Antes que nada decirles que soy nuevo y que me da mucho gusto encontrar un lugar en donde me puedan ayudar.
Encontré los pasos en donde un usuario comentaba que podía tener un posible virus. Por eso mismo descargue e hice lo que le recomendaban a él.
Aquí les dejo los reportes.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 12/12/18
Hora del análisis: 11:59
Archivo de registro: 96f7f2f4-fe1e-11e8-895c-000000000000.json
-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8279
Licencia: Prueba
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Seba-PC\Seba
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 262666
Amenazas detectadas: 4
Amenazas en cuarentena: 4
Tiempo transcurrido: 6 min, 10 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 1
PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, En cuarentena, [283], [550469],1.0.8279
Valor del registro: 1
PUP.Optional.DefaultSearch, HKU\S-1-5-21-525092146-1667884894-650739964-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, [283], [550469],1.0.8279
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 2
PUP.Optional.DefaultSearch, C:\USERS\SEBA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [283], [550469],1.0.8279
PUP.Optional.DefaultSearch, C:\USERS\SEBA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [283], [469798],1.0.8279
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64
Ran by Seba (Administrator) on Wed 12/12/2018 at 12:26:26.52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 26
Successfully deleted: C:\ProgramData\lavasoft\web companion (Folder)
Successfully deleted: C:\Program Files (x86)\lavasoft\web companion (Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1HENZOH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BC8YCHQD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGTGRLNN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OYQ70S69 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QPGW3IF7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTARS0QU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VV7M07TW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Seba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X6L11XXU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1HENZOH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BC8YCHQD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGTGRLNN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OYQ70S69 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QPGW3IF7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTARS0QU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VV7M07TW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X6L11XXU (Temporary Internet Files Folder)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/12/2018 at 12:39:19.80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by Seba (12-12-2018 12:46:14)
Running from C:\Users\Seba\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-12-03 08:38:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-525092146-1667884894-650739964-500 - Administrator - Disabled)
Guest (S-1-5-21-525092146-1667884894-650739964-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-525092146-1667884894-650739964-1002 - Limited - Enabled)
Seba (S-1-5-21-525092146-1667884894-650739964-1001 - Administrator - Enabled) => C:\Users\Seba
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-525092146-1667884894-650739964-1001\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
ATI Catalyst Install Manager (HKLM\...\{F72FC7C5-5D2F-41EC-11DE-FD9F5F6D415A}) (Version: 3.0.758.0 - ATI Technologies, Inc.)
Bejeweled 2 Deluxe (HKLM-x32\...\WT082192) (Version: 2.2.0.82 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT082122) (Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT082124) (Version: 2.2.0.82 - WildTangent) Hidden
Build-a-lot 2 (HKLM-x32\...\WT082438) (Version: 2.2.0.82 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT083477) (Version: 2.2.0.82 - WildTangent) Hidden
ccc-core-static (HKLM-x32\...\{D89272DE-CF29-8D5C-B01A-410F06E2E903}) (Version: 2010.0122.858.16002 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WT082200) (Version: 2.2.0.82 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.102 - CinemaNow, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Contents (HKLM-x32\...\{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}) (Version: 1.6.0.286 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.116 - Corel Corporation)
Corel PaintShop Photo Pro X3 (HKLM-x32\...\{DA4BF4BE-3CDC-43B5-BBDA-DDDA73103111}) (Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.286 - Corel Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2527 - CyberLink Corp.)
DeviceIO (HKLM-x32\...\{F4E9851F-765E-40B7-9859-237C2724E62C}) (Version: 1.6.0.286 - Corel Corporation) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT082396) (Version: 2.2.0.82 - WildTangent) Hidden
Dora's Carnival Adventure (HKLM-x32\...\WT082133) (Version: 2.2.0.82 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2133 - Steinberg Media Technologies GmbH)
Escape Rosecliff Island (HKLM-x32\...\WT083484) (Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Faerie Solitaire (HKLM-x32\...\WT082442) (Version: 2.2.0.82 - WildTangent) Hidden
FATE (HKLM-x32\...\WT082141) (Version: 2.2.0.82 - WildTangent) Hidden
Focusrite USB 4.36.5.0 (HKLM\...\Focusrite USB_is1) (Version: 4.36.5.0 - Focusrite Audio Engineering Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10144.3282 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.3727 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.2.2513 - Hewlett-Packard)
HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.3722 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.0.3722 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.0.3722 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.2511 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2261 - HP Photo Creations Powered by RocketLife)
HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP QuickWeb Installer (HKLM-x32\...\{394FA67A-FF0A-4356-BB77-D85E5A300BDE}) (Version: 1.2.9.1 - DeviceVM Inc.)
HP Setup (HKLM-x32\...\{E2831862-F131-4327-B9CC-FA30F587EB6C}) (Version: 1.2.3988.3281 - Hewlett-Packard)
HP SimplePass Identity Protection (HKLM\...\{F20DF0CA-5929-4C26-A501-FDB19FDF0A50}) (Version: 5.00.140 - DigitalPersona, Inc.)
HP Software Framework (HKLM-x32\...\{15436D38-68EF-4D20-A794-755F54E7E955}) (Version: 3.5.16.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}) (Version: 4.3.1.2 - Hewlett-Packard)
HP Tone Control (HKLM\...\{9207D4A1-586E-49CA-A002-FC9F475AB1A3}) (Version: 2.0.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0177 (HKLM-x32\...\{8DA0CD14-79DF-49BF-B133-409C004F27E1}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{0279C882-B150-44B6-A769-A7C8A2F31CE3}) (Version: 4.0.3.2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Hulu Desktop (HKU\S-1-5-21-525092146-1667884894-650739964-1001\...\HuluDesktop) (Version: 0.9.11 - Hulu LLC)
ICA (HKLM-x32\...\{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.116 - Corel Corporation) Hidden
ICA (HKLM-x32\...\{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.286 - Corel Corporation) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6265.0 - IDT)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.4.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
IPM_PSP_Pro (HKLM-x32\...\{DCD941B6-F2E7-4FAF-B102-F7D4DE5FF99A}) (Version: 1.00.0000 - Corel Corporation) Hidden
IPM_VS_Pro (HKLM-x32\...\{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}) (Version: 13.0 - Corel Corporation) Hidden
ISCOM (HKLM-x32\...\{D1F80EFD-A032-4E8E-A367-70C44AD4DCE0}) (Version: 1.6.1.116 - Corel Corporation) Hidden
ISCOM (HKLM-x32\...\{FE661711-E392-4B3F-A4A7-02C747C09134}) (Version: 1.6.0.286 - Corel Corporation) Hidden
Java(TM) 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java(TM) 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Jewel Quest 3 (HKLM-x32\...\WT082443) (Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire 2 (HKLM-x32\...\WT082468) (Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
KORG USB-MIDI Driver Tools for Windows (HKLM-x32\...\{E373514C-21E0-4E76-BABD-C7BAF6BFFF45}) (Version: 1.11.0040 - KORG Inc.)
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)
MSN Toolbar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 4.0.0369.0 - Microsoft Corporation)
MSN Toolbar Platform (HKLM-x32\...\{4123BE4D-C65C-467E-8071-232FB1FBF3B8}) (Version: 4.0.0369.0 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The New York Fortune (HKLM-x32\...\WT082456) (Version: 2.2.0.82 - WildTangent) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.8.1.43 - Native Instruments)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 17.0.0.136 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.34 - Symantec)
Penguins! (HKLM-x32\...\WT082168) (Version: 2.2.0.82 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
Plants vs. Zombies (HKLM-x32\...\WT082170) (Version: 2.2.0.82 - WildTangent) Hidden
Poker Superstars III (HKLM-x32\...\WT082171) (Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT082172) (Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT082173) (Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3715 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3715 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2514 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2514 - CyberLink Corp.)
PSPPContent (HKLM-x32\...\{DF8B9311-ADE7-4EDE-B121-326CAA3D225D}) (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (HKLM-x32\...\{DCF1928A-FC01-48E7-A7E6-4651D42EF6A1}) (Version: 13.0.0 - Corel Corporation) Hidden
PureHD (HKLM-x32\...\{F8423392-2296-4748-9B66-344432459632}) (Version: 1.6.0.286 - Corel Corporation) Hidden
PX Profile Update (HKLM-x32\...\{08C94F9D-EB51-D748-E299-E347A2C14A81}) (Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2512 - CyberLink Corp.) Hidden
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Setup (HKLM-x32\...\{D1612A3D-0DCC-4055-BB6A-0036F31158A0}) (Version: 1.6.1.116 - Corel Corporation) Hidden
Setup (HKLM-x32\...\{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}) (Version: 1.6.0.286 - Corel Corporation) Hidden
Share (HKLM-x32\...\{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}) (Version: 1.6.0.286 - Corel Corporation) Hidden
Share64 (HKLM\...\{F6246243-CF06-4E40-8A37-C3B537695C36}) (Version: 1.6.0.286 - Corel Corporation) Hidden
Skype version 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.6 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
TextTwist 2 (HKLM-x32\...\WT083491) (Version: 2.2.0.82 - WildTangent) Hidden
Update for Office 2007 (KB934528) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{2B939677-2FFD-48F6-9075-7BF48CB87C80}) (Version: - )
Validity Sensors DDK (HKLM\...\{EE5017A6-7525-4EE9-99DA-2EF1F6C16B1B}) (Version: 4.1.129.0 - Validity Sensors, Inc.)
VIO (HKLM-x32\...\{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}) (Version: 1.6.0.286 - Corel Corporation) Hidden
Virtual Families (HKLM-x32\...\WT082188) (Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (HKLM-x32\...\WT082241) (Version: 2.2.0.82 - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSClassic (HKLM-x32\...\{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}) (Version: 1.6.0.286 - Corel Corporation) Hidden
VSPro (HKLM-x32\...\{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}) (Version: 1.6.0.286 - Corel Corporation) Hidden
Waves Central 10.0.1.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}_is1) (Version: 10.0.1 - Waves, Inc.)
Waves SoundGrid Drivers 9.7.99.175 (HKLM\...\Waves SoundGrid Drivers_is1) (Version: - Waves Audio Ltd.)
Wheel of Fortune 2 (HKLM-x32\...\WT082189) (Version: 2.2.0.82 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Zuma's Revenge (HKLM-x32\...\WT082463) (Version: 2.2.0.82 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Corel.Paint.Shop.Pro.Photo] -> {B1D2CD8F-45E9-49d1-838A-AAA5780D94B7} => c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll [2010-01-19] ()
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\17.0.0.136\NavShExt.dll [2009-09-01] (Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers2: [Corel.Paint.Shop.Pro.Photo] -> {B1D2CD8F-45E9-49d1-838A-AAA5780D94B7} => c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll [2010-01-19] ()
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\17.0.0.136\NavShExt.dll [2009-09-01] (Symantec Corporation)
ContextMenuHandlers2-x32: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => c:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll [2010-01-14] (Ulead Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [Corel.Paint.Shop.Pro.Photo] -> {B1D2CD8F-45E9-49d1-838A-AAA5780D94B7} => c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll [2010-01-19] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-01-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-01-22] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\17.0.0.136\NavShExt.dll [2009-09-01] (Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {159220DE-97FB-465B-90D0-B69D2C442F03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-28] (Piriform Software Ltd)
Task: {493F16DA-B4A2-492E-A421-85D07D60A455} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-03] (Google Inc.)
Task: {52CBB4B4-C5A4-49EC-9BD9-AA013499F411} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-28] (Piriform Ltd)
Task: {53AB4301-884E-45F7-B9BF-6B3930F74949} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {55C2E56E-9627-4542-A884-6A5D45022C99} - System32\Tasks\{77FEBEA2-85EB-4566-85E0-B19756C2023C} => C:\Windows\system32\pcalua.exe -a "C:\Users\Seba\Desktop\vst\Spectrasonics Stylus RMX 1.5 + 1.7 + 1.9.5 + keygen WORKING 100%\install first\dyn-rmx15d1\Windows\Setup.exe" -d "C:\Users\Seba\Desktop\vst\Spectrasonics Stylus RMX 1.5 + 1.7 + 1.9.5 + keygen WORKING 100%\install first\dyn-rmx15d1\Windows"
Task: {86C860F5-363A-45DF-90A1-6508CA191871} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe
Task: {8CA43350-A1D4-4B7B-B307-14FFC2F8EB8F} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-27] ()
Task: {A9A0FEF8-ACCF-448B-BB0C-D677B521E198} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-27] ()
Task: {C346AEEB-3F4D-4B9C-A8B5-971741BFB4EB} - System32\Tasks\Hewlett-Packard\HP Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2009-10-15] (Hewlett-Packard)
Task: {D85C79E4-0817-4C7C-868B-B760A8415AD3} - System32\Tasks\NetworkWizardVCW => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-27] ()
Task: {DA38192F-AFA8-4302-92F3-AAC5E87F8976} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-03] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-01-19 04:53 - 2010-01-19 04:53 - 000124560 _____ () c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll
2010-01-18 19:04 - 2010-01-18 19:04 - 000020480 _____ () C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2018-12-12 11:58 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-12-12 11:58 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-12-03 12:36 - 2018-11-16 02:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-12-03 12:36 - 2018-11-16 02:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2018-12-03 17:00 - 2018-11-09 19:57 - 001790592 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2018-12-03 17:01 - 2018-11-09 19:57 - 002381152 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2018-12-03 17:01 - 2018-11-09 19:57 - 000097224 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-12-03 17:01 - 2018-11-09 19:57 - 000219080 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2018-12-03 17:01 - 2018-11-09 19:57 - 000081864 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
2018-12-03 17:00 - 2018-11-09 19:57 - 002723872 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-12-03 17:00 - 2018-11-09 19:57 - 000031776 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-12-03 17:01 - 2018-11-09 19:57 - 000409544 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-12-03 17:01 - 2018-11-09 19:57 - 000138696 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-525092146-1667884894-650739964-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 23:34 - 2018-12-04 10:31 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-525092146-1667884894-650739964-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 200.49.120.2 - 200.49.120.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
MSCONFIG\startupreg: HPToneControl => C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: MSN Toolbar => "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe"
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre6\bin\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Seba\AppData\Roaming\uTorrent\uTorrent.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{978749DB-C886-4B89-95FE-D6D4C8B8F350}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{8B2204C8-F50D-4E9B-B57A-03A41BD3D4CF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{E25C7EA2-0C0C-4F20-9074-0AF3FA52D85B}] => (Allow) svchost.exe
FirewallRules: [{D0DAEDE6-3229-40C7-9C47-72A2C8ACD8D3}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{D3197E11-AC63-4B0E-A149-D236D23E6078}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{28F2781F-3828-4B41-B617-5A38175F2C1F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{B90A00DB-D204-42EB-A383-DAA71F4C5C71}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\iTV\HPiTV.exe
FirewallRules: [{BF10DECD-9048-4FEB-8211-A2CA49145F96}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{D34D0FED-7168-4647-A9F5-9D12148E2BA4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{AC734806-3DF4-4295-AF49-85BD3F548CAE}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{587F17FD-57D4-405A-B09A-481FB2AE4305}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{7FAECB73-4B3C-4EF7-B03D-80D988329024}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A27C6CCE-76D9-4FB0-A928-BE6231A73A15}] => (Allow) C:\Program Files (x86)\Waves\MultiRack\MultiRack SoundGrid.exe
FirewallRules: [{C3242575-B779-461F-B2FA-779F738BC3C8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{EDA12F56-91CA-4DAF-9D1F-816EAB5ACA07}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [TCP Query User{AC2DFFE7-8624-4A1B-8035-D6309B98C52B}C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe
FirewallRules: [UDP Query User{F273F9FD-8852-4EC2-9CDE-23FC6B354876}C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe
FirewallRules: [TCP Query User{DA02486E-2F56-4151-9205-4BA749C6141E}C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{BAB6B585-9209-41DE-A51E-533CD143EC91}C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe
FirewallRules: [{A7EA3B45-731E-4776-8548-5FFC539A1E1C}] => (Allow) C:\Users\Seba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D1382921-7F29-4F66-96BE-423E877FE7B5}] => (Allow) C:\Users\Seba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9BA19648-AB18-442E-A137-9ECF2E596A3B}] => (Allow) C:\Users\Seba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{831F1626-399F-44D3-8EE9-BFFC70ACACC1}] => (Allow) C:\Users\Seba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{40326070-A700-4EDB-BC4F-E145AC69DBF0}] => (Allow) C:\Users\Seba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D522C0B0-8A2B-44F2-88CA-49C21D733F70}] => (Allow) C:\Users\Seba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8063F6D8-2156-4C88-96EA-114379DB7F1B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C83DD626-7B24-4D74-90B8-6E52C85F7FA0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
==================== Restore Points =========================
10-12-2018 18:54:53 Removed Avira Safe Shopping
10-12-2018 18:55:47 Removed Avira Software Updater
11-12-2018 08:46:56 Windows Update
11-12-2018 21:30:55 Installed KORG USB-MIDI Driver Tools for Windows
11-12-2018 21:34:08 Device Driver Package Install: KORG Inc. Sound, video and game controllers
12-12-2018 12:26:34 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/12/2018 12:23:07 PM) (Source: SGDawNodeService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/12/2018 12:13:42 PM) (Source: SGDawNodeService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/12/2018 11:50:35 AM) (Source: SGDawNodeService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/11/2018 09:25:58 PM) (Source: SGDawNodeService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/11/2018 01:12:54 PM) (Source: SGDawNodeService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/11/2018 11:39:17 AM) (Source: SGDawNodeService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/11/2018 10:13:17 AM) (Source: SGDawNodeService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/11/2018 08:56:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Omnisphere.exe version 1.0.1.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 11d4
Start Time: 01d491485c611d0c
Termination Time: 12
Application Path: C:\ProgramData\Spectrasonics\Omnisphere.exe
Report Id: a0918fe9-fd3b-11e8-abae-ba7132eef390
System errors:
=============
Error: (12/12/2018 12:21:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
The pipe has been ended.
Error: (12/12/2018 12:21:08 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
Error: (12/12/2018 12:20:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (12/12/2018 12:20:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (12/12/2018 12:20:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (12/12/2018 12:20:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (12/12/2018 12:20:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Biometric Authentication Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/12/2018 12:20:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The hpqwmiex service terminated unexpectedly. It has done this 1 time(s).
CodeIntegrity:
===================================
Date: 2018-12-03 19:27:02.500
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SoundGridProtocol.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-12-03 19:27:02.468
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SoundGridProtocol.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-12-03 19:26:49.837
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SoundGridMidi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-12-03 19:26:49.806
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SoundGridMidi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-12-03 16:35:25.373
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SoundGridMidi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-12-03 16:35:25.358
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SoundGridMidi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-12-03 16:25:12.962
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SoundGridProtocol.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-12-03 16:25:12.926
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SoundGridProtocol.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 42%
Total physical RAM: 7989.86 MB
Available physical RAM: 4600.19 MB
Total Virtual: 15977.86 MB
Available Virtual: 12452.61 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:573.1 GB) (Free:70.11 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:22.78 GB) (Free:3.31 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive f: (KORG M50) (CDROM) (Total:0.12 GB) (Free:0 GB) CDFS
\\?\Volume{2e92f64d-f700-11e8-9e18-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 41EA23B6)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End of Addition.txt ============================
Y me faltaría poner el reporte FRTS pero me dice lo siguiente
Lo sentimos, pero los usuarios nuevos solo pueden mencionar a 2 usuarios en un post.
La compu hace poco que le reinstalé todo. Pero de la nada se puso super lenta, mi pareja le había instalado el utorrent y honestamente me dio un poco de miedo de que se me haya metido algo.
Aparentemente ahora está funcionando bien pero quiero quedarme tranquilo.
Es que el problema no es que es muy largo el reporte. Divido el reporte para no tener problemas, pongo una parte en un post y cuando quiero crear otro post para poner la segunda parte me dice lo siguinete
“Lo sentimos, pero los usuarios nuevos solo pueden mencionar a 2 usuarios en un post.”
Ese es el problema principal
Solo tienes que tener el Tema como si fueras a responder y arrastras el archivo de texto a el navegador y en el tema lo sueltas, revisa el Manual que te deje es muy fácil.