Mi equipo (windows 7) reacciona tardisimo a clicks del raton y teclado

Mi equipo tarda muchísimo en reaccionar a los clicks y entradas del teclado. La instalación que tiene es muy simple, windows y office 365. Lo noto mucho en las actualizaciones de windows, se queda como colgado y solo hace eso. Pero pasa también con muchas otras cosas. No hay procesos en marcha. Cuando luego reacciona, lo hace bien y rápido, pero la mayoria de las veces exaspera porque no tarda mucho en responder al raton.

No parece un virus o malware, espero sus sugerencias.

Un saludo,

Las características de mi equipo: Procesador AMD Athlom ™ II X3 450 Processor 3.20 GHz 8 Gb de Ram, sistema de 64 bits, con windows 7 Reinstalado con windows original con un office 365 y poca cosa más Microsoft Security Essentials como antivirus. Sistema actualizado

Buenas @sarthas bienvenido al Foro.

Lo primero que debemos hacer es verificar si tienes infecciones en tu equipo, y luego ya veremos SI los problemas pueden ser causados por algún otro problema. :thinking:

Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 12/8/19
Hora del análisis: 19:32
Archivo de registro: 33c3398c-bd27-11e9-93a2-94de80b15a2a.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11962
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Homeland-PC\Homeland

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 223465
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 1 min, 12 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 12/8/19
Hora del análisis: 19:35
Archivo de registro: 8f9beccc-bd27-11e9-b3a4-94de80b15a2a.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11962
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Homeland-PC\Homeland

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 222051
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 24 min, 1 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-12-2019
# Duration: 00:00:10
# OS:       Windows 7 Professional
# Scanned:  35810
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64 
Ran by Homeland (Administrator) on 12/08/2019 at 20:13:51,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 24 

Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4HFSI25W (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\71UWO36R (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7CKY3RDN (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91A98GEA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1QB7YRG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BL8R1FRR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JSRIGPTX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Homeland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZDPV3XFI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4HFSI25W (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\71UWO36R (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7CKY3RDN (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91A98GEA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1QB7YRG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BL8R1FRR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JSRIGPTX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZDPV3XFI (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/08/2019 at 20:15:31,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-08-2019
Ran by Homeland (administrator) on HOMELAND-PC (Gigabyte Technology Co., Ltd. GA-78LMT-USB3) (13-08-2019 20:16:55)
Running from C:\Users\Homeland\Desktop
Loaded Profiles: Homeland (Available Profiles: Homeland)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VIA Technologies Inc. -> VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4992048 2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2574219661-3389331217-2455714101-1000\...\MountPoints2: {6b72f46c-5dc9-11e9-8736-94de80b15a2a} - F:\setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{66B72878-B3D8-44B9-8944-4073FB14208E}] -> "C:\Program Files (x86)\Thomson Reuters\Eikon\Eikon.exe" -registeroffice

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1963447C-163D-464C-AB7F-B018EB7AF76C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CB94249-1845-4618-94A7-E37076E5CD3C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {64850E31-A16F-462A-A914-350FF878FAD3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-12] (Google Inc -> Google LLC)
Task: {77D39908-1B97-45C5-8867-0176BF792758} - System32\Tasks\AdobeGCInvoker-1.0-Homeland-PC-Homeland => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {791D1846-8697-42A5-827E-F5F0DB36649C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-12] (Google Inc -> Google LLC)
Task: {92920B11-0086-42FE-A79F-88813C9371E2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A1CBFFE3-0A61-41BE-AD1E-9FC6E6FEC4C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B33737E3-EC6E-4065-A59B-058B1C1AEF6F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B86FC111-CBDF-41AF-B622-ACBF7C29F279} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C68034CF-39EE-4295-84B8-486E2E40B60F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {E127291C-5F69-44E7-A792-68684CBF8670} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.81.16.213 62.81.16.148
Tcpip\..\Interfaces\{2DCFD06D-C08E-41EC-840E-5548B2B33C6E}: [DhcpNameServer] 62.81.16.213 62.81.16.148

Internet Explorer:
==================
HKU\S-1-5-21-2574219661-3389331217-2455714101-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.es/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2019-05-24] (Microsoft Corporation -> Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-12] (Google Inc -> Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-07-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-07-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-12] (Google Inc -> Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-07-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-07-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-12] (Google Inc -> Google Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-07-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-12] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-07-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2574219661-3389331217-2455714101-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-12] (Google Inc -> Google Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-18] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-18] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Homeland\AppData\Local\Google\Chrome\User Data\Default [2019-08-12]
CHR Extension: (YouTube) - C:\Users\Homeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Homeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-26]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Homeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-12]
CHR Extension: (Gmail) - C:\Users\Homeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-12]
CHR Extension: (Chrome Media Router) - C:\Users\Homeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [257024 2015-09-11] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21633552 2015-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [673808 2015-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] (Giga-Byte Technology -> )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [2206352 2012-08-03] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [231112 2013-01-03] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [301256 2013-01-03] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-13 20:15 - 2019-08-13 20:15 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2019-08-12 20:49 - 2019-08-12 20:52 - 496899688 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.620].avi
2019-08-12 20:48 - 2019-08-12 20:52 - 557110656 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.621].avi
2019-08-12 20:46 - 2019-08-12 20:49 - 508651242 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.619].avi
2019-08-12 20:45 - 2019-08-12 20:50 - 508991408 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.618].avi
2019-08-12 20:45 - 2019-08-12 20:49 - 508956346 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.617].avi
2019-08-12 20:43 - 2019-08-12 20:48 - 508988898 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.614].avi
2019-08-12 20:43 - 2019-08-12 20:47 - 509080658 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.615].avi
2019-08-12 20:43 - 2019-08-12 20:46 - 508940716 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.616].avi
2019-08-12 20:43 - 2019-08-12 20:45 - 509127606 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.613].avi
2019-08-12 20:43 - 2019-08-12 20:45 - 507291618 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.612].avi
2019-08-12 20:42 - 2019-08-12 20:42 - 000045903 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.621.avi.torrent
2019-08-12 20:42 - 2019-08-12 20:42 - 000042223 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.618.avi.torrent
2019-08-12 20:42 - 2019-08-12 20:42 - 000042223 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.617.avi.torrent
2019-08-12 20:42 - 2019-08-12 20:42 - 000042203 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.619.avi.torrent
2019-08-12 20:42 - 2019-08-12 20:42 - 000041303 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.620.avi.torrent
2019-08-12 20:41 - 2019-08-12 20:41 - 000042675 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.615.avi.torrent
2019-08-12 20:41 - 2019-08-12 20:41 - 000042243 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.613.avi.torrent
2019-08-12 20:41 - 2019-08-12 20:41 - 000042223 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.616.avi.torrent
2019-08-12 20:41 - 2019-08-12 20:41 - 000042223 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.614.avi.torrent
2019-08-12 20:41 - 2019-08-12 20:41 - 000042103 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.612.avi.torrent
2019-08-12 20:41 - 2019-08-12 20:41 - 000042103 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.612.avi (1).torrent
2019-08-12 20:40 - 2019-08-12 20:43 - 508750982 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.609].avi
2019-08-12 20:40 - 2019-08-12 20:43 - 503718268 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.611].avi
2019-08-12 20:39 - 2019-08-12 20:43 - 509124432 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.610].avi
2019-08-12 20:38 - 2019-08-12 20:43 - 508869134 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.606][www.divxtotal3.net].avi
2019-08-12 20:38 - 2019-08-12 20:42 - 508944270 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.608].avi
2019-08-12 20:37 - 2019-08-12 20:40 - 508476784 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.607][www.divxtotal3.net].avi
2019-08-12 20:34 - 2019-08-12 20:40 - 503745460 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.602][www.divxtotal3.net].avi
2019-08-12 20:34 - 2019-08-12 20:39 - 509178856 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.601][www.divxtotal3.net].avi
2019-08-12 20:34 - 2019-08-12 20:38 - 508372174 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.604][www.divxtotal3.net].avi
2019-08-12 20:34 - 2019-08-12 20:37 - 508739656 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.603][www.divxtotal3.net].avi
2019-08-12 20:34 - 2019-08-12 20:36 - 509229490 ____R C:\Users\Homeland\Downloads\The Blacklist - Temporada 6 [HDTV][Cap.605][www.divxtotal3.net].avi
2019-08-12 20:34 - 2019-08-12 20:34 - 000042492 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.603www.divxtotal3.net_.avi (1).torrent
2019-08-12 20:34 - 2019-08-12 20:34 - 000042243 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.610.avi.torrent
2019-08-12 20:34 - 2019-08-12 20:34 - 000042243 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.606www.divxtotal3.net_.avi.torrent
2019-08-12 20:34 - 2019-08-12 20:34 - 000042223 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.608.avi.torrent
2019-08-12 20:34 - 2019-08-12 20:34 - 000042203 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.609.avi.torrent
2019-08-12 20:34 - 2019-08-12 20:34 - 000042203 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.609.avi (1).torrent
2019-08-12 20:34 - 2019-08-12 20:34 - 000042203 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.607www.divxtotal3.net_.avi.torrent
2019-08-12 20:34 - 2019-08-12 20:34 - 000042112 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.602www.divxtotal3.net_.avi (1).torrent
2019-08-12 20:34 - 2019-08-12 20:34 - 000041823 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.611.avi.torrent
2019-08-12 20:33 - 2019-08-12 20:55 - 000000000 ____D C:\Users\Homeland\AppData\LocalLow\uTorrent
2019-08-12 20:33 - 2019-08-12 20:33 - 000042715 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.605www.divxtotal3.net_.avi.torrent
2019-08-12 20:33 - 2019-08-12 20:33 - 000042532 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.601www.divxtotal3.net_.avi.torrent
2019-08-12 20:33 - 2019-08-12 20:33 - 000042492 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.603www.divxtotal3.net_.avi.torrent
2019-08-12 20:33 - 2019-08-12 20:33 - 000042472 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.604www.divxtotal3.net_.avi.torrent
2019-08-12 20:33 - 2019-08-12 20:33 - 000042112 _____ C:\Users\Homeland\Downloads\The-Blacklist-Temporada-6-HDTVCap.602www.divxtotal3.net_.avi.torrent
2019-08-12 20:27 - 2019-08-12 20:27 - 000000000 ____D C:\ProgramData\d5bdbdf0
2019-08-12 20:22 - 2019-08-12 20:22 - 000000000 ____D C:\ProgramData\GdJHuS
2019-08-12 20:18 - 2019-08-12 20:18 - 000020404 _____ C:\Users\Homeland\Desktop\Addition.txt
2019-08-12 20:16 - 2019-08-13 20:18 - 000017821 _____ C:\Users\Homeland\Desktop\FRST.txt
2019-08-12 20:15 - 2019-08-13 20:16 - 000000000 ____D C:\FRST
2019-08-12 20:15 - 2019-08-12 20:15 - 000004530 _____ C:\Users\Homeland\Desktop\JRT.txt
2019-08-12 20:13 - 2019-08-12 20:12 - 000001333 _____ C:\Users\Homeland\Desktop\AdwCleaner[S00].txt
2019-08-12 20:09 - 2019-08-12 20:12 - 000000000 ____D C:\AdwCleaner
2019-08-12 20:09 - 2019-08-12 20:09 - 000001546 _____ C:\Users\Homeland\Desktop\Analisis Personalizado.txt
2019-08-12 20:06 - 2019-08-12 20:06 - 000001544 _____ C:\Users\Homeland\Desktop\Analisis Amenazas.txt
2019-08-12 19:23 - 2019-08-12 19:23 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-12 19:23 - 2019-08-12 19:23 - 000000000 ____D C:\Users\Homeland\AppData\Local\mbamtray
2019-08-12 19:23 - 2019-08-12 19:23 - 000000000 ____D C:\Users\Homeland\AppData\Local\mbam
2019-08-12 19:23 - 2019-08-12 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-12 19:23 - 2019-08-12 19:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-12 19:23 - 2019-08-12 19:23 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-12 19:23 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-08-12 19:21 - 2019-08-12 19:21 - 000000914 _____ C:\Users\Public\Desktop\XMedia Recode 64bit.lnk
2019-08-12 19:21 - 2019-08-12 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 64bit
2019-08-12 19:20 - 2019-08-12 19:20 - 000034876 _____ C:\Users\Homeland\Documents\cc_20190812_192035.reg
2019-08-12 19:17 - 2019-08-12 20:19 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-08-12 19:17 - 2019-08-12 19:17 - 000002820 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-08-12 19:17 - 2019-08-12 19:17 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-08-12 19:17 - 2019-08-12 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-08-12 19:17 - 2019-08-12 19:17 - 000000000 ____D C:\Program Files\CCleaner
2019-08-12 18:42 - 2019-08-12 18:42 - 000000000 ____D C:\Users\Homeland\Documents\Plantillas personalizadas de Office
2019-08-12 18:41 - 2019-08-12 18:41 - 002097664 _____ (Farbar) C:\Users\Homeland\Desktop\FRST64.exe
2019-08-12 18:38 - 2019-08-12 18:38 - 001790024 _____ (Malwarebytes) C:\Users\Homeland\Desktop\JRT.exe
2019-08-12 18:37 - 2019-08-12 18:37 - 007623880 _____ (Malwarebytes) C:\Users\Homeland\Downloads\adwcleaner_7.4.exe
2019-08-12 18:37 - 2019-08-12 18:37 - 007623880 _____ (Malwarebytes) C:\Users\Homeland\Desktop\adwcleaner_7.4.exe
2019-08-12 18:36 - 2019-08-12 18:36 - 064988544 _____ (Malwarebytes ) C:\Users\Homeland\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11962.exe
2019-08-12 18:36 - 2019-08-07 13:34 - 015331746 _____ (XMedia Recode 64bit ) C:\Users\Homeland\Downloads\XMediaRecode3474_x64_setup.exe
2019-08-12 18:32 - 2019-08-12 18:32 - 020638704 _____ (Piriform Software Ltd) C:\Users\Homeland\Desktop\ccsetup558.exe
2019-08-12 09:18 - 2019-08-12 20:57 - 000000000 ____D C:\Users\Homeland\Documents\FOTOS
2019-08-10 10:15 - 2019-08-10 10:34 - 3841982464 _____ C:\Users\Homeland\Downloads\debian-10.0.0-amd64-DVD-1.iso
2019-08-10 10:09 - 2019-08-10 10:24 - 000000000 ____D C:\Users\Homeland\Documents\AIDA64 Reports
2019-08-10 09:58 - 2019-08-10 10:40 - 000000000 ____D C:\Users\Homeland\AppData\Roaming\dvdcss
2019-08-10 09:54 - 2019-08-10 09:54 - 000000000 ____D C:\Users\Homeland\AppData\Roaming\AMD
2019-08-10 09:43 - 2019-08-10 09:43 - 000001186 _____ C:\Users\Homeland\Desktop\AIDA64 Engineer.lnk
2019-08-10 09:43 - 2019-08-10 09:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2019-08-10 09:43 - 2019-08-10 09:43 - 000000000 ____D C:\Program Files (x86)\FinalWire
2019-08-10 09:42 - 2019-08-10 09:42 - 045749512 _____ (FinalWire Ltd. ) C:\Users\Homeland\Downloads\aida64engineer600.exe
2019-08-09 20:33 - 2019-08-12 19:21 - 000000000 ____D C:\Program Files\XMedia Recode 64bit
2019-08-07 13:37 - 2019-08-07 13:37 - 000000000 ____D C:\Users\Homeland\AppData\Roaming\XMedia Recode
2019-08-07 12:47 - 2019-08-07 12:53 - 000000000 ____D C:\Users\Homeland\Documents\DVDFab
2019-08-07 12:47 - 2019-08-07 12:47 - 000001020 _____ C:\Users\Homeland\Desktop\DVDFab 8 Qt.lnk
2019-08-07 12:47 - 2019-08-07 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt
2019-08-07 12:47 - 2019-08-07 12:47 - 000000000 ____D C:\ProgramData\dvdfab
2019-08-07 12:46 - 2019-08-07 12:47 - 000000000 ____D C:\Program Files (x86)\DVDFab 8 Qt
2019-08-03 09:16 - 2019-08-03 09:16 - 000000000 ____D C:\Users\Homeland\AppData\Roaming\WinRAR
2019-08-03 09:14 - 2019-08-03 09:15 - 000000000 ____D C:\Users\Homeland\Documents\C1 EOI 2017
2019-07-28 23:47 - 2019-07-28 23:47 - 000000000 ____D C:\Users\Homeland\AppData\Local\Thomson Reuters
2019-07-28 23:47 - 2019-07-28 23:47 - 000000000 ____D C:\ProgramData\Thomson Reuters
2019-07-22 08:31 - 2019-07-22 08:31 - 000000000 ____D C:\Users\Homeland\AppData\Local\IsolatedStorage
2019-07-21 21:01 - 2019-06-20 10:15 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-07-21 21:01 - 2019-06-18 06:21 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-07-21 21:01 - 2019-06-18 06:07 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-07-21 21:01 - 2019-06-18 05:56 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-07-21 21:01 - 2019-06-18 05:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-07-21 21:01 - 2019-06-18 05:48 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-07-21 21:01 - 2019-06-18 05:39 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-07-21 21:01 - 2019-06-18 05:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-07-21 21:01 - 2019-06-18 05:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-07-21 21:01 - 2019-06-18 05:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-07-21 21:01 - 2019-06-18 05:20 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-07-21 21:01 - 2019-06-18 05:16 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-07-21 21:01 - 2019-06-18 05:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-07-21 21:01 - 2019-06-18 05:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-07-21 21:01 - 2019-06-18 05:13 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-07-21 21:01 - 2019-06-18 05:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-07-21 21:01 - 2019-06-18 04:41 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-07-21 21:01 - 2019-06-12 17:21 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-07-21 21:01 - 2019-06-12 17:21 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-07-21 21:01 - 2019-06-12 17:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-07-21 21:01 - 2019-06-12 17:21 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-21 21:01 - 2019-06-12 17:21 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-07-21 21:01 - 2019-06-12 17:21 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-07-21 21:01 - 2019-06-12 17:21 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-07-21 21:01 - 2019-06-12 17:20 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:11 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-07-21 21:01 - 2019-06-12 17:08 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-07-21 21:01 - 2019-06-12 17:08 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-07-21 21:01 - 2019-06-12 17:08 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-07-21 21:01 - 2019-06-12 17:08 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-07-21 21:01 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-07-21 21:01 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-07-21 21:01 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-07-21 21:01 - 2019-06-12 17:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-07-21 21:01 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 17:04 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-07-21 21:01 - 2019-06-12 16:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-07-21 21:01 - 2019-06-12 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-07-21 21:01 - 2019-06-12 16:48 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-07-21 21:01 - 2019-06-12 16:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-07-21 21:01 - 2019-06-12 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-07-21 21:01 - 2019-06-12 16:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-07-21 21:01 - 2019-06-12 16:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-07-21 21:01 - 2019-06-12 16:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-07-21 21:01 - 2019-06-12 16:36 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-21 21:01 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-07-21 21:01 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-07-21 21:01 - 2019-06-09 17:08 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-07-21 21:01 - 2019-06-04 01:11 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-07-21 21:01 - 2019-06-04 01:11 - 000474112 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-07-21 21:01 - 2019-06-04 01:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-07-21 21:01 - 2019-05-25 01:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-07-21 21:01 - 2019-05-09 17:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-07-21 21:01 - 2019-05-09 17:07 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-07-21 21:01 - 2019-04-09 17:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-07-21 21:01 - 2019-04-09 17:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-07-21 21:01 - 2019-04-09 17:05 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-07-21 21:01 - 2019-04-09 17:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2019-07-21 21:01 - 2019-04-09 17:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-07-21 21:01 - 2019-04-09 16:52 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-07-21 21:01 - 2019-04-09 16:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-07-21 21:01 - 2019-04-09 16:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-07-21 21:01 - 2019-04-09 16:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-07-21 21:00 - 2019-06-28 07:24 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-21 21:00 - 2019-06-21 05:09 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-07-21 21:00 - 2019-06-21 05:05 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-07-21 21:00 - 2019-06-21 04:44 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-07-21 21:00 - 2019-06-21 03:41 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-21 21:00 - 2019-06-20 11:11 - 000396896 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-07-21 21:00 - 2019-06-18 08:41 - 001649664 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-21 21:00 - 2019-06-18 06:34 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-07-21 21:00 - 2019-06-18 06:21 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-07-21 21:00 - 2019-06-18 06:09 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-07-21 21:00 - 2019-06-18 06:08 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-07-21 21:00 - 2019-06-18 06:07 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-07-21 21:00 - 2019-06-18 06:07 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-07-21 21:00 - 2019-06-18 06:07 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-07-21 21:00 - 2019-06-18 06:00 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-07-21 21:00 - 2019-06-18 05:59 - 005775872 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-07-21 21:00 - 2019-06-18 05:59 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-07-21 21:00 - 2019-06-18 05:57 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-07-21 21:00 - 2019-06-18 05:56 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-07-21 21:00 - 2019-06-18 05:56 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-07-21 21:00 - 2019-06-18 05:56 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-07-21 21:00 - 2019-06-18 05:55 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-07-21 21:00 - 2019-06-18 05:45 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-07-21 21:00 - 2019-06-18 05:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-07-21 21:00 - 2019-06-18 05:39 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-07-21 21:00 - 2019-06-18 05:38 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-07-21 21:00 - 2019-06-18 05:38 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-07-21 21:00 - 2019-06-18 05:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-07-21 21:00 - 2019-06-18 05:35 - 002297344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-07-21 21:00 - 2019-06-18 05:35 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-07-21 21:00 - 2019-06-18 05:34 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-07-21 21:00 - 2019-06-18 05:32 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-07-21 21:00 - 2019-06-18 05:32 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-07-21 21:00 - 2019-06-18 05:30 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-07-21 21:00 - 2019-06-18 05:30 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-07-21 21:00 - 2019-06-18 05:29 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-07-21 21:00 - 2019-06-18 05:29 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-07-21 21:00 - 2019-06-18 05:29 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-07-21 21:00 - 2019-06-18 05:21 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-07-21 21:00 - 2019-06-18 05:21 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-07-21 21:00 - 2019-06-18 05:20 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-07-21 21:00 - 2019-06-18 05:19 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-07-21 21:00 - 2019-06-18 05:17 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-07-21 21:00 - 2019-06-18 05:17 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-07-21 21:00 - 2019-06-18 05:13 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-07-21 21:00 - 2019-06-18 05:11 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-07-21 21:00 - 2019-06-18 05:07 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-07-21 21:00 - 2019-06-18 05:06 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-07-21 21:00 - 2019-06-18 05:04 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-07-21 21:00 - 2019-06-18 05:03 - 013706752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-07-21 21:00 - 2019-06-18 05:03 - 002060288 _____ (Microsoft Corporation)

C:\Windows\SysWOW64\inetcpl.cpl
2019-07-21 21:00 - 2019-06-18 05:03 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-07-21 21:00 - 2019-06-18 05:02 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-07-21 21:00 - 2019-06-18 04:55 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-07-21 21:00 - 2019-06-18 04:44 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-07-21 21:00 - 2019-06-18 04:43 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-07-21 21:00 - 2019-06-18 04:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-07-21 21:00 - 2019-06-13 05:25 - 000160488 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-21 21:00 - 2019-06-13 05:21 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-21 21:00 - 2019-06-12 17:23 - 004057320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-07-21 21:00 - 2019-06-12 17:23 - 003964136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-07-21 21:00 - 2019-06-12 17:22 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-07-21 21:00 - 2019-06-12 17:21 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-07-21 21:00 - 2019-06-12 17:21 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-07-21 21:00 - 2019-06-12 17:21 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-07-21 21:00 - 2019-06-12 17:21 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-07-21 21:00 - 2019-06-12 17:20 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-07-21 21:00 - 2019-06-12 17:20 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-07-21 21:00 - 2019-06-12 17:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-07-21 21:00 - 2019-06-12 17:20 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-07-21 21:00 - 2019-06-12 17:20 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-07-21 21:00 - 2019-06-12 17:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-07-21 21:00 - 2019-06-12 17:20 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-07-21 21:00 - 2019-06-12 17:20 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-07-21 21:00 - 2019-06-12 17:19 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-07-21 21:00 - 2019-06-12 17:19 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-07-21 21:00 - 2019-06-12 17:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-07-21 21:00 - 2019-06-12 17:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-07-21 21:00 - 2019-06-12 17:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-07-21 21:00 - 2019-06-12 17:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-07-21 21:00 - 2019-06-12 17:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-07-21 21:00 - 2019-06-12 17:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-07-21 21:00 - 2019-06-12 17:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-07-21 21:00 - 2019-06-12 17:15 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-21 21:00 - 2019-06-12 17:11 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-21 21:00 - 2019-06-12 17:11 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-07-21 21:00 - 2019-06-12 17:11 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-07-21 21:00 - 2019-06-12 17:10 - 005550824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-21 21:00 - 2019-06-12 17:10 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-07-21 21:00 - 2019-06-12 17:09 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-21 21:00 - 2019-06-12 17:08 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-07-21 21:00 - 2019-06-12 17:08 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-07-21 21:00 - 2019-06-12 17:08 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-07-21 21:00 - 2019-06-12 17:08 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-07-21 21:00 - 2019-06-12 17:08 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-07-21 21:00 - 2019-06-12 17:08 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-07-21 21:00 - 2019-06-12 17:08 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-07-21 21:00 - 2019-06-12 17:08 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-07-21 21:00 - 2019-06-12 17:08 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-07-21 21:00 - 2019-06-12 17:08 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-07-21 21:00 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-07-21 21:00 - 2019-06-12 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-07-21 21:00 - 2019-06-12 17:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-07-21 21:00 - 2019-06-12 17:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-07-21 21:00 - 2019-06-12 17:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-07-21 21:00 - 2019-06-12 17:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-07-21 21:00 - 2019-06-12 17:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-07-21 21:00 - 2019-06-12 17:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-07-21 21:00 - 2019-06-12 17:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-21 21:00 - 2019-06-12 16:54 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-07-21 21:00 - 2019-06-12 16:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-07-21 21:00 - 2019-06-12 16:49 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2019-07-21 21:00 - 2019-06-12 16:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-07-21 21:00 - 2019-06-12 16:48 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-07-21 21:00 - 2019-06-12 16:48 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-07-21 21:00 - 2019-06-12 16:48 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-07-21 21:00 - 2019-06-12 16:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-07-21 21:00 - 2019-06-12 16:42 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-07-21 21:00 - 2019-06-12 16:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-21 21:00 - 2019-06-12 16:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-07-21 21:00 - 2019-06-12 16:39 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-07-21 21:00 - 2019-06-12 16:37 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2019-07-21 21:00 - 2019-06-12 16:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-07-21 21:00 - 2019-06-12 16:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-07-21 21:00 - 2019-06-12 16:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-21 21:00 - 2019-06-12 16:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-07-21 21:00 - 2019-06-12 16:36 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-07-21 21:00 - 2019-06-12 16:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-07-21 21:00 - 2019-06-12 16:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-07-21 21:00 - 2019-06-12 16:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-07-21 21:00 - 2019-06-12 16:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-07-21 21:00 - 2019-06-12 16:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-07-21 21:00 - 2019-06-12 16:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-07-21 21:00 - 2019-06-11 04:59 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-21 21:00 - 2019-06-11 04:59 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-21 21:00 - 2019-06-11 04:59 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-21 21:00 - 2019-06-11 04:59 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-21 21:00 - 2019-06-11 04:59 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-07-21 21:00 - 2019-06-11 04:59 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-21 21:00 - 2019-06-11 04:59 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-21 21:00 - 2019-06-11 04:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-21 21:00 - 2019-06-09 17:20 - 003229184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-21 21:00 - 2019-06-09 17:19 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2019-07-21 21:00 - 2019-06-09 17:08 - 003730432 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-21 21:00 - 2019-06-09 17:07 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2019-07-21 21:00 - 2019-06-09 17:04 - 001053184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2019-07-21 21:00 - 2019-06-09 17:04 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2019-07-21 21:00 - 2019-06-09 16:49 - 001120768 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2019-07-21 21:00 - 2019-06-09 16:49 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2019-07-21 21:00 - 2019-06-07 17:08 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-21 21:00 - 2019-06-02 05:50 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-07-21 21:00 - 2019-05-25 02:04 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-07-21 21:00 - 2019-05-25 02:03 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-07-21 21:00 - 2019-05-25 01:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-07-21 21:00 - 2019-05-23 04:06 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-07-21 21:00 - 2019-05-23 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-07-21 21:00 - 2019-05-23 04:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-07-21 21:00 - 2019-05-23 03:58 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-07-21 21:00 - 2019-05-23 03:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-07-21 21:00 - 2019-05-23 03:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-07-21 21:00 - 2019-05-23 02:05 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-07-21 21:00 - 2019-05-17 20:21 - 000372456 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-07-21 21:00 - 2019-05-13 16:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-07-21 21:00 - 2019-05-13 16:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-07-21 21:00 - 2019-05-13 16:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-07-21 21:00 - 2019-05-13 16:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-07-21 21:00 - 2019-05-09 17:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-07-21 21:00 - 2019-05-09 17:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-07-21 21:00 - 2019-05-09 17:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-07-21 21:00 - 2019-05-09 17:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-07-21 21:00 - 2019-05-09 17:09 - 000114400 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-07-21 21:00 - 2019-05-09 17:07 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-07-21 21:00 - 2019-05-09 17:07 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-07-21 21:00 - 2019-05-09 17:06 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-07-21 21:00 - 2019-05-09 17:06 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-07-21 21:00 - 2019-05-09 17:06 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-07-21 21:00 - 2019-05-09 16:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-07-21 21:00 - 2019-05-09 16:40 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-07-21 21:00 - 2019-04-25 17:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-07-21 21:00 - 2019-04-25 17:06 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-07-21 21:00 - 2019-04-24 17:11 - 001893096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-07-21 21:00 - 2019-04-24 17:09 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-07-21 21:00 - 2019-04-24 17:09 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-07-21 21:00 - 2019-04-12 15:05 - 000994384 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000064248 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000016120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000014288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000014072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000012536 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:05 - 000011504 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-07-21 21:00 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-07-21 21:00 - 2019-04-09 17:05 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-07-21 21:00 - 2019-04-09 17:05 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-07-21 21:00 - 2019-04-09 17:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-07-21 21:00 - 2019-04-09 17:03 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-07-21 21:00 - 2019-04-09 16:53 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-07-21 20:59 - 2019-06-28 07:24 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2019-07-21 20:59 - 2019-06-28 07:24 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-21 20:59 - 2019-06-28 07:24 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2019-07-21 20:59 - 2019-06-28 07:24 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-21 20:59 - 2019-06-28 07:23 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2019-07-21 20:59 - 2019-06-28 07:23 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2019-07-21 20:59 - 2019-06-28 07:23 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2019-07-21 20:59 - 2019-06-28 07:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-21 20:59 - 2019-06-12 17:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-07-21 20:59 - 2019-06-12 17:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-07-21 20:59 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-07-21 20:59 - 2019-06-12 17:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-07-21 20:59 - 2019-06-12 17:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-07-21 20:59 - 2019-06-12 17:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-07-21 20:59 - 2019-06-07 17:18 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-07-21 20:59 - 2019-06-07 17:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-07-21 20:59 - 2019-06-07 17:08 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-07-21 20:59 - 2019-06-07 17:08 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-07-21 20:59 - 2019-06-07 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-07-21 20:59 - 2019-06-07 16:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-07-21 20:59 - 2019-04-30 04:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-07-21 20:59 - 2019-04-30 03:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-07-21 20:59 - 2019-04-09 16:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-07-21 20:59 - 2019-04-09 16:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2019-07-21 20:28 - 2019-07-21 20:28 - 000000000 ____D C:\Users\Homeland\AppData\Roaming\Thomson Reuters
2019-07-21 20:24 - 2019-07-28 23:34 - 000000000 ____D C:\Users\Homeland\AppData\LocalLow\Temp
2019-07-21 20:23 - 2019-07-28 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thomson Reuters
2019-07-21 20:15 - 2019-07-09 12:02 - 001406526 _____ C:\Users\Homeland\Documents\Pruebas Empresas australianas.xlsm
2019-07-21 20:15 - 2019-07-01 17:18 - 002113312 _____ (Thomson Reuters) C:\Users\Homeland\Documents\EikonInstaller.emea1 (1).exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-13 20:15 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-12 23:51 - 2009-07-14 06:45 - 000035152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-12 23:51 - 2009-07-14 06:45 - 000035152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-12 20:55 - 2019-04-13 12:07 - 000000000 ____D C:\Users\Homeland\AppData\Roaming\uTorrent
2019-08-12 20:48 - 2010-11-21 09:08 - 000747720 _____ C:\Windows\system32\perfh00A.dat
2019-08-12 20:48 - 2010-11-21 09:08 - 000159192 _____ C:\Windows\system32\perfc00A.dat
2019-08-12 20:48 - 2009-07-14 07:13 - 001678218 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-12 20:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-08-12 20:34 - 2019-04-15 19:17 - 000000000 ____D C:\Users\Homeland\AppData\Local\BitTorrentHelper
2019-08-12 20:09 - 2019-05-18 14:45 - 000000000 ____D C:\Users\Homeland\AppData\Roaming\cd22087d5c7a9de1049b0ed446c69b43
2019-08-12 19:19 - 2019-04-12 15:54 - 000000000 ____D C:\Windows\Panther
2019-08-12 09:25 - 2019-04-12 17:30 - 000000000 ____D C:\Users\Homeland\AppData\Roaming\Google
2019-08-10 14:39 - 2019-04-16 19:39 - 000000000 ____D C:\Users\Homeland\AppData\Roaming\vlc
2019-08-10 13:30 - 2019-04-13 11:56 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-08-07 13:11 - 2019-04-12 15:11 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-07 13:11 - 2019-04-12 15:11 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-07 12:51 - 2019-04-12 15:08 - 000000000 ____D C:\Users\Homeland\AppData\Local\VirtualStore
2019-08-03 13:14 - 2019-04-12 18:26 - 000000000 ____D C:\Program Files (x86)\WinRAR
2019-08-03 09:16 - 2019-04-12 18:26 - 000000000 ____D C:\Users\Homeland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-07-22 08:31 - 2019-04-12 15:08 - 000000000 ____D C:\Users\Homeland
2019-07-21 23:39 - 2019-04-12 17:36 - 000111840 _____ C:\Users\Homeland\AppData\Local\GDIPFONTCACHEV1.DAT
2019-07-21 23:38 - 2009-07-14 06:45 - 000429144 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-21 23:36 - 2019-04-13 00:14 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-07-21 23:36 - 2019-04-13 00:14 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-21 23:36 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-21 23:36 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-07-21 23:15 - 2019-04-12 15:14 - 001651868 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-07-21 22:43 - 2009-07-14 04:34 - 000000478 _____ C:\Windows\win.ini
2019-07-21 22:15 - 2019-04-12 19:22 - 000000000 ____D C:\Windows\system32\MRT
2019-07-21 22:08 - 2019-04-12 19:22 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-21 20:36 - 2019-04-13 11:53 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk

==================== Files in the root of some directories ================

2019-04-16 19:35 - 2019-04-16 19:35 - 000000000 _____ () C:\Users\Homeland\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-12 16:35
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2019
Ran by Homeland (13-08-2019 20:20:02)
Running from C:\Users\Homeland\Desktop
Windows 7 Professional Service Pack 1 (X64) (2019-04-12 13:08:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2574219661-3389331217-2455714101-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2574219661-3389331217-2455714101-1002 - Limited - Enabled)
Homeland (S-1-5-21-2574219661-3389331217-2455714101-1000 - Administrator - Enabled) => C:\Users\Homeland
Invitado (S-1-5-21-2574219661-3389331217-2455714101-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2574219661-3389331217-2455714101-1000\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
AIDA64 Engineer v6.00 (HKLM-x32\...\AIDA64 Engineer_is1) (Version: 6.00 - FinalWire Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
DVDFab 8.1.6.0 (01/02/2012) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.99 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VIA Administrador de dispositivos de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
XMedia Recode 64bit versión 3.4.7.4 (HKLM\...\{D31E6E69-4C6A-42CC-926F-CC7B186864EB}_is1) (Version: 3.4.7.4 - XMedia Recode 64bit)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2574219661-3389331217-2455714101-1000_Classes\CLSID\{777B917E-6AB2-47FB-9EDC-42D56A5B547B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2574219661-3389331217-2455714101-1000_Classes\CLSID\{77A54D30-DFAB-430F-947F-F9F611BE7F57}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2574219661-3389331217-2455714101-1000_Classes\CLSID\{A74B917E-6AB2-47FB-9EDC-42D56A5B547B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [File not signed]
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-05-03 04:33 - 2019-05-03 04:33 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\acrotray.esp
2019-04-12 18:26 - 2006-12-11 02:14 - 000043008 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000013824 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2574219661-3389331217-2455714101-1000\...\thomsonreuters.biz -> hxxps://*.extranet.thomsonreuters.biz
IE trusted site: HKU\S-1-5-21-2574219661-3389331217-2455714101-1000\...\thomsonreuters.com -> hxxps://thomsonreuters.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-04-13 10:11 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2574219661-3389331217-2455714101-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 62.81.16.213 - 62.81.16.148
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B19B8850-043F-450C-A8CF-B6AC58517E81}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{32F9489C-53B0-4F43-A43D-EDBF180B08C0}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A1FFE5F-53C7-4DA5-BEBD-45D52DE36C91}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DF0C7FA3-C0E9-4FFC-9DA8-AC16A57CFE4B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72FB20A1-BE71-4E2B-8164-1059912DCE17}] => (Allow) C:\Users\Homeland\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C3BC58BD-8509-495D-969F-D55AAA4AC8CB}] => (Allow) C:\Users\Homeland\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{8E8CE612-E435-413B-BB28-57604232887A}C:\users\homeland\appdata\roaming\utorrent\updates\3.5.5_45271.exe] => (Allow) C:\users\homeland\appdata\roaming\utorrent\updates\3.5.5_45271.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{28C963CB-34B8-4C53-8A06-DFCC6EA27282}C:\users\homeland\appdata\roaming\utorrent\updates\3.5.5_45271.exe] => (Allow) C:\users\homeland\appdata\roaming\utorrent\updates\3.5.5_45271.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{10D6BF88-B98A-4D93-B966-B96990A92448}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-08-2019 20:13:53 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/13/2019 08:15:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (08/12/2019 11:48:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (08/12/2019 08:26:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (08/12/2019 07:15:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (08/12/2019 06:23:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (08/12/2019 09:26:36 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/12/2019 09:21:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Explorer.EXE, versión 6.1.7601.23537, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 6d0

Hora de inicio: 01d550dda894cde6

Hora de finalización: 141

Ruta de acceso de la aplicación: C:\Windows\Explorer.EXE

Identificador de informe: b3f91211-bcd1-11e9-9814-94de80b15a2a

Error: (08/12/2019 09:15:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (08/12/2019 11:50:27 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (08/12/2019 11:50:26 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (08/12/2019 11:50:26 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (08/12/2019 11:50:25 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (08/12/2019 11:50:25 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (08/12/2019 08:55:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (08/12/2019 08:55:03 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (08/12/2019 08:54:47 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.


CodeIntegrity:
===================================

Date: 2019-04-12 18:37:25.530
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2019-04-12 18:37:25.499
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info =========================== 

BIOS: Award Software International, Inc. FA 04/23/2013
Motherboard: Gigabyte Technology Co., Ltd. GA-78LMT-USB3
Processor: AMD Athlon(tm) II X3 450 Processor
Percentage of memory in use: 42%
Total physical RAM: 8189.55 MB
Available physical RAM: 4718.12 MB
Total Virtual: 16377.25 MB
Available Virtual: 12788.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:390.53 GB) (Free:309.35 GB) NTFS
Drive d: () (Fixed) (Total:540.89 GB) (Free:531.22 GB) NTFS

\\?\Volume{42f65e38-5d22-11e9-92e0-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4E04A371)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Ya pasé el pack que me comentaste. No me dio aviso de ningún tipo de amenaza, por lo que tuve que llevar nada a cuarentena. Lo más importante es que el problema parece resuelto y ya no tengo problemas de respuesta ante clicks del ratón o entradas del teclado. Si he observado que el ventilador hace bastante ruido habitualmente.

Muchísimas gracias y un cordial saludo, sartjas

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2574219661-3389331217-2455714101-1000\...\MountPoints2: {6b72f46c-5dc9-11e9-8736-94de80b15a2a} - F:\setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-07] (Google LLC -> Google LLC)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-08-2019
Ran by Homeland (15-08-2019 10:31:07) Run:1
Running from C:\Users\Homeland\Desktop
Loaded Profiles: Homeland (Available Profiles: Homeland)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2574219661-3389331217-2455714101-1000\...\MountPoints2: {6b72f46c-5dc9-11e9-8736-94de80b15a2a} - F:\setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-07] (Google LLC -> Google LLC)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-2574219661-3389331217-2455714101-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b72f46c-5dc9-11e9-8736-94de80b15a2a} => removed successfully
HKLM\Software\Classes\CLSID\{6b72f46c-5dc9-11e9-8736-94de80b15a2a} => not found
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2574219661-3389331217-2455714101-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2574219661-3389331217-2455714101-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::69b0:6476:6c8:d014%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.20
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de t£nel isatap.{2DCFD06D-C08E-41EC-840E-5548B2B33C6E}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13795943 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1136906 B
Edge => 0 B
Chrome => 42406532 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83725 B
systemprofile32 => 65960 B
LocalService => 66228 B
NetworkService => 72240 B
Homeland => 32839801 B

RecycleBin => 0 B
EmptyTemp: => 86.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:31:32 ====

Este es el resultado de las últimas instrucciones que ejecuté al pie de la letra. En relación con el problema apuntado el equipo en estos momentos está yendo bien, no hay retraso en las respuestas ante clicks del ratón o entradas desde el teclado. ¿Entiendo que este pack de nuevas instrucciones es consecuencia de algo extraño visto en algún informe? Un saludo y muchas gracias de nuevo

Perfecto, :+1: nos alegra que todo vaya bien, ahora solo queda eliminar las herramientas usadas.

Para terminar:

  • Descarga :arrow_forward: DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Marca todas las casillas.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), copia y pega ese informe en tu próxima respuesta.

Y nos comentas como sigue el problema inicialmente planteado. :face_with_monocle:

Saludos.

1 me gusta
# DelFix v1.013 - Logfile created 17/08/2019 at 10:53:03
# Updated 17/04/2016 by Xplode
# Username : Homeland - HOMELAND-PC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...


~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #38 [End of disinfection | 08/17/2019 08:47:53]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Lo siento pero ejecuté Delfix y me salí del informe sin grabar pensando que como en el caso de los otros programas el informe se grababa en el escritorio. Lamentablemente lo perdí. Lo ejecuté de nuevo y esto es el reporte que el mando. El anterior contenía mensajes de haber eliminado los programas e informes correspondientes que, efectivamente, ya no aparecían en el escritorio.

Por lo demás el funcionamiento del equipo es normal. Me gustaría saber qué es lo que le sucedía al ordenador y en qué medida puedo evitarlo. si esto me vuelve a pasar ¿sería incorrecto aplicar el mismo pack de programas y recomendaciones? Un cordial saludo,

sarthas

Excelente. :clap:

Si vuelves a tener algún otro problema lo mejor es que inicies un nuevo tema y nos plantees tu consulta, ya que NO siempre los problemas se solucionan de la misma manera y sobre todo el uso de FRST debe ser guiado analizando los informes que nos proporciones.


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos. :+1:

Tema Solucionado.

Saludos, Javier.