\...\Pro Cycling Manager 2012_is1) (Version: 1.3.0.0 - Cyanide)
Pro Evolution Soccer 2010 (HKLM\...\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2013 (HKLM\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2013 Patch 1.01 (HKLM\...\Pro Evolution Soccer 2013 Patch 1.01_is1) (Version:  - Konami Digital Entertainment, Inc)
Pro Evolution Soccer 2014 (HKLM\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.00.0000 - KONAMI)
QGIS Dufour 2.0.1 Dufour (HKLM\...\QGIS Dufour) (Version:  - QGIS Development Team)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20115 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - ALFA NETWORK Inc..)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0253 - REALTEK Semiconductor Corp.)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SimpleTV 0.4.7 r2 (HKLM\...\{7EEB77C3-FDDC-4BC6-9ABA-F4E22B12AC63}_is1) (Version:  - SergeyVS)
Skype Web Plugin (HKLM\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
Software básico del dispositivo HP Deskjet 1000 J110 series (HKLM\...\{0974A4AF-1BE8-416A-885F-47BE510EBA18}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
SPORE Creature Creator Trial Edition (HKLM\...\{ECEE0279-785F-4CB3-9F28-E69813234BF8}) (Version: 1.00.0000 - Electronic Arts)
SPSS 15.0 para Windows (HKLM\...\{471F79CC-41F5-458F-B768-7F687F97B6EC}) (Version: 15.0.1 - SPSS Inc.)
SupportSoft ActiveX Controls 20091106_Cli (HKLM\...\{C5DB0A18-F6BA-47D2-A91C-33BF849D2748}) (Version: 15 - SupportSoft)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.1.0.0 - Synaptics)
System Requirements Lab for Intel (HKLM\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Tennis Elbow 2011 1.0c (HKLM\...\Tennis Elbow 2011) (Version: 1.0c - Mana Games)
Total Video Converter 3.71 100812 (HKLM\...\Total Video Converter 3.71_is1) (Version:  - EffectMatrix Inc.)
Tusor's Ultimate Patch (HKLM\...\Tusor's Ultimate Patch) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2627.4) (HKLM\...\{5545EEE9-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VeohTV BETA (HKLM\...\{0405E51E-9582-4207-8F38-AC44201D3808}) (Version: 3.9.1 - Veoh Networks, Inc.) Hidden
VeohTV BETA (HKLM\...\InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}) (Version: 3.9.1 - Veoh Networks, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Player (HKLM\...\{E452E727-86B8-4233-8CC3-41FD817AFAFF}) (Version: 6.0.0 - VMware, Inc.) Hidden
VMware Player (HKLM\...\VMware_Player) (Version: 6.0.0 - VMware, Inc)
Windows Live Asistente para el inicio de sesión (HKLM\...\{7593234B-2AEB-4FC9-B02D-C9B30D86084C}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{914DD274-9C5D-44CA-9AC7-12B8D2D4DA08}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinSCP 5.13 (HKLM\...\winscp3_is1) (Version: 5.13 - Martin Prikryl)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2008\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{52D4E39E-6CBD-524B-9922-E932946F6D1E}\InprocServer32 -> C:\Users\admin\AppData\Roaming\RSATom\FBVLC\0.0.7\npFBVLC.dll (RSATom) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{5E2663C1-51B3-49B7-B081-70181C2AF816}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD 2008\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2008\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{88007BE6-7171-46F0-858B-852DAD96016D}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{AFA95F79-06AC-4B9A-B261-D415063DC2B3}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2008\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387845806-4141466983-921437045-1000_Classes\CLSID\{F69B7E4A-4A83-4485-8860-85DAA196D745}\InprocServer32 -> C:\Program Files\CyberLink\PowerDVD\AudioFilter\ComTruSurroundXT.dll (SRS Labs, Inc.) [File not signed]
ShellExecuteHooks: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll [51656 2010-01-15] (EasyBits Software AS -> EasyBits Software Corp.) [File not signed]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [Identif. de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2007-02-12] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files\Common Files\Autodesk Shared\dwf Common\DWFShellExtension.dll [2006-11-09] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-01-08] (Nero AG) [File not signed]
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => C:\Program Files\Total Video Converter\TVCShellExt.dll [2010-07-29] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-01-17] () [File not signed]
ContextMenuHandlers2: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files\VMware\VMware Player\vmdkShellExt.dll [2013-08-27] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-01-17] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-01-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\admin\Downloads\SimpleTV (2.1.5)\work\Channel\logo\logo - Ярлык.lnk -> E:\PortableApps\SimpleTV Pre\work\Channel\logo (No File) <==== Cyrillic

ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\VXG Media Player.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google Inc.) ->  --profile-directory=Default --app-id=hncknjnnbahamgpjoafdebabmoamcnni

==================== Loaded Modules (Whitelisted) ==============

2013-06-03 14:34 - 2010-11-20 04:20 - 000988160 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\PROPSYS.dll
2014-03-10 20:55 - 2003-07-24 19:06 - 000086016 _____ () [File not signed] C:\Windows\System32\cutemon2k.dll
2011-06-18 12:50 - 2011-06-18 12:50 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2011-06-18 12:50 - 2011-06-18 12:50 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2007-01-15 17:15 - 2007-01-15 17:15 - 000073728 _____ (Nero AG) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
2003-03-18 20:12 - 2003-03-18 20:12 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
2003-02-21 14:42 - 2003-02-21 14:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
2003-03-19 06:14 - 2003-03-19 06:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
2009-10-08 15:24 - 2007-01-17 17:36 - 000129024 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2012-04-07 22:24 - 2010-07-29 18:19 - 000234496 _____ () [File not signed] C:\Program Files\Total Video Converter\TVCShellExt.dll
2007-01-08 14:13 - 2007-01-08 14:13 - 001953792 _____ (Nero AG) [File not signed] C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
2003-03-19 06:20 - 2003-03-19 06:20 - 001060864 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL
2009-07-20 03:01 - 2008-09-23 17:22 - 001060864 _____ (Microsoft Corporation) [File not signed] C:\Program Files\HP\QuickPlay\MFC71.DLL
2009-07-20 03:01 - 2008-09-23 17:22 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\HP\QuickPlay\MSVCR71.dll
2009-07-20 03:01 - 2008-09-23 17:22 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\HP\QuickPlay\MSVCP71.dll
2008-11-13 14:28 - 2008-11-13 14:28 - 000005120 _____ ( ) [File not signed] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\Interop.HPQWMIEXLib.dll
2008-12-08 12:20 - 2008-12-08 12:20 - 000012288 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\es\HPWAMain.resources.dll
2008-11-13 14:28 - 2008-11-13 14:28 - 000007168 _____ ( ) [File not signed] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\Interop.HPQTOASTERLib.dll
2007-01-15 16:14 - 2007-01-15 16:14 - 000147456 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
2003-03-19 06:14 - 2003-03-19 06:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll
2003-02-21 14:42 - 2003-02-21 14:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll
2007-01-09 15:35 - 2007-01-09 15:35 - 003035136 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll
2007-01-15 16:16 - 2007-01-15 16:16 - 000015360 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvrPS.dll
2007-01-15 15:53 - 2007-01-15 15:53 - 002695168 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMDataServices.dll
2003-02-21 04:42 - 2003-02-21 04:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSVCR71.dll
2007-01-15 16:13 - 2007-01-15 16:13 - 001208320 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
2007-01-15 15:48 - 2007-01-15 15:48 - 000315392 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMSQLDB.dll
2007-01-15 15:45 - 2007-01-15 15:45 - 000065536 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMLogCxx.dll
2005-09-04 14:29 - 2005-09-04 14:29 - 000737280 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\log4cxx.dll
2007-01-15 15:45 - 2007-01-15 15:45 - 000536576 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMCoFoundation.dll
2007-01-15 15:46 - 2007-01-15 15:46 - 000102400 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMPluginBase.dll
2007-01-15 15:46 - 2007-01-15 15:46 - 000176128 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMFullTextExtraction.dll
2007-01-15 15:57 - 2007-01-15 15:57 - 000176128 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMSearchPluginSimilarImages.dll
2007-01-03 15:51 - 2007-01-03 15:51 - 003371008 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NeroIPP.dll
2007-01-15 16:20 - 2007-01-15 16:20 - 000030208 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMIndexingServicePS.dll
2007-01-15 16:01 - 2007-01-15 16:01 - 000266240 _____ (Nero AG) [File not signed] C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
2019-03-18 00:05 - 2019-03-22 13:14 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-22 13:14 - 2019-03-22 13:14 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-03-18 00:05 - 2019-03-22 13:14 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Software\Classes\.scr: AutoCADScriptFile => "C:\Windows\system32\notepad.exe" "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\fnmt.gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3387845806-4141466983-921437045-1000\...\gob.es -> hxxp://fnmt.gob.es

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-01-31 20:37 - 2019-03-26 21:57 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


2017-02-27 03:19 - 2019-02-18 15:45 - 000000505 _____ C:\Windows\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go;C:\Program Files\Common Files\DivX Shared\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-3387845806-4141466983-921437045-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.26.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

Continuación…

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{4B562C7D-02F8-415F-8F83-3EE8966A79C2}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A073BB77-F575-491F-9A89-7DD09EC3F0AA}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B7806DB5-262E-4ABA-87BC-FB599FB612B1}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{9CF9EFBA-68D4-4560-AFCD-8787E45C2ACA}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{E92049E2-64F1-4045-A343-FE1651F5B77F}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{B6A1F378-E965-48D3-9EE7-DBDCC5F4430D}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{8C362369-D4B6-4F75-8466-5B923F424A28}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{E2B04E01-5CB6-4E32-BA50-49811514DEFA}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{2B8CF920-D4F9-4E6C-9296-BB780264A9EC}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{11DC1FB0-BCC9-436E-9AEE-0F515AF67520}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{43BE490E-951A-4F13-9C06-79A1D1A16DC0}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{AF869DE1-8605-45F5-8921-93C8E9130EB6}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{CDEFC28F-2746-41A5-AF87-DD0C26756353}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{5A796B94-7D66-462A-AA81-C0D39389E1BC}] => (Allow) F:\GENESIS\pes2010.exe No File
FirewallRules: [{39C962BB-8303-40FE-9859-4976F6FD5D18}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [{AFAECF47-F2C1-4F0B-851A-8C6239161764}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [{14C574B1-4005-4C0C-BE2C-575736127C86}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [{E82F772C-314E-4E56-969C-229A41A4C1D7}] => (Allow) C:\Acer\ProjectorGateway\AcerProjectorGateway.exe (ACER) [File not signed]
FirewallRules: [UDP Query User{A977BB7D-EEB1-4923-9732-A4D0ADD03080}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [TCP Query User{26CE9AB7-945E-4C40-B917-D5784F2F412D}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [UDP Query User{9EB37DC6-325F-4BA4-B77D-2783F8EFE955}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [TCP Query User{10545477-4592-4D1D-BA44-7C3B44351694}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe (Ares Development Group) [File not signed]
FirewallRules: [{65BDF675-FDE7-40F0-9DA4-40B10B79BBE6}] => (Allow) C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{2AFE4CCF-2A20-4296-9A36-38E08D18FA7C}] => (Allow) C:\Program Files\HP\QuickPlay\QP.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{79C8F8A2-C4F1-4D38-A01B-C6584C25CDE0}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [TCP Query User{C66BDE64-A7A0-40D7-8A52-25E6EFA2F969}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [UDP Query User{059878F3-9520-4DB9-923E-4576260F3A27}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [TCP Query User{727B0E39-6633-44E3-828F-635C4941632D}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [UDP Query User{D085809E-6450-459B-B0C3-439CBF9EC607}C:\program files\veoh networks\veoh\veohclient.exe] => (Allow) C:\program files\veoh networks\veoh\veohclient.exe (Veoh Networks -> Veoh Networks) [File not signed]
FirewallRules: [{7C8AB61B-8E2C-4911-85B6-13092241B31F}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{419F5789-6B7A-415F-955E-AA7894BA296A}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A1799263-8688-4BA2-97B0-221F09C5F689}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40683AB7-AA03-44C4-97F9-DEABF8FFE24F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A37A95E9-93EF-4B28-9AEE-C0D1ACAEFEA0}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C2DE80A-08F2-41FB-A352-9588090FFADE}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ED89A0B3-F828-45A6-8FD2-455A04653C17}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{042E2E6E-E123-47BC-ACE4-501EDB71186F}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{4EF24FF5-8409-4570-A55A-E09331D3C66B}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\PCM.exe (Focus Home Interactive -> Cyanide)
FirewallRules: [{E9A3582D-ADBD-4417-9186-B799D5A1DC1D}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\PCM.exe (Focus Home Interactive -> Cyanide)
FirewallRules: [{2781EBC6-AFEB-48BE-8226-57447A6869DB}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\Autorun\Exe\Autorun.exe (Focus Home Interactive -> )
FirewallRules: [{9E1290D6-4EC7-488B-96C9-4505AB74705D}] => (Allow) C:\Program Files\Cyanide\Pro Cycling Manager - La Vuelta - Temporada 2012\Autorun\Exe\Autorun.exe (Focus Home Interactive -> )
FirewallRules: [{279B8FFC-100C-49F3-B69F-71B358FC64A1}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{63D7E408-6992-4AC1-9653-DC8120C0BFE1}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{A1CA1DB8-8484-41E8-A8E8-3C85FEC9D1DA}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{B49ADAFD-69CC-4417-8775-4C0D43AEF89D}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{991A7548-F0BD-4DAE-AFB1-BD6DAA0610EC}] => (Allow) H:\SKIDROW\pes2013.exe No File
FirewallRules: [{A0C7ED3F-F499-4FE8-A56D-4228130D3DA6}] => (Allow) H:\SKIDROW\pes2013.exe No File
FirewallRules: [TCP Query User{3ED6C208-7ABB-4502-A62E-B8A8A6970EE7}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{82209141-B89F-47E8-93E0-163FD2499450}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{679C0B96-1479-4AE6-A532-99BECBC9D982}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D18F6AD9-C229-495C-BD11-0E6C63E76E10}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{7EA58023-FFC8-4220-8B0F-F9F086C4755F}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5D6CB9DB-1968-4E3B-8D3E-A4A4B20AFBFA}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D5EA2C20-CA18-4004-B1C3-B3676AAE6040}] => (Allow) C:\Program Files\SkypeWebPlugin\3.2.0.23388\SkypeWebPlugin.exe (Skype Software Sarl -> Skype)
FirewallRules: [{27217E78-E2AA-4AFF-B6CF-C0070005B27B}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{EFAA79C2-19F9-46E4-96F1-5B0B29DF47A3}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{799CD8F3-6349-4615-8CDD-F797A272DFA1}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03CFF6A9-1D80-485E-B1A2-08AE8B4DEB4A}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{A132E40F-98F3-4FC3-A365-5024E979F200}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{173B39A3-3274-4857-B8DE-CAE731D3AF4F}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F2B935C6-B142-426D-B358-E35640483838}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{7066876D-8502-48EB-9B7D-53DE3E082F6D}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{ACE69AE6-D9F3-4546-92CB-C9B1D780A2D8}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{DDA159D9-89C6-46DB-B3EF-7E8135EAAC29}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{78B36B72-9282-4255-8CD4-D5E32F2A7C27}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{43067907-7385-43B4-AF58-F477DEC416D1}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{40342DD1-B2B1-43B8-8E62-9502592B00B6}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{44198D15-88CE-4AE3-904B-FA8CE9815B19}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{706D01ED-FF4F-4742-AE48-A18637743381}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{0B0F1ABA-CCB7-4557-BD1B-EC829872CBFE}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{AFE3BD89-D24D-46EF-8231-1D6CB217650D}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2D854BD6-164D-48F9-B819-299F027F07FA}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{55775C88-6F4F-48C2-ADBC-C93FAA9AB4DF}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{F023205A-EEE4-4A5F-8D9B-A9D780EF914B}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F19848DE-2C06-4C8C-813F-2146BC401C2F}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F6443872-AD0A-49AE-9019-E57016C15506}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{BA4F7BF4-0FBB-4D5C-92AD-2988A35DF1A8}] => (Allow) C:\Users\admin\Documents\IPTViewr\movistar+ (v1.5.40.0 'Kruger 60')\bin\ChannelList.exe (movistartv.codeplex.com) [File not signed]
FirewallRules: [{2AB9301C-F5FC-4F32-B373-F0E626A5C4F3}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{C440DE5F-B46F-447A-BABB-F0D510011455}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{974F07E8-057F-470C-A742-CE0D291AC2CC}] => (Allow) LPort=53
FirewallRules: [{E8E92D17-EF74-49AC-AF1D-700580EBC589}] => (Allow) C:\PROGRA~1\REALTEK\USBWIR~1\RtWlan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{ED76E1B6-E431-4048-BFA9-D10BC3EFF556}] => (Allow) LPort=1542
FirewallRules: [{6D0A5863-CDD9-4C15-AE2A-5F777FF60D9F}] => (Allow) LPort=1542
FirewallRules: [{FB4D5AF6-BE37-4799-8B3E-2BDDC1FF3CD3}] => (Allow) LPort=53
FirewallRules: [{C74A148A-9858-4E34-9123-D3F0E69395CE}] => (Allow) C:\PROGRA~1\REALTEK\USBWIR~1\Rtldhcp.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{03930836-00DD-4193-98C5-164B87303CDC}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{00997E0A-FDFE-4862-9E10-D6036AF79BF3}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{3DACF7BA-7E1B-4E33-A29B-A8AC902BE7A4}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{F4B8BEC0-D58D-4DEB-A2D9-D4A303C7AFB5}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{6FE6DF7A-FA42-477E-9A95-1E3B173A8EFF}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{9E757D98-D70C-4797-9E6A-9937AF24A47B}] => (Allow) C:\Program Files\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{45070F04-5CF9-4E37-9483-A3F971BEC7E2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2019 09:04:37 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo C:\Program Files\HP\QuickPlay\MFC71.dll por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa HP QuickPlay Resident Program por este error.

Programa: HP QuickPlay Resident Program
Archivo: C:\Program Files\HP\QuickPlay\MFC71.dll

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:C0000185
Tipo de disco: 3

Error: (04/24/2019 09:04:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: QPService.exe, versión: 3.7.0.5723, marca de tiempo: 0x48d8b1af
Nombre del módulo con errores: MFC71.DLL, versión: 7.10.3077.0, marca de tiempo: 0x3e77fdfd
Código de excepción: 0xc0000006
Desplazamiento de errores: 0x00017378
Id. del proceso con errores: 0x938
Hora de inicio de la aplicación con errores: 0x01d4facf34f99b53
Ruta de acceso de la aplicación con errores: C:\Program Files\HP\QuickPlay\QPService.exe
Ruta de acceso del módulo con errores: C:\Program Files\HP\QuickPlay\MFC71.DLL
Id. del informe: cd188d35-66c3-11e9-9225-00269e9eb835

Error: (04/24/2019 09:03:59 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.23505_none_0bfc08bf3ea166ba\CbsCore.dll por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Instalador de módulos de Windows por este error.

Programa: Instalador de módulos de Windows
Archivo: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.23505_none_0bfc08bf3ea166ba\CbsCore.dll

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:C0000185
Tipo de disco: 3

Error: (04/24/2019 09:03:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: TrustedInstaller.exe, versión: 6.1.7601.17514, marca de tiempo: 0x4ce78e33
Nombre del módulo con errores: msvcrt.dll, versión: 7.0.7601.17744, marca de tiempo: 0x4eeaf722
Código de excepción: 0xc0000006
Desplazamiento de errores: 0x0000ce2a
Id. del proceso con errores: 0xd2c
Hora de inicio de la aplicación con errores: 0x01d4facf23c5e999
Ruta de acceso de la aplicación con errores: C:\Windows\servicing\TrustedInstaller.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\msvcrt.dll
Id. del informe: b6c54543-66c3-11e9-9225-00269e9eb835

Error: (04/24/2019 09:00:45 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo C:\Windows\System32\msfeeds.dll por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Microsoft Feeds Synchronization por este error.

Programa: Microsoft Feeds Synchronization
Archivo: C:\Windows\System32\msfeeds.dll

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:C0000185
Tipo de disco: 3

Error: (04/24/2019 08:59:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: msfeedssync.exe, versión: 11.0.9600.16428, marca de tiempo: 0x525b84d1
Nombre del módulo con errores: msfeeds.dll, versión: 11.0.9600.19301, marca de tiempo: 0x5c74dd53
Código de excepción: 0xc0000006
Desplazamiento de errores: 0x0004bc92
Id. del proceso con errores: 0xca8
Hora de inicio de la aplicación con errores: 0x01d4facf3899f3fe
Ruta de acceso de la aplicación con errores: C:\Windows\system32\msfeedssync.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\msfeeds.dll
Id. del informe: 21328dcb-66c3-11e9-9225-00269e9eb835

Error: (04/24/2019 12:53:30 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo C:\Windows\Prefetch\TASKMGR.EXE-72398DC0.pf por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Proceso host para los servicios de Windows por este error.

Programa: Proceso host para los servicios de Windows
Archivo: C:\Windows\Prefetch\TASKMGR.EXE-72398DC0.pf

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:C0000185
Tipo de disco: 3

Error: (04/24/2019 12:52:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_SysMain, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc100
Nombre del módulo con errores: sysmain.dll, versión: 6.1.7601.24000, marca de tiempo: 0x5a49963b
Código de excepción: 0xc0000006
Desplazamiento de errores: 0x0000d230
Id. del proceso con errores: 0x33c
Hora de inicio de la aplicación con errores: 0x01d4fa8b42630f00
Ruta de acceso de la aplicación con errores: C:\Windows\System32\svchost.exe
Ruta de acceso del módulo con errores: c:\windows\system32\sysmain.dll
Id. del informe: 09a60397-667f-11e9-bf81-00269e9eb835


System errors:
=============
Error: (04/24/2019 09:37:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio RealtekWlanU se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/24/2019 09:37:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio HP Support Assistant Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

Error: (04/24/2019 09:37:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio JumpStart Push-Button Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/24/2019 09:37:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio LightScribeService Direct Disc Labeling Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/24/2019 09:37:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Realtek87B se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/24/2019 09:31:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Realtek DHCP Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/24/2019 09:29:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/24/2019 09:29:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.


Windows Defender:
===================================
Date: 2010-09-28 21:22:06.698
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\Software\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-09-28 21:03:10.518
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\Software\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-09-28 18:17:29.028
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\Software\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-09-25 22:23:22.865
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\config.cfg;file:C:\Users\admin\AppData\Roaming\GabPath\GPUninstall.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\Software\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SfKg6wIPuSp;uninstall:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GabPath
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\Servicio de red
Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe

Date: 2010-09-19 15:29:52.460
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Gabpath&threatid=151055
Nombre:Adware:Win32/Gabpath
Id.:151055
Gravedad:Media
Categoría:Adware
Ruta de acceso encontrada:file:C:\Users\admin\AppData\Roaming\GabPath\gabpath.exe;file:C:\Users\admin\AppData\Roaming\Microsoft\Windows\jnipmo.exe;folder:C:\Users\admin\AppData\Roaming\GabPath\;process:pid:6200;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\Software\GabPath;regkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath;runkey:HKCU@S-1-5-21-3387845806-4141466983-921437045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\GabPath
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2010-05-13 22:04:31.901
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070003
Descripción de error:El sistema no puede encontrar la ruta especificada. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

==================== Memory info =========================== 

BIOS: Hewlett-Packard F.20 10/13/2009
Motherboard: Hewlett-Packard 3069
Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 61%
Total physical RAM: 2974.93 MB
Available physical RAM: 1143.21 MB
Total Virtual: 5948.22 MB
Available Virtual: 4076.62 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:455.38 GB) (Free:276.6 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.38 GB) (Free:1.74 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D58413DB)
Partition 1: (Active) - (Size=455.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

no ,no es que el antivirus está infectado es simplemente que muchas veces los antivirus son la causa de los problemas de un PC. no es un antivirus que durante mucho tiempo lo hemos tenido en el mismo PC puede empezar a fallar por algún motivo. prueba el PC sin el funcionamiento del antivirus durante unas horas y me comentas y mientras tanto reviso los informes

Pues llevo usando el mismo antivirus más de 10 años y hasta ahora no había tenido problemas, por eso te decía eso, es que me sigue pareciendo muy raro que ahora de repente el ordenador me vaya mal por el norton, cuando antes no, por eso pienso que quizás por un virus que le hubiera entrado estaría funcionando así. ¿Has encontrado algo raro en el log?

Bueno, tu prueba el pc y comentas como va

De momento me funciona bien, pero es que sin un antivirus no puedo estar jeje ¿Has podido mirar el log?

Bueno vamos a probar a instalar otro antivirus diferente o tienes licencia de Norton todavía válida??

Bueno me he fijado en que tenías la versión 18 de Norton instalada y ya va por la 22. en un antivirus es fundamental e imprescindible tener las últimas versiones para corregir problemas con las últimas versiones de los sistemas operativos ebook que pudiera tener y además mejorar la capacidad de detención.

si no tienes una licencia de Norton y no quieres pagar por el antivirus los hay free y muy buenos

Ya no tengo más licencia de Norton. ¿Cual me recomiendas probar que sea muy bueno y le vaya bien a mi ordenador?