''X programa dejó de funcionar. El programa dejó de funcionar correctamente por un problema...''

solidsnake · 17 Junio, 2019 12:36

Buenas, abro este hilo para pedir ayuda, ya que desde hace unos días al intentar abrir varios programas, como Spotify, Reproductor de música o algunos otros, me da este error y me es totalmente imposible entrar al programa. Es desesperante y no sé lo que hacer, nunca me había pasado algo así. En cambio el Chrome si me funciona, y menos mal ya que si no lo llevo muy jodido.

Por favor pido ayuda con esta pu*****, hablando mal y claro y discúlpenme la palabra.

Gracias por adelantado. Saludos.

JavierHF · 17 Junio, 2019 14:24

Buenas @solidsnake bienvenido al Foro.

Lo primero que podemos hacer es revisar tu maquina, para hacrlo sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

CCleaner + Manual.
Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
AdwCleaner + Manual.
Junkware Removal Tool.
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
Realiza un Análisis Completo.
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
En el apartado del manual Historial encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

Ejecuta Adwcleaner.exe.
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

Ejecuta JRT.exe.
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
Si en algún momento te pide Reiniciar hazlo.
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer, pulsamos Yes
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos Javier.

solidsnake · 17 Junio, 2019 14:25

Por cierto mi SO es Windows 8.1

JavierHF · 17 Junio, 2019 15:01

Hola @solidsnake

Sigue mis anteriores indicaciones y nos pones TODOS los informes.

Saludos.

solidsnake · 8 Julio, 2019 17:43

Hola JavierHF, primero que todo muchísimas gracias por tu respuesta y además tan rápida. Aquí pego el informe en el orden que me indicas:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 8/7/19
Hora del análisis: 15:17
Archivo de registro: 2d7215ba-a18b-11e9-a4be-7427ea482659.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.11452
Licencia: Premium

-Información del sistema-
SO: Windows 8
CPU: x64
Sistema de archivos: NTFS
Usuario: Bk\Kevin

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 341576
Amenazas detectadas: 4
Amenazas en cuarentena: 0
Tiempo transcurrido: 27 min, 18 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 3
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|ANTIVIRUSDISABLENOTIFY, Sin acciones por parte del usuario, [13271], [293294],1.0.11452
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|FIREWALLDISABLENOTIFY, Sin acciones por parte del usuario, [13271], [293295],1.0.11452
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|UPDATESDISABLENOTIFY, Sin acciones por parte del usuario, [13271], [293296],1.0.11452

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
Trojan.MalPack.Gen, C:\MUKM.EXE, Sin acciones por parte del usuario, [10040], [78353],1.0.11452

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-08-2019
# Duration: 00:00:28
# OS:       Windows 8
# Scanned:  27557
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [5253 octets] - [17/06/2019 22:13:47]
AdwCleaner[S01].txt - [5314 octets] - [17/06/2019 22:21:57]
AdwCleaner[C01].txt - [4756 octets] - [17/06/2019 22:22:26]
AdwCleaner[S02].txt - [1427 octets] - [22/06/2019 01:11:45]
AdwCleaner[C02].txt - [1613 octets] - [22/06/2019 01:14:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8 x64 
Ran by Kevin (Administrator) on 08/07/2019 at 18:26:48,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 17 

Successfully deleted: C:\ProgramData\mntemp (File) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\Kevin\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HCY7XRQS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JAHRMKCK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L7MK8NBG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SI5HV0LB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VH9DX2F5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YX36HV2A (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZGPSXOTW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HCY7XRQS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JAHRMKCK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L7MK8NBG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SI5HV0LB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VH9DX2F5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YX36HV2A (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZGPSXOTW (Temporary Internet Files Folder) 



Registry: 0 



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/07/2019 at 18:30:08,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by Kevin (08-07-2019 18:35:02)
Running from C:\Users\Kevin\Favorites\Desktop
Windows 8 (X64) (2014-01-06 12:55:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1266114530-2428623587-741228877-500 - Administrator - Disabled)
Invitado (S-1-5-21-1266114530-2428623587-741228877-501 - Limited - Disabled) => C:\Users\Invitado
Kevin (S-1-5-21-1266114530-2428623587-741228877-1001 - Administrator - Enabled) => C:\Users\Kevin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\uTorrent) (Version: 3.4.2.36318 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
888poker.es (HKLM-x32\...\{763E5EB4-44A1-4802-9C0E-67EC7E063789}) (Version: 7.4.00022 - 888) Hidden
888poker.es (HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\InstallShield_{763E5EB4-44A1-4802-9C0E-67EC7E063789}) (Version: 7.4.00022 - 888)
Ableton Live 9 Lite (HKLM\...\{9130C3A8-3BEA-4A24-88F9-50EFB036F999}) (Version: 9.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Audition CS6 (HKLM-x32\...\{30FD541D-3C9D-41C4-B240-A994EE4E0231}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Antares Auto-Tune Evo VST (HKLM-x32\...\{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}) (Version: 6.00.0009 - Antares Audio Technologies)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Ashampoo AppLauncher v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 14 v.14.0.9 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.9 - Ashampoo GmbH & Co. KG)
Ashampoo Core Tuner 2 v.2.0.1 (HKLM-x32\...\Ashampoo Core Tuner 2_is1) (Version: 2.01 - Ashampoo GmbH & Co. KG)
Ashampoo GetBack Photo v.1.0.1 (HKLM-x32\...\Ashampoo GetBack Photo_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\Ashampoo HDD Control 2_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 4 v.4.0.1 (HKLM-x32\...\Ashampoo Music Studio 4_is1) (Version: 4.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.1.3 (HKLM-x32\...\Ashampoo Photo Commander 10_is1) (Version: 10.1.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 5 v.5.1.2 (HKLM-x32\...\Ashampoo Photo Optimizer 5_is1) (Version: 5.1.2 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 2 v.2.0.5 (HKLM-x32\...\Ashampoo Slideshow Studio HD 2_is1) (Version: 2.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 5 v.5.1.5 (HKLM-x32\...\Ashampoo Snap 5_is1) (Version: 5.1.5 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 4 v.4.30 (HKLM-x32\...\Ashampoo UnInstaller 4_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Video Styler v.1.0.1 (HKLM-x32\...\Ashampoo Video Styler_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 9 v.9.04.31 (HKLM-x32\...\Ashampoo WinOptimizer 9_is1) (Version: 9.04.31 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AVG Zen (HKLM\...\{50B62078-D231-46A3-BA7C-23DCFA0E6101}) (Version: 1.113.1 - AVG Technologies) Hidden
Avid Effects (HKLM-x32\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3.5 - Avid Technology, Inc.)
Bass Station 2.1 (HKLM-x32\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 2.1 - Novation)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bigasoft Total Video Converter 5.0.7.5732 (HKLM-x32\...\{A72CE741-1F32-4D79-BFFB-A714375C6750}_is1) (Version:  - Bigasoft Corporation)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Blue Cat's Chorus DX-x64 4.1 (HKLM\...\{A796F464-D341-4F89-A689-EA1B14E0FF10}) (Version: 4.1 - Blue Cat Audio)
Blue Cat's Flanger DX-x64 3.1 (HKLM\...\{E3EF0DE1-6BC7-49A0-8A58-6D6CEA4F7782}) (Version: 3.1 - Blue Cat Audio)
Blue Cat's Freeware Pack DX-x64 2.1 (HKLM\...\{A0F8413C-BB79-4fc2-8F90-4AC27DCE137A}) (Version: 2.1 - Blue Cat Audio)
Blue Cat's FreqAnalyst DX-x64 2.1 (HKLM\...\{80ED3E10-34F0-4980-B7D7-CB582A9C1DA8}) (Version: 2.1 - Blue Cat Audio)
Blue Cat's Gain Suite DX-x64 3.1 (HKLM\...\{EE76B1CC-95E1-4900-8168-DB2D235FD9B5}) (Version: 3.1 - Blue Cat Audio)
Blue Cat's Phaser DX-x64 3.1 (HKLM\...\{AF7A9E60-0E10-44A4-A6D1-EEBF73A2618F}) (Version: 3.1 - Blue Cat Audio)
Blue Cat's Triple EQ DX-x64 4.1 (HKLM\...\{483187CD-8C96-49A3-966D-E9A27511607B}) (Version: 4.1 - Blue Cat Audio)
calibre (HKLM-x32\...\{5A119A69-9ACD-4287-97FB-1EC30DE71459}) (Version: 2.31.0 - Kovid Goyal)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Combined Community Codec Pack 2012-12-30 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2012.12.30.0 - CCCP Project)
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0220 - Disc Soft Ltd)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2133 - Steinberg Media Technologies GmbH)
Epic Games Launcher (HKLM-x32\...\{B4734E9C-2F8F-4A28-8CFB-2796C55BB411}) (Version: 1.1.135.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Privacy Browser (HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\Epic Privacy Browser) (Version: 71.0.3578.98 - Epic)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.7.9 - Epubor Inc.)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2 - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
f.lux (HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\Flux) (Version:  - f.lux Software LLC)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
Fotogaléria (HKLM-x32\...\{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{1F0C818D-4A41-4E40-BAFB-BB940C82A518}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{E354D495-5DA4-4CCF-AB39-080F6A4141BE}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{9F470E17-4FC3-4091-A508-D5347A16A2B9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{DB7B6508-2AAB-4F26-99D4-74559A2F5E42}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{E50E3DBC-46AA-4827-B2A6-F995D81DF526}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.59.616 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.59.616 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.55.219 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.55.219 - DVDVideoSoft Ltd.)
Galeria de Fotografias (HKLM-x32\...\{F5E338CE-E1C6-4F7D-8300-44DBD05B9F14}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{446CC8CE-0E90-44F7-ADD0-774B243EF090}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IK Multimedia Authorization Manager version 1.0.11 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.11 - IK Multimedia)
iLike Android Data Recovery Pro version 1.8.8.8 (HKLM-x32\...\{iLikeAndroidRecovery}_is1) (Version: 1.8.8.8 - www.iLike-Share.com)
Instalación de DivX (HKLM-x32\...\DivX Setup) (Version: 2.8.0.18 - DivX, LLC)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3190 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{73250D12-B600-4ED6-AFC0-10D9D8EDA745}) (Version: 7.3.2 - Intel Corporation)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
iZotope Ozone 4 (HKLM-x32\...\iZotope Ozone 4_is1) (Version: 4.00 - iZotope, Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jihosoft Android Phone Recovery versión 8.3.4 (HKLM-x32\...\{698995E2-97BA-42BD-893A-DB51B408E36A}_is1) (Version: 8.3.4 - HONGKONG JIHO CO., LIMITED)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
License Support (HKLM\...\{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Medion Home Cinema 10 (HKLM-x32\...\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.2419 - CyberLink Corp.) Hidden
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Microsoft Office 365 Hogar Premium - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MKV Player 2.1.17 (HKLM-x32\...\MKV Player_is1) (Version:  - )
Movavi Video Editor 15 Plus (HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\Movavi Video Editor 15 Plus) (Version: 15.2.0 - Movavi)
Movie Maker (HKLM-x32\...\{03CC9D58-B132-4CC0-A521-4F3660AA43C7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{058EDEC8-1873-4B49-9A08-54ADE9CC129B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2AC4C6D7-512D-4B78-A85B-2C16E748AB8E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{306C7AEF-16C7-428D-93AA-99D4A4090243}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{36BEC461-B58A-414D-993E-E2BDD1F1A14B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{62BBCDDC-4979-4E59-9D97-5B8E874C3191}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{701FE1BC-834A-4857-AF62-6EBA50CFBC78}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{751EB657-3F22-4150-8CE4-D79A262F1D92}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{7E63F102-A9E9-4F4C-8004-BC62974736BF}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A035950F-15BA-41C0-9D8F-165FC0536012}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A17946CA-18E5-4CF0-8D55-A56D804718F8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A47EA9D4-BB87-415E-9239-28860434E5A0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{AE8044B5-FCA3-4EBE-AC78-0FB3A6E8DC76}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{BAD4B8FA-4BDA-4A59-BE64-9741031680C7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 66.0.5 (x64 es-ES) (HKLM\...\Mozilla Firefox 66.0.5 (x64 es-ES)) (Version: 66.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 -  Microsoft)
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{EFC97BC6-345A-4861-ACD5-0D3181252924}) (Version: 4.11.9775 - Apache Software Foundation)
Paquete de controladores de Logitech Webcam Software (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Paquete de controladores de Windows - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
Paquete de controladores de Windows - Realtek (RTL8168) Net  (01/07/2016 8.044.0107.2016) (HKLM\...\834172E01312463FAC0ED3672B248718A80C7D75) (Version: 01/07/2016 8.044.0107.2016 - Realtek)
Passware Kit Forensic 13.5 (32-bit) (HKLM-x32\...\{A7675596-D739-465F-8F2E-3761469AA30B}) (Version: 13.5.8557 - Passware)
PGP Keywords Packages (HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\PGP Keywords Packages) (Version:  - ) <==== ATTENTION
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Photoshop Cs6 versión Final (HKLM-x32\...\{5CF1F901-ED27-4C34-A9CE-A10E8C1DDDB2}_is1) (Version: Final - Braian Urzagaste)
Podstawowe programy Windows Live (HKLM-x32\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PreSonus Studio One 3 x64 (HKLM\...\PreSonus Studio One 3) (Version: 3.2.0.36707 - PreSonus Audio Electronics)
Price Meter (remove only) (HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\Price Meter) (Version: 1.0.5.8 - Price Meter) <==== ATTENTION
QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)
Raccolta foto (HKLM-x32\...\{D04EBB49-C985-4A38-8695-62000861293A}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7629 - Realtek Semiconductor Corp.)
Red 2 & Red 3 Plug-in Suite version 1.0 (HKLM\...\Red 2 & Red 3 Plug-in Suite_is1) (Version: 1.0 - Focusrite Audio Engineering Limited)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
ReWire (HKLM\...\{4481A621-E317-411C-8926-864AACDF509B}) (Version: 1.00.0000 - Waves)
Scarlett Plug-in Suite 1.7 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.7 - Focusrite)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.8.5 - IObit)
Smart Game Booster 4 (HKLM-x32\...\Smart Game Booster_is1) (Version: 4.0.0 - Smart Game Booster)
Softube Plug-Ins (VST AAX 64-bit) (HKLM\...\Softube Plug-Ins (VST AAX 64-bit)) (Version: 2.2.79 - Softube AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase LE AI Elements 7 (HKLM-x32\...\{5C73FC14-D3B1-45FC-A50C-7B41CB0D9DED}) (Version: 7.0.6 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB3141501) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{D7445990-15D2-466D-BA6D-588F28226F27}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3141501) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{D7445990-15D2-466D-BA6D-588F28226F27}) (Version:  - Microsoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net)
Valokuvavalikoima (HKLM-x32\...\{C32F4F5A-C9FB-427C-9F6F-9DB157611FFF}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WavePad, editor de audio (HKLM-x32\...\WavePad) (Version: 6.07 - NCH Software)
Waves Central V1.0.3.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}) (Version: 1.0.4 - Waves)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών (HKLM-x32\...\{A19A8C25-272A-4CD6-8BA8-3772321A021B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Packages:
=========
AccuWeather for Windows 8 -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_2.3.1.0_x64__8zz2pj9h1h1d8 [2014-01-07] (AccuWeather)
Adera - Lite -> C:\Program Files\WindowsApps\Microsoft.Adera-Lite_1.0.1.21664_x86__8wekyb3d8bbwe [2016-10-12] (Microsoft Studios)
Ashampoo ImageFX for Medion -> C:\Program Files\WindowsApps\AshampooMedion.AshampooImageFXforMedion_1.0.2.14_x64__g53hytncy48pj [2014-01-06] (Ashampoo GmbH &amp; Co. KG)
Bing -> C:\Program Files\WindowsApps\Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe [2014-01-06] (Microsoft Corporation)
Cámara -> C:\Program Files\WindowsApps\Microsoft.Camera_6.2.9200.20523_x64__8wekyb3d8bbwe [2014-01-06] (Microsoft Corporation)
Cyberlink PowerDVD_BE -> C:\Program Files\WindowsApps\CyberLinkCorp.me.PowerDVDforMedion_1.1.918.19562_x86__fyjd2029wheaw [2014-01-07] (CYBERLINK COM)
Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_2.0.0.273_x64__8wekyb3d8bbwe [2014-01-06] (Microsoft Corporation) [MS Ad]
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.2.5.5_neutral__1618n3s9xq8tw [2014-04-23] (eBay, Inc)
El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe [2014-01-07] (Microsoft Corporation) [MS Ad]
Facebook HD! -> C:\Program Files\WindowsApps\55667CoolStoreDevsPandora.FacebookHD_5.0.0.0_neutral__fsgj3pht8nmqt [2014-08-22] (YouTube Facebook Instagram Cool Store Devs)
Finanzas -> C:\Program Files\WindowsApps\Microsoft.BingFinance_2.0.0.275_x64__8wekyb3d8bbwe [2014-01-06] (Microsoft Corporation) [MS Ad]
Flow Free -> C:\Program Files\WindowsApps\BigDuckGamesLLC.Flow_1.5.0.1_neutral__1eenntbmr0etw [2014-01-08] (Big Duck Games LLC)
Fotos -> C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe [2014-08-22] (Microsoft Corporation)
Frase del día -> C:\Program Files\WindowsApps\GeneraldeSoftware.Frasedelda_1.0.0.2_neutral__y2224agvpsmh2 [2014-01-08] (General de Software)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_1.1.14192.1_x86__8wekyb3d8bbwe [2014-07-17] (Microsoft Corporation)
Jetpack Joyride -> C:\Program Files\WindowsApps\HalfbrickStudiosPtyLtd.JetpackJoyride_1.0.3.68_x86__w77bc8x1h5kya [2014-01-08] (Halfbrick Studios Pty Ltd)
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.3.10.0_x64__8wekyb3d8bbwe [2014-01-06] (Microsoft Corporation) [MS Ad]
Kaspersky Now -> C:\Program Files\WindowsApps\KasperskyLab.KasperskyNow_1.0.0.42_x64__8jx5e25qw3tdc [2014-01-06] (Kaspersky Lab)
Medion Mediathek -> C:\Program Files\WindowsApps\D305113D.MedionMediathek_1.0.0.11_neutral__ka6x32c4zxtnt [2014-01-07] (Tune In)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_1.6.4.30605_x86__8wekyb3d8bbwe [2017-06-17] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_1.6.4.30605_x86__8wekyb3d8bbwe [2014-01-06] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_1.6.4.30605_x86__8wekyb3d8bbwe [2016-10-12] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.1.1027.0_x64__a2t3txkz9j1jw [2014-08-10] (MAGIX)
Música -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_1.5.216.0_x64__8wekyb3d8bbwe [2014-01-07] (Microsoft Corporation) [MS Ad]
Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_2.0.0.308_x64__8wekyb3d8bbwe [2016-01-04] (Microsoft Corporation) [MS Ad]
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_16.4.4398.729_x64__8wekyb3d8bbwe [2014-08-10] (Microsoft Corporation)
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.6.0.594_x86__8wekyb3d8bbwe [2014-01-07] (Microsoft Studios)
Selección del explorador -> C:\Windows\BrowserChoice [2019-06-27] (Microsoft Corporation)
Shazam -> C:\Program Files\WindowsApps\ShazamEntertainmentLtd.Shazam_1.4.1.313_x64__pqbynwjfrbcg4 [2014-02-18] (Shazam Entertainment Ltd)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_1.9.0.2020_x86__kzf8qxf38zg5c [2014-07-23] (Skype) [MS Ad]
Stupid Zombies 2 -> C:\Program Files\WindowsApps\GameResort.StupidZombies2_1.0.0.7_x86__1126k6gxh47m2 [2014-01-08] (GameResort)
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_1.6.4.30605_x86__8wekyb3d8bbwe [2017-06-17] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_1.1.13.8_x64__wgeqdkkx372wm [2014-01-08] (Twitter Inc.)
Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_2.0.0.274_x64__8wekyb3d8bbwe [2014-01-06] (Microsoft Corporation) [MS Ad]
Vídeo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.909.0_x64__8wekyb3d8bbwe [2014-08-14] (Microsoft Corporation) [MS Ad]
WinZip -> C:\Program Files\WindowsApps\WinZipComputing.WinZip_1.3.0.216_x64__3ykzqggjzj4z0 [2014-01-08] (WinZip Computing)
Wordament -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_1.0.1.41_x86__8wekyb3d8bbwe [2017-10-18] (Microsoft Studios) [MS Ad]
YouNote -> C:\Program Files\WindowsApps\F508037F.YouNote_1.0.1505.1052_x86__7j1xgptdajq4j [2014-08-22] (CyberLink Corp.) [MS Ad]
YouTube VideoDownloader -> C:\Program Files\WindowsApps\4338Epic94.YouTubeVideoDownloader_1.0.0.17_neutral__kb484z24cq2j2 [2014-01-08] (EpicApplications)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1266114530-2428623587-741228877-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1266114530-2428623587-741228877-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1266114530-2428623587-741228877-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1266114530-2428623587-741228877-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1266114530-2428623587-741228877-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1266114530-2428623587-741228877-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-03-20] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2013-11-05] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\MenuExt64.dll [2016-12-06] (Xu Jing -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-03-20] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2013-11-05] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers4: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\MenuExt64.dll [2016-12-06] (Xu Jing -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2013-11-05] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\MenuExt64.dll [2016-12-06] (Xu Jing -> )
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-12] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Kevin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2019-06-13 03:24 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-10-19 01:29 - 2017-10-19 01:29 - 000024576 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\191cccca53af603f41564a8b3d0f7df2\IAStorCommon.ni.dll
2017-10-19 01:29 - 2017-10-19 01:29 - 000362496 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\9ab6437d3d6da50c239834bc31989de8\IAStorUtil.ni.dll
2017-10-19 01:29 - 2017-10-19 01:29 - 000026624 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\6a6442d2a4d394b9be75509c3eb80eed\IAStorDataMgrSvcInterfaces.ni.dll
2012-05-18 02:23 - 2012-05-18 02:23 - 002938880 _____ (PACE Anti-Piracy, Inc.) [File not signed] C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:7F48C535 [286]
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9 [150]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4789 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-07-01 16:07 - 2019-07-01 16:07 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


2014-01-06 20:40 - 2014-03-18 19:18 - 000000431 _____ C:\Windows\system32\drivers\etc\hosts.ics

192.168.1.33 Bk.mshome.net # 2019 3 0 17 18 18 14 782

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%INTEL_DEV_REDIST%redist\ia32\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-1266114530-2428623587-741228877-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kevin\AppData\Roaming\Microsoft\Windows Photo Viewer\Papel tapiz de Visualizador de fotos de Windows.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: AppLauncher => c:\program files (x86)\ashampoo\ashampoo applauncher\applauncher.exe
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "vProt"
HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\StartupApproved\StartupFolder: => "ZenMate.bat"
HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\StartupApproved\Run: => "AppLauncher"
HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1266114530-2428623587-741228877-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

solidsnake · 8 Julio, 2019 17:43

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B87A6DD8-00CF-4968-A42F-510BD676044F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EFF69036-13B4-4247-8D94-0FE3AC592DD7}] => (Allow) LPort=2869
FirewallRules: [{09131335-7EB0-4522-A728-F63792921814}] => (Allow) LPort=1900
FirewallRules: [{034EE8E7-6952-4E1E-8ECD-31AD3E340374}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp.) [File not signed]
FirewallRules: [{01C375E4-E5B6-4A0C-98CE-3ECAAB18A486}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp.) [File not signed]
FirewallRules: [{C0A7CC1B-3A3A-457F-9DCE-5D0CD64D0F79}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) [File not signed]
FirewallRules: [{900AD4F5-1E1F-4DB9-9AC4-8E77AAAB0489}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe (CyberLink) [File not signed]
FirewallRules: [{03AA1BD1-99F3-4FDF-A215-0E46FF9D0162}] => (Allow) C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D1B4866C-A7BD-436F-9EA0-C5D33C1A8E28}] => (Allow) C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{61D0F77B-35B4-4BF8-89FA-EA7FBBAD98A8}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{27D3B320-328D-4718-9870-540876B09F8C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{C4E87A53-9B1F-4B7D-BB3A-6E3E69A32CAF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A3196110-03E3-44DA-9CB6-73C217729D50}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C1A8666F-4C0F-4309-B8B8-695365DB0BDE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6247A3EC-D0A7-4EE1-B167-766CD65A79AA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{133E2BFB-D68F-4278-A15C-1606F6A73B24}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B5708204-2FAF-41FB-93CF-4ADC49C47C61}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FBA12AEE-8152-4C7A-B159-360152F79C42}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A20D0F5B-E8AE-46CA-B2BC-FD37723F1D32}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2EB72187-B0F8-478E-B506-AFCF054871A7}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{745E0AE6-E348-46BB-935A-5617EA523E54}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5DCF57B5-8872-4BBF-BC30-4EACBB67878D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{4BA6ABE9-B4CF-480E-877C-75BEA11C26C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{7AB5FD85-C51C-4D2A-8B98-3CAA73D70C59}] => (Allow) LPort=10777
FirewallRules: [{ADECE30A-FD17-46EA-B3BF-FCCCF3401066}] => (Allow) LPort=11555
FirewallRules: [{8A7697DD-237D-4AB7-AE1E-0E21CA11D416}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5E78B790-4846-41E4-B61B-FC2DFCE44CAE}] => (Allow) C:\Users\Kevin\AppData\Local\Epic Privacy Browser\Application\epic.exe (Hidden Reflex Authors) [File not signed]

==================== Restore Points =========================

22-06-2019 02:34:31 Revo Uninstaller's restore point - Malwarebytes Anti-Malware versione 2.2.1.1043
27-06-2019 12:55:05 UnHackMe Malware Removal
27-06-2019 13:08:46 Revo Uninstaller's restore point - Spotify
29-06-2019 00:33:07 Revo Uninstaller's restore point - Spotify
30-06-2019 04:27:40 Revo Uninstaller's restore point - UnHackMe 9.70
30-06-2019 04:31:57 Revo Uninstaller's restore point - Trojan Remover 6.9.4
03-07-2019 01:25:25 Revo Uninstaller's restore point - Spotify
05-07-2019 05:50:07 Revo Uninstaller's restore point - Spotify
08-07-2019 14:59:35 Revo Uninstaller's restore point - Spotify
08-07-2019 15:47:11 Revo Uninstaller's restore point - Avast Free Antivirus
08-07-2019 18:26:59 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: EMTEC C410
Description: USB DISK 2.0    
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer:         
Service: WUDFWpdFs
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/08/2019 06:31:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\Applications\GTR 3.5.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" en la línea 8.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
La definición es WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (07/08/2019 06:31:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\Applications\Element App.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" en la línea 8.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
La definición es WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (07/08/2019 06:31:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Waves\Applications\CODEX App.exe". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" en la línea 8.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
La definición es WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (07/08/2019 06:29:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: LVPrcSrv.exe, versión: 12.10.1110.0, marca de tiempo: 0x4acc50c4
Nombre del módulo con errores: LVPrcSrv.exe, versión: 12.10.1110.0, marca de tiempo: 0x4acc50c4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000007af2
Identificador del proceso con errores: 0x7a4
Hora de inicio de la aplicación con errores: 0x01d535b11675c672
Ruta de acceso de la aplicación con errores: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
Ruta de acceso del módulo con errores: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
Identificador del informe: ef4cdf8d-a1a5-11e9-8681-7427ea482659
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/08/2019 06:26:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina ConvertStringSidToSid(S-1-5-21-1266114530-2428623587-741228877-1002.bak). HR = 0x80070539, La estructura del identificador de seguridad no es válida.
.


Operación:
   Evento OnIdentify
   Recopilando datos del escritor

Contexto:
   Contexto de ejecución: Shadow Copy Optimization Writer
   Id. de clase del escritor: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nombre del escritor: Shadow Copy Optimization Writer
   Id. de instancia del escritor: {e2edf333-2803-4a4b-a80f-3e603aa9d0a7}

Error: (07/08/2019 06:21:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 11.7.0.1013, marca de tiempo: 0x50aa9310
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.2.9200.17366, marca de tiempo: 0x554d16f6
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x00010192
Identificador del proceso con errores: 0xda8
Hora de inicio de la aplicación con errores: 0x01d535b17017458e
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\KERNELBASE.dll
Identificador del informe: c169266e-a1a4-11e9-8681-7427ea482659
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/08/2019 06:21:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: IAStorDataMgrSvc.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.FormatException
Pila:
   en System.Text.StringBuilder.AppendFormat(System.IFormatProvider, System.String, System.Object[])
   en System.String.Format(System.IFormatProvider, System.String, System.Object[])
   en IAStorDataMgr.EventRelay.formatStrings(System.String, System.Object[])
   en IAStorDataMgr.EventRelay.translateEventType(IAStorUtil.Events.DiskEventArgs, IAStorUtil.LogLevel)
   en IAStorDataMgr.EventRelay.SDM_ComprehensiveHandler(System.Object, IAStorUtil.Events.ComprehensiveEventArgs)
   en IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   en IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   en IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   en System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   en System.Threading.ThreadPoolWorkQueue.Dispatch()
   en System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (07/08/2019 06:21:01 PM) (Source: IAStorDataMgrSvc) (EventID: 7001) (User: )
Description: Internal program error:  missing resource string DM_1_0_7


System errors:
=============
Error: (07/08/2019 06:29:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Process Monitor se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (07/08/2019 06:21:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Rapid Storage Technology se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (07/08/2019 06:18:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio RHDISK_AMD64 no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (07/08/2019 06:18:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de Microsoft Office no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (07/08/2019 06:18:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de Microsoft Office.

Error: (07/08/2019 06:17:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office se cerró con el siguiente error: 
%%30038

Error: (07/08/2019 06:17:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio AVG Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (07/08/2019 06:17:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio AVG Service.


CodeIntegrity:
===================================

Date: 2019-06-27 02:34:07.783
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Kevin\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-27 02:34:07.532
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Kevin\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-27 02:34:02.360
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Kevin\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-25 21:04:22.203
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. H61LMW08.115 01/24/2013
Motherboard: MEDION H61H2-LM3
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 34%
Total physical RAM: 8072.77 MB
Available physical RAM: 5254.73 MB
Total Virtual: 16264.77 MB
Available Virtual: 13321.01 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:404.05 GB) (Free:3.53 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:34.76 GB) NTFS
Drive h: (EMTEC C410) (Removable) (Total:14.45 GB) (Free:4.42 GB) FAT32

\\?\Volume{28093404-c710-4e21-8095-578ed04ea020}\ () (Fixed) (Total:0.49 GB) (Free:0.14 GB) NTFS
\\?\Volume{da7f5fb2-be2e-11e6-8311-7427ea482659}\ () (CDROM) (Total:0 GB) (Free:0 GB) 
\\?\Volume{23e389d5-be57-11e6-8313-7427ea482659}\ () (CDROM) (Total:0 GB) (Free:0 GB) 
\\?\Volume{17211029-a003-11e9-867a-7427ea482659}\ () (CDROM) (Total:0 GB) (Free:0 GB) 

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.5 GB) (Disk ID: 0EE2E3D3)
Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0C)

==================== End of Addition.txt ============================

Espero que sea suficiente con eso, sino espero instrucciones.Gracias otra vez.

solidsnake · 8 Julio, 2019 17:45

Me cago en la ostia, no leí esta parte… Bffffff, ¿No hay nada que se pueda hacer con eso entonces?

JavierHF · 8 Julio, 2019 21:28

Hola.

No te preocupes, no hay problema, se indican estos pasos para una mejor realización pero YA lo hiciste de esa manera y puedes seguir así.

Te falta por poner el informe de FRST.txt que solo pusiste tres líneas y las borre para que lo pongas en tu próxima respuesta completo.

Saludos.