Mi PC va algo lenta

Hola a todos. Me agrada el nuevo diseño del foro. Lamento mucho haber tenido que suscribirme de nuevo, pues tenía ya algunos temas, pero en fin. Todo sea por el mejoramiento de la plataforma.

Hoy vengo a pedirles ayuda: mi PC anda algo lento desde hace un par de días y estoy algo preocupado pues trabajo en él a diario con programas de diseño y edición de video.

MI PC es:

• Windows 7 Service pack 1
• 64 Bits
• Memoria RAM de 4Gb
• AMD 9650 Quad Core 2.30 Ghz

Quisiera saber cómo puedo saber si tiene un virus o algo que lo esté ralentizando. Gracias a todos por su ayuda.

Saludos.

Hola GatoCapitalista, bienvenido al nuevo foro

Vamos a ver si es por infecciones.

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

• Realiza un Análisis de amenazas, actualizando si te lo pide.
• Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
• En el apartado del manual Informes Informe de análisis encontrarás el reporte de MBAM, clic en Exportar Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

• Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus.
• Cierra también todos los programas que tengas abiertos.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
• Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
• El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

• Instala Ccleaner
• Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine clic en ejecutar limpiador
• Clic en la pestaña Registro clic en buscar problemas esperas que termine clic en Reparar Seleccionadas y haces una copia de seguridad
• Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

Un saludo

Hola Daniela.

Adjunto informres solciitados:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 16/11/18
Hora del análisis: 14:40
Archivo de registro: 6cfd4c20-e9d7-11e8-8d32-00306703166e.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.482
Versión del paquete de actualización: 1.0.7879
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: CamoVlog-PC\CamoVlog

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 262723
Amenazas detectadas: 15
Amenazas en cuarentena: 15
Tiempo transcurrido: 11 min, 41 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 11
Spyware.Socelars, HKU\S-1-5-21-114870127-2458051889-1227169053-1000\SOFTWARE\{6D187CC8-35BD-47F6-8760-D406AA1927B1}, En cuarentena, [6262], [584328],1.0.7879
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\MPrForWeathI, En cuarentena, [2783], [572664],1.0.7879
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\MTPreC_B, En cuarentena, [2783], [572665],1.0.7879
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\MTPreC_Qn, En cuarentena, [2783], [572666],1.0.7879
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\ShutTPreAm, En cuarentena, [2783], [572667],1.0.7879
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\ShutTPreIc, En cuarentena, [2783], [572668],1.0.7879
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\ShutTPreJ, En cuarentena, [2783], [572669],1.0.7879
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\ShutTPreShM, En cuarentena, [2783], [572670],1.0.7879
PUP.Optional.IdleKMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AutoPico Daily Restart, En cuarentena, [9214], [156330],1.0.7879
PUP.Optional.IdleKMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{35A643C2-32E9-4B47-B3D9-3E7566138FFD}, En cuarentena, [9214], [156330],1.0.7879
PUP.Optional.IdleKMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{35A643C2-32E9-4B47-B3D9-3E7566138FFD}, En cuarentena, [9214], [156330],1.0.7879

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 1
PUP.Optional.MyStart, C:\USERS\CAMOVLOG\APPDATA\ROAMING\SEARCH THE WEB, En cuarentena, [228], [594135],1.0.7879

Archivo: 3
PUP.Optional.MyStart, C:\USERS\CAMOVLOG\APPDATA\ROAMING\SEARCH THE WEB\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}.ico, En cuarentena, [228], [594135],1.0.7879
PUP.Optional.IdleKMS, C:\WINDOWS\SYSTEM32\TASKS\AutoPico Daily Restart, En cuarentena, [9214], [156330],1.0.7879
PUP.Optional.IdleKMS, C:\PROGRAM FILES\KMSPICO\AUTOPICO.EXE, En cuarentena, [9214], [156330],1.0.7879

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-11-14.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-16-2018
# Duration: 00:00:45
# OS:       Windows 7 Professional
# Cleaned:  2
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\CamoVlog\AppData\Local\SharePal

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\SharePal

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted   suggestqueries.google.com


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1345 octets] - [16/11/2018 15:07:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Si lo siento más rápido. Sobre todo al abrir el navegador Chrome.

Muchas gracias.

Hola

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Hola. Ya tengo los dos reporte pero no logro colocarlos, ni siquiera cortados o parciales. Cómo te los puedo enviar??

Me sale un mensaje de algo así como que no puedo insertar más de 2 usuarios por mensaje, la verdad no comprendo.

Gracias.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.11.2018
Ran by CamoVlog (administrator) on CAMOVLOG-PC (16-11-2018 22:30:05)
Running from C:\Users\CamoVlog\Desktop
Loaded Profiles: CamoVlog (Available Profiles: CamoVlog & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-114870127-2458051889-1227169053-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-114870127-2458051889-1227169053-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-114870127-2458051889-1227169053-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\RETROS~1.SCR [1122304 2013-04-09] (Andy Fielding ([email protected]))
Startup: C:\Users\CamoVlog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\brffgeav.lnk [2018-08-23]
ShortcutTarget: brffgeav.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{59A07129-2A80-4590-8912-728E3F948B7E}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

Perdóname, no logro poner los reportes, se me complica el nuevo foro. Ayúdame, gracias.

Hola

Las etiquetas code las estas poniendo entre estos símbolos < > y debes ponerlas entre corchetes [ ]

Pruébalo y verás como te deja hacerlo.

Un saludo

Hola. Gracias, te envío los reportes.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.11.2018
Ran by CamoVlog (administrator) on CAMOVLOG-PC (16-11-2018 22:30:05)
Running from C:\Users\CamoVlog\Desktop
Loaded Profiles: CamoVlog (Available Profiles: CamoVlog & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-114870127-2458051889-1227169053-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-114870127-2458051889-1227169053-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-114870127-2458051889-1227169053-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\RETROS~1.SCR [1122304 2013-04-09] (Andy Fielding ([email protected]))
Startup: C:\Users\CamoVlog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\brffgeav.lnk [2018-08-23]
ShortcutTarget: brffgeav.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{59A07129-2A80-4590-8912-728E3F948B7E}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 2xr7168n.default
FF ProfilePath: C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\2xr7168n.default [2018-11-16]
FF Homepage: Mozilla\Firefox\Profiles\2xr7168n.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\2xr7168n.default -> file:///C:/ProgramData/Voyasollams/ff.NT
FF Extension: (Avira Navegación segura) - C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\2xr7168n.default\Extensions\[email protected] [2018-10-25]
FF Extension: (Tags for YouTube™) - C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\2xr7168n.default\Extensions\[email protected] [2018-11-06]
FF Extension: (Magic Actions for YouTube™) - C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\2xr7168n.default\Extensions\[email protected] [2018-01-09]
FF Extension: (Video DownloadHelper) - C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\2xr7168n.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
FF Extension: (Greasemonkey) - C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\2xr7168n.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-08-28]
FF Extension: (Firefox Monitor) - C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\2xr7168n.default\features\{7c67e31a-b4ab-4a22-a366-8f8eaf9b2b13}\[email protected] [2018-11-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-12-10] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-10] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default [2018-11-16]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2018-11-16]
CHR Extension: (MEGA) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2018-11-16]
CHR Extension: (Unlock Premium Content) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjmcpnogioojilaohalakcjniiaekgcp [2018-10-18]
CHR Extension: (Tags for YouTube™) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggphokdgjikekfiakjcpidcclbmkfga [2018-11-06]
CHR Extension: (Web for Instagram) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkhjjcoidmkfegigfdedmafpfemccpk [2018-11-14]
CHR Extension: (ZenMate VPN - Mejor seguridad para Internet) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2018-10-18]
CHR Extension: (Avira Navegación segura) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-10-26]
CHR Extension: (AdBlock) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-11]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-11-15]
CHR Extension: (Video DownloadHelper) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-08-19]
CHR Extension: (Boomerang for Gmail) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2018-09-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-17]
CHR Extension: (Flash-HTML5 for YouTube™) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\omimccinlhlkpjaeaocglgmkbelejlhj [2018-08-19]
CHR Extension: (Chrome Media Router) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-31]
CHR Profile: C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [891472 2018-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2018-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2018-11-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1162120 2018-11-13] (Avira Operations GmbH & Co. KG)
S4 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [431688 2018-10-09] (Avira Operations GmbH & Co. KG)
S4 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5614592 2018-01-22] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48640 2018-01-22] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [41472 2018-01-22] (AVG Technologies CZ, s.r.o.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [73240 2018-08-08] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [199920 2018-06-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153040 2018-06-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2018-06-28] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2018-06-28] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [34128 2018-06-28] (Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-10-18] (Malwarebytes)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-07-28] (Glarysoft Ltd)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198000 2018-11-16] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [119136 2018-11-16] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [63768 2018-11-16] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-16] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [101200 2018-11-16] (Malwarebytes)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-02] (AVG Netherlands B.V.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-16 22:30 - 2018-11-16 22:32 - 000016941 _____ C:\Users\CamoVlog\Desktop\FRST.txt
2018-11-16 22:29 - 2018-11-16 22:30 - 000000000 ____D C:\FRST
2018-11-16 22:29 - 2018-11-16 22:29 - 002416128 _____ (Farbar) C:\Users\CamoVlog\Desktop\FRST64.exe
2018-11-16 22:25 - 2018-11-16 22:25 - 000119136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-11-16 22:25 - 2018-11-16 22:25 - 000101200 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-11-16 22:25 - 2018-11-16 22:25 - 000063768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-11-16 22:24 - 2018-11-16 22:24 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-11-16 15:15 - 2018-11-16 15:15 - 000002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-11-16 15:11 - 2018-11-16 15:11 - 000001471 _____ C:\Users\CamoVlog\Desktop\AdwCleaner[C00].txt
2018-11-16 15:05 - 2018-11-16 15:08 - 000000000 ____D C:\AdwCleaner
2018-11-16 15:03 - 2018-11-16 15:03 - 007592144 _____ (Malwarebytes) C:\Users\CamoVlog\Desktop\adwcleaner_7.2.4.0.exe
2018-11-16 14:53 - 2018-11-16 14:53 - 000003244 _____ C:\Users\CamoVlog\Desktop\Informe Malwarebytes.txt
2018-11-16 14:29 - 2018-11-16 14:29 - 000198000 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-11-16 14:29 - 2018-11-16 14:29 - 000000000 ____D C:\Users\CamoVlog\AppData\Local\mbamtray
2018-11-16 14:28 - 2018-11-16 14:28 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-16 14:28 - 2018-11-16 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-16 14:28 - 2018-10-18 08:44 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-11-16 14:20 - 2018-11-16 14:21 - 079876624 _____ (Malwarebytes ) C:\Users\CamoVlog\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7841.exe
2018-11-13 16:46 - 2018-11-13 16:58 - 006532554 _____ C:\Users\CamoVlog\Desktop\Banner.psd
2018-11-13 14:52 - 2018-11-10 20:29 - 005551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-13 14:52 - 2018-11-10 20:25 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-13 14:52 - 2018-11-10 20:25 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-13 14:52 - 2018-11-10 20:25 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-13 14:52 - 2018-11-10 20:11 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-13 14:52 - 2018-11-10 20:10 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-13 14:52 - 2018-10-26 22:05 - 003227648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-13 14:52 - 2018-10-17 21:48 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-13 14:52 - 2018-10-17 21:17 - 020281344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-13 14:52 - 2018-10-12 15:26 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-13 14:52 - 2018-10-12 15:22 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-11-13 14:52 - 2018-10-12 14:59 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-13 14:52 - 2018-10-12 14:42 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-11-13 14:52 - 2018-10-11 21:12 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-13 14:52 - 2018-10-11 21:10 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-13 14:52 - 2018-10-11 20:25 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-13 14:52 - 2018-10-11 20:19 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-13 14:52 - 2018-10-06 11:02 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-13 14:52 - 2018-09-22 21:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-13 14:52 - 2018-09-22 21:54 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-13 14:52 - 2018-09-22 21:54 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-13 14:52 - 2018-09-22 21:54 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-13 14:52 - 2018-09-22 21:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-13 14:52 - 2018-09-22 21:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-13 14:52 - 2018-09-22 21:34 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-13 14:52 - 2018-09-22 21:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-13 14:52 - 2018-08-27 22:48 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2018-11-13 14:52 - 2018-08-27 22:48 - 000419608 _____ C:\Windows\system32\locale.nls
2018-11-13 14:51 - 2018-11-10 20:28 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-11-13 14:51 - 2018-11-10 20:28 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-11-13 14:51 - 2018-11-10 20:28 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-13 14:51 - 2018-11-10 20:28 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-13 14:51 - 2018-11-10 20:27 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-13 14:51 - 2018-11-10 20:27 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-11-13 14:51 - 2018-11-10 20:26 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-11-13 14:51 - 2018-11-10 20:26 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-11-13 14:51 - 2018-11-10 20:26 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-11-13 14:51 - 2018-11-10 20:26 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-11-13 14:51 - 2018-11-10 20:26 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-11-13 14:51 - 2018-11-10 20:26 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-13 14:51 - 2018-11-10 20:26 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-11-13 14:51 - 2018-11-10 20:26 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-11-13 14:51 - 2018-11-10 20:26 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-11-13 14:51 - 2018-11-10 20:26 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-13 14:51 - 2018-11-10 20:26 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-11-13 14:51 - 2018-11-10 20:25 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:14 - 004054248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-11-13 14:51 - 2018-11-10 20:14 - 003960040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-11-13 14:51 - 2018-11-10 20:12 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-11-13 14:51 - 2018-11-10 20:11 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-11-13 14:51 - 2018-11-10 20:11 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-13 14:51 - 2018-11-10 20:11 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-11-13 14:51 - 2018-11-10 20:11 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-11-13 14:51 - 2018-11-10 20:11 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-11-13 14:51 - 2018-11-10 20:11 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-11-13 14:51 - 2018-11-10 20:11 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-11-13 14:51 - 2018-11-10 20:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-11-13 14:51 - 2018-11-10 20:10 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-11-13 14:51 - 2018-11-10 20:10 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-11-13 14:51 - 2018-11-10 20:10 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-13 14:51 - 2018-11-10 20:10 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-11-13 14:51 - 2018-11-10 20:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-11-13 14:51 - 2018-11-10 20:10 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-11-13 14:51 - 2018-11-10 20:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-11-13 14:51 - 2018-11-10 20:10 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-11-13 14:51 - 2018-11-10 20:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-11-13 14:51 - 2018-11-10 20:10 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 20:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 19:53 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-11-13 14:51 - 2018-11-10 19:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-11-13 14:51 - 2018-11-10 19:53 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-11-13 14:51 - 2018-11-10 19:52 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-11-13 14:51 - 2018-11-10 19:48 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-11-13 14:51 - 2018-11-10 19:48 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-11-13 14:51 - 2018-11-10 19:47 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-11-13 14:51 - 2018-11-10 19:47 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-11-13 14:51 - 2018-11-10 19:45 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-11-13 14:51 - 2018-11-10 19:44 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-11-13 14:51 - 2018-11-10 19:44 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-11-13 14:51 - 2018-11-10 19:44 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-11-13 14:51 - 2018-11-10 19:43 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-11-13 14:51 - 2018-11-10 19:43 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-11-13 14:51 - 2018-11-10 19:43 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-11-13 14:51 - 2018-11-10 19:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-11-13 14:51 - 2018-11-10 19:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-11-13 14:51 - 2018-11-10 19:43 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-13 14:51 - 2018-11-10 19:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-11-13 14:51 - 2018-11-10 19:41 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-11-13 14:51 - 2018-11-10 19:41 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-11-13 14:51 - 2018-11-10 19:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-11-13 14:51 - 2018-11-10 19:40 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-11-13 14:51 - 2018-11-10 19:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 19:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-11-13 14:51 - 2018-11-10 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-11-13 14:51 - 2018-10-26 22:42 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-13 14:51 - 2018-10-26 22:42 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-13 14:51 - 2018-10-26 22:42 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-13 14:51 - 2018-10-26 22:42 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2018-11-13 14:51 - 2018-10-26 22:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-13 14:51 - 2018-10-26 22:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2018-11-13 14:51 - 2018-10-26 22:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-13 14:51 - 2018-10-26 22:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-11-13 14:51 - 2018-10-26 22:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-13 14:51 - 2018-10-26 22:11 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-13 14:51 - 2018-10-26 22:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-11-13 14:51 - 2018-10-26 22:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-11-13 14:51 - 2018-10-26 22:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2018-11-13 14:51 - 2018-10-26 22:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dispex.dll
2018-11-13 14:51 - 2018-10-18 14:49 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-13 14:51 - 2018-10-18 13:51 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-11-13 14:51 - 2018-10-12 15:36 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-11-13 14:51 - 2018-10-12 15:25 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-11-13 14:51 - 2018-10-12 15:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-11-13 14:51 - 2018-10-12 15:25 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-11-13 14:51 - 2018-10-12 15:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-11-13 14:51 - 2018-10-12 15:20 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-11-13 14:51 - 2018-10-12 15:20 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-11-13 14:51 - 2018-10-12 15:18 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-11-13 14:51 - 2018-10-12 15:17 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-11-13 14:51 - 2018-10-12 15:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-11-13 14:51 - 2018-10-12 15:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-11-13 14:51 - 2018-10-12 15:11 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-11-13 14:51 - 2018-10-12 15:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-11-13 14:51 - 2018-10-12 15:07 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-11-13 14:51 - 2018-10-12 15:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-11-13 14:51 - 2018-10-12 15:05 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-11-13 14:51 - 2018-10-12 15:04 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-11-13 14:51 - 2018-10-12 15:03 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-13 14:51 - 2018-10-12 15:03 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-11-13 14:51 - 2018-10-12 15:02 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-11-13 14:51 - 2018-10-12 14:57 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-11-13 14:51 - 2018-10-12 14:56 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-11-13 14:51 - 2018-10-12 14:55 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-11-13 14:51 - 2018-10-12 14:55 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-11-13 14:51 - 2018-10-12 14:38 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-13 14:51 - 2018-10-12 14:36 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-11-13 14:51 - 2018-10-11 21:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-11-13 14:51 - 2018-10-11 21:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-11-13 14:51 - 2018-10-11 21:11 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-11-13 14:51 - 2018-10-11 21:10 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-11-13 14:51 - 2018-10-11 21:10 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-11-13 14:51 - 2018-10-11 21:10 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-11-13 14:51 - 2018-10-11 21:04 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-11-13 14:51 - 2018-10-11 21:03 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-11-13 14:51 - 2018-10-11 21:01 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-13 14:51 - 2018-10-11 21:00 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-11-13 14:51 - 2018-10-11 21:00 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-11-13 14:51 - 2018-10-11 20:59 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-13 14:51 - 2018-10-11 20:59 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-13 14:51 - 2018-10-11 20:59 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-13 14:51 - 2018-10-11 20:54 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-11-13 14:51 - 2018-10-11 20:51 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-11-13 14:51 - 2018-10-11 20:46 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-11-13 14:51 - 2018-10-11 20:45 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-11-13 14:51 - 2018-10-11 20:44 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-11-13 14:51 - 2018-10-11 20:42 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-11-13 14:51 - 2018-10-11 20:42 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-11-13 14:51 - 2018-10-11 20:40 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-11-13 14:51 - 2018-10-11 20:38 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-11-13 14:51 - 2018-10-11 20:30 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-13 14:51 - 2018-10-11 20:27 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-13 14:51 - 2018-10-11 20:27 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-13 14:51 - 2018-10-11 20:26 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-11-13 14:51 - 2018-10-11 20:26 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-11-13 14:51 - 2018-10-11 20:06 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-13 14:51 - 2018-10-11 19:55 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-13 14:51 - 2018-10-06 08:42 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-11-13 14:51 - 2018-10-06 08:05 - 002565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-13 14:51 - 2018-09-22 21:54 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-13 14:51 - 2018-09-22 21:54 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-11-13 14:51 - 2018-09-22 21:54 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-13 14:51 - 2018-09-22 21:54 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2018-11-13 14:51 - 2018-09-22 21:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2018-11-13 14:51 - 2018-09-22 21:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-13 14:51 - 2018-09-22 21:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-11-13 14:51 - 2018-09-22 21:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2018-11-13 14:51 - 2018-09-22 21:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2018-11-13 14:51 - 2018-09-22 21:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2018-11-13 14:51 - 2018-09-22 21:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2018-11-13 14:51 - 2018-09-22 21:34 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-13 14:51 - 2018-09-22 21:33 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-13 14:51 - 2018-09-22 21:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-13 14:51 - 2018-09-22 21:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-11-13 14:51 - 2018-09-22 21:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2018-11-11 13:05 - 2018-11-11 13:05 - 000039910 _____ C:\Users\CamoVlog\Downloads\gjgilalackpplhejebehbfgneppfcial_1.1.crx
2018-11-11 13:05 - 2018-11-11 13:05 - 000039910 _____ C:\Users\CamoVlog\Downloads\gjgilalackpplhejebehbfgneppfcial_1.1 (2).crx
2018-11-11 13:00 - 2018-11-11 13:00 - 000039910 _____ C:\Users\CamoVlog\Downloads\gjgilalackpplhejebehbfgneppfcial_1.1 (1).crx
2018-11-09 11:56 - 2018-11-13 16:58 - 000000000 ____D C:\Users\CamoVlog\Desktop\Tienda invitaciones
2018-11-08 16:32 - 2018-11-08 16:32 - 003306815 _____ C:\Users\CamoVlog\Desktop\kupdf.net_osip-mandelstam-el-sello-egipcio-maldoror.pdf
2018-11-01 12:52 - 2018-11-01 12:52 - 001541561 _____ C:\Users\CamoVlog\Downloads\mp4.mp4
2018-10-31 00:44 - 2018-10-31 00:44 - 020375047 _____ C:\Users\CamoVlog\Downloads\Oye, @IvanDuque, antes eras chévere... No, mentiras..mp4
2018-10-30 16:27 - 2018-10-30 16:27 - 000093342 _____ C:\Users\CamoVlog\Downloads\gσσgιяℓ - fσℓℓσω_ят_єиʝσу - gσσgιяℓ - - @4HisDesire .mp4
2018-10-30 12:13 - 2018-10-30 12:13 - 001939081 _____ C:\Users\CamoVlog\Downloads\Yo intentando salir de una relación tóxica..mp4
2018-10-29 13:43 - 2018-11-01 12:47 - 000000000 ____D C:\Users\CamoVlog\Desktop\The Economist VIDEO
2018-10-29 00:46 - 2018-10-29 00:46 - 003253552 _____ (Alexander Roshal) C:\Users\CamoVlog\Downloads\winrar-x64-561es.exe
2018-10-29 00:46 - 2018-10-29 00:46 - 000000000 ____D C:\Users\CamoVlog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-10-29 00:32 - 2018-10-29 00:32 - 000000000 ____D C:\Users\CamoVlog\Documents\Add-in Express
2018-10-29 00:00 - 2018-10-29 00:03 - 185368842 _____ C:\Users\CamoVlog\Downloads\La revelación de las pirámides - P. Pooyard (Completa español) (3).zip
2018-10-28 23:47 - 2018-10-28 23:50 - 209715200 _____ C:\Users\CamoVlog\Downloads\La revelación de las pirámides - P. Pooyard (Completa español) (2).zip
2018-10-28 23:22 - 2018-10-28 23:24 - 209715200 _____ C:\Users\CamoVlog\Downloads\La revelación de las pirámides - P. Pooyard (Completa español).zip
2018-10-28 23:08 - 2018-10-28 23:08 - 000000000 ____D C:\ProgramData\UniqueId
2018-10-28 23:07 - 2018-10-28 23:07 - 000756736 _____ (WinZip Computing, S.L.) C:\Users\CamoVlog\Downloads\winzip22-downwz.exe
2018-10-28 22:24 - 2018-10-28 22:24 - 001988320 _____ C:\Users\CamoVlog\Downloads\Mammon and the Black Goddess - Robert Graves.pdf
2018-10-27 13:32 - 2018-10-27 13:32 - 005068480 _____ C:\Users\CamoVlog\Downloads\Les presento a Bolsonaro, presidente a partir de mañana en Brasil. En este video promete l.mp4
2018-10-24 16:28 - 2018-10-24 16:29 - 009090909 _____ C:\Users\CamoVlog\Downloads\HOY 250 SOFIA.mp4
2018-10-23 17:30 - 2018-11-09 17:12 - 000000000 ____D C:\Users\CamoVlog\AppData\Roaming\Adobe
2018-10-23 16:30 - 2018-10-13 17:32 - 006307030 ____N C:\Users\CamoVlog\Desktop\Voz00002.3gp
2018-10-23 11:07 - 2018-10-23 11:07 - 000067903 _____ C:\Users\CamoVlog\Downloads\st.coCQ46atRMut.mp4
2018-10-21 14:55 - 2018-10-21 14:55 - 001655140 _____ C:\Users\CamoVlog\Downloads\Cuando te dicen que no le gustan Los Simpson..mp4
2018-10-21 13:32 - 2018-10-21 13:32 - 002433135 _____ C:\Users\CamoVlog\Downloads\The Earth.mp4
2018-10-17 22:42 - 2018-10-17 22:42 - 000113737 _____ C:\Users\CamoVlog\Downloads\Sexy.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-16 22:26 - 2017-11-23 17:39 - 000000000 ____D C:\Users\CamoVlog\AppData\LocalLow\Mozilla
2018-11-16 22:24 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-16 22:23 - 2018-08-06 22:40 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-11-16 22:23 - 2009-07-13 23:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-16 22:23 - 2009-07-13 23:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-16 16:16 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2018-11-16 15:17 - 2017-11-28 21:46 - 000000000 ____D C:\Users\CamoVlog\AppData\Roaming\MPC-HC
2018-11-16 14:28 - 2018-01-13 13:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-16 11:39 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2018-11-14 23:28 - 2010-11-21 02:09 - 002045264 _____ C:\Windows\system32\perfh00A.dat
2018-11-14 23:28 - 2010-11-21 02:09 - 000584358 _____ C:\Windows\system32\perfc00A.dat
2018-11-14 23:28 - 2009-07-14 00:13 - 000006208 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-14 23:21 - 2009-07-13 23:45 - 005942368 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-14 13:23 - 2018-06-29 15:24 - 000000033 _____ C:\Users\CamoVlog\AppData\Roaming\AdobeWLCMCache.dat
2018-11-14 09:33 - 2009-07-14 00:08 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-13 22:11 - 2017-11-23 17:55 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-13 21:52 - 2017-11-23 18:07 - 000204528 _____ C:\Users\CamoVlog\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-13 11:11 - 2018-08-06 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-11-10 13:50 - 2017-11-24 14:23 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-11-09 12:52 - 2017-12-16 22:47 - 000000000 ____D C:\Users\CamoVlog\dwhelper
2018-11-03 13:06 - 2017-11-23 17:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-03 13:06 - 2017-11-23 17:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-02 16:11 - 2017-12-06 09:50 - 000000000 ____D C:\Users\CamoVlog\AppData\Roaming\audacity
2018-10-29 19:07 - 2017-11-23 17:32 - 000000000 ____D C:\Users\CamoVlog
2018-10-29 10:21 - 2017-11-24 02:05 - 000000000 ____D C:\Program Files\WinRAR
2018-10-29 00:46 - 2017-11-24 02:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

==================== Files in the root of some directories =======

2018-06-29 15:24 - 2018-11-14 13:23 - 000000033 _____ () C:\Users\CamoVlog\AppData\Roaming\AdobeWLCMCache.dat
2018-08-23 18:19 - 2018-08-23 18:19 - 000140800 _____ () C:\Users\CamoVlog\AppData\Local\installer.dat
2018-09-27 11:04 - 2018-09-27 11:04 - 000000000 _____ () C:\Users\CamoVlog\AppData\Local\oobelibMkey.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-14 12:02

==================== End of FRST.txt ============================

Y el segundo:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
Ran by CamoVlog (16-11-2018 22:33:16)
Running from C:\Users\CamoVlog\Desktop
Windows 7 Professional Service Pack 1 (X64) (2017-11-23 22:32:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-114870127-2458051889-1227169053-500 - Administrator - Disabled)
CamoVlog (S-1-5-21-114870127-2458051889-1227169053-1000 - Administrator - Enabled) => C:\Users\CamoVlog
Invitado (S-1-5-21-114870127-2458051889-1227169053-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-114870127-2458051889-1227169053-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: ESET Security (Disabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
AIDA64 Extreme v5.95 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.95 - FinalWire Ltd.)
Another Matrix Screen Saver (HKLM-x32\...\Another Matrix Screen Saver_is1) (Version:  - NicheScreenSavers.com)
Argente - Registry Cleaner 3.1.2.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.2.0 - Raúl Argente)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
AVG PC TuneUp (HKLM-x32\...\{9C775BB6-1453-45EB-8C78-A5CC5199113D}) (Version: 16.77.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.77.3.23060 - AVG Technologies)
Avira (HKLM-x32\...\{18787388-9263-47A6-B954-41BDE0B90959}) (Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{2884d9b5-2fed-48df-b0e0-fe229e7eb781}) (Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.43.24 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
Fotolibro Auros Copias (HKU\S-1-5-21-114870127-2458051889-1227169053-1000\...\Fotolibro Auros Copias) (Version: Fotolibro Auros Copias 2016.4.0 - Auros Copias S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
K-Lite Codec Pack 14.1.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.0 - KLCP)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Matrix-ks (HKLM-x32\...\{16F0EE77-B2B1-4417-A8CC-07E06C78CCC4}) (Version: 3.6 - KellySoftware)
MatrixWorld 3D Screensaver 1.5 (HKLM-x32\...\MatrixWorld 3D Screensaver_is1) (Version: 1.5 - Digital Minds Software)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox 63.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 63.0.1 (x64 es-ES)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
NVIDIA Controlador de audio HD 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version:  - )
Panel de control de NVIDIA 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 306.97 - NVIDIA Corporation) Hidden
PowerLed 2.85.0 (HKLM-x32\...\PowerLed_is1) (Version:  - TF-TOP)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Retro Sci-Fi Screensaver (HKLM-x32\...\RetroSciFi_is1) (Version: 1.22 - Andy Fielding)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Solar System - Moon 3D Screensaver v1.8.00 (HKLM-x32\...\Solar System - Moon 3D Screensaver_is1) (Version:  - Rixane Interactive)
Star Wars 3D Screensaver 1.3 (HKLM-x32\...\Star Wars 3D Screensaver_is1) (Version:  - )
VdhCoApp 1.2.1 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
Vegas Pro 11.0 (HKLM-x32\...\{E7D91321-E930-11E0-9C25-F04DA23A5C58}) (Version: 11.0.370 - Sony)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A8582A9E-FE98-11E1-B899-F04DA23A5C58}) (Version: 12.0.367 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-114870127-2458051889-1227169053-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} =>  -> No File
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} =>  -> No File
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>  -> No File
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-10-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-10-02] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>  -> No File
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-10-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B4EC751-7FA0-4DAC-B38A-C41295624D99} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2018-01-22] (AVG Technologies CZ, s.r.o.)
Task: {272A9F80-BBFA-48A7-9628-481EAE29F9B2} - \SUPERAntiSpyware Scheduled Task e3758aa6-dbb1-472b-92f4-21b55f87b3ad -> No File <==== ATTENTION
Task: {2D5C01AC-A53E-4E0F-A108-11BB39AFB46E} - System32\Tasks\AdobeAAMUpdater-1.0-CamoVlog-PC-CamoVlog => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {2E9C2A9B-2867-4582-AFB2-9169FB9803C7} - System32\Tasks\AdobeGCInvoker-1.0-CamoVlog-PC-CamoVlog => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {53F08B00-1517-4B6B-947C-D1B729FCCBE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-23] (Google Inc.)
Task: {59B94E4B-4BB7-4A90-9CB3-3A2D1D724723} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {67ED0661-35C1-4E90-A8CF-C413A9091D4A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {7F688A53-2A28-417E-95CC-372920E578D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {93A012B8-1E34-4583-A963-4EEB5D19C1A5} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: {944C4603-AE03-44AF-AB50-AC9B9157171A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-23] (Google Inc.)
Task: {9BE4940B-3126-4091-964A-DD626AFCF483} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {9E7CF693-C980-4336-8C2B-747EBBB59D8C} - \SUPERAntiSpyware Scheduled Task 222c19a7-2d4d-4764-942c-8cfa29dce4d7 -> No File <==== ATTENTION
Task: {9F6AE999-037B-4638-BB6D-B379493C1C27} - System32\Tasks\{8FA60A6A-DF3D-4FCD-80A1-3951649CA889} => C:\Windows\system32\pcalua.exe -a C:\Users\CamoVlog\Desktop\15.53_nforce_win7_32bit_international_whql.exe -d C:\Users\CamoVlog\Desktop
Task: {A69A6431-0C05-4881-B6D2-D3A2D4B104AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {AC6B2887-AA05-416E-A34D-5E109CDF412E} - \StartWop PC Port -> No File <==== ATTENTION
Task: {B7E07013-8E60-4C8F-8D1E-DA40919FEBFD} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-11-13] (Avira Operations GmbH & Co. KG)
Task: {F27C6603-68BB-4848-801D-396203006DBC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\CamoVlog\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\CamoVlog\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

==================== Loaded Modules (Whitelisted) ==============

2017-11-24 16:21 - 2012-10-02 14:51 - 000086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-04-19 08:34 - 2009-04-19 08:34 - 000625184 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-04-19 08:34 - 2009-04-19 08:34 - 000070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-04-19 08:34 - 2009-04-19 08:34 - 000578080 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2018-11-16 14:28 - 2018-10-18 08:44 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-11-16 14:28 - 2018-10-18 08:44 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2009-04-19 08:34 - 2009-04-19 08:34 - 000207904 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2017-10-18 11:19 - 2018-09-10 10:57 - 000095168 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2018-08-08 11:06 - 2018-11-13 11:09 - 001205792 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll
2018-08-08 11:06 - 2018-11-13 11:09 - 000244672 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2018-08-23 18:54 - 000000527 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 mydownloaddomain.com
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 360devtraking.website
127.0.0.1 dscdn.pw
127.0.0.1 bcnmonetize.go2affise.com
127.0.0.1 beautifllink.xyz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-114870127-2458051889-1227169053-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Fondo de escritorio.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: avgsvc => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: ekrn => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: WinDefend => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{4E457F4C-9012-46B3-AD4E-E09DB9DFF96E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{16ABB482-BADA-4ECD-9796-4E2E57630DDB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{6D5F0803-0A53-46E7-88E7-C6B81A83A743}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5AB54B9F-0995-416D-977A-F86FC6D70110}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2C444D50-6862-40F6-8DDF-2DEDE11018DF}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{6F5E539A-3300-44EA-8283-088772E61D1E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{94404AE9-83DA-4DBC-BF26-C18252AD19CA}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{4909A405-96C7-466B-863A-7D44FFA3B6FA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{ACF72934-3AFD-499D-9584-53097FDF87E0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FA48E022-D86F-4038-B151-BEEF9646335C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

06-11-2018 12:51:06 Punto de control programado
14-11-2018 09:39:23 Windows Update

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/16/2018 10:25:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Creative Cloud.exe, versión: 4.6.0.384, marca de tiempo: 0x5b2cefa4
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000
Id. del proceso con errores: 0x1300
Hora de inicio de la aplicación con errores: 0x01d47e25384c6f10
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 7fddb0f0-ea18-11e8-8d11-00306703166e

Error: (11/16/2018 10:25:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/16/2018 10:22:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Creative Cloud.exe, versión: 4.6.0.384, marca de tiempo: 0x5b2cefa4
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000
Id. del proceso con errores: 0x10ac
Hora de inicio de la aplicación con errores: 0x01d47e24c7418f80
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 0bf3e4c0-ea18-11e8-b5b1-00306703166e

Error: (11/16/2018 10:22:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/16/2018 10:22:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/16/2018 10:21:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/16/2018 03:12:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Creative Cloud.exe, versión: 4.6.0.384, marca de tiempo: 0x5b2cefa4
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000
Id. del proceso con errores: 0x111c
Hora de inicio de la aplicación con errores: 0x01d47de8aabcbec0
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: f0163140-e9db-11e8-8497-00306703166e

Error: (11/16/2018 03:11:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (11/16/2018 03:08:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Avira Service Host terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (11/16/2018 03:08:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio AVG PC TuneUp Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 250 milisegundos: Reiniciar el servicio.

Error: (11/16/2018 03:08:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Instalador de módulos de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (11/16/2018 03:08:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Genuine Software Integrity Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/16/2018 03:08:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Genuine Monitor Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/16/2018 03:08:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio ForceWare IP service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/16/2018 03:08:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio ForceWare Intelligent Application Manager (IAM) se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/16/2018 03:08:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) 9650 Quad-Core Processor
Percentage of memory in use: 68%
Total physical RAM: 4095.24 MB
Available physical RAM: 1281.82 MB
Total Virtual: 8188.63 MB
Available Virtual: 5197.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.78 GB) (Free:157.45 GB) NTFS
Drive i: (COMPAÑÍAS) (Fixed) (Total:232.88 GB) (Free:180.87 GB) NTFS

\\?\Volume{f0827ac3-d09c-11e7-b8bf-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 31555714)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Gracias por tu amable ayuda. Mira te cuento que al iniciar Windows se está demorando mucho en cargar, casi de 1 a 2 minutos. De nuevo muchas gracias por tu ayuda.

Hola

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKLM-x32 -> DefaultScope value is missing
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} =>  -> No File
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} =>  -> No File
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>  -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
Task: {272A9F80-BBFA-48A7-9628-481EAE29F9B2} - \SUPERAntiSpyware Scheduled Task e3758aa6-dbb1-472b-92f4-21b55f87b3ad -> No File <==== ATTENTION
Task: {9E7CF693-C980-4336-8C2B-747EBBB59D8C} - \SUPERAntiSpyware Scheduled Task 222c19a7-2d4d-4764-942c-8cfa29dce4d7 -> No File <==== ATTENTION
Task: {AC6B2887-AA05-416E-A34D-5E109CDF412E} - \StartWop PC Port -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\CamoVlog\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\CamoVlog\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola, ten envío el reporte.

Pues te cuento que sigue arrancando (Windows) algo lento. La pantalla queda azul por unos 20 segundos y luego arranca. Gracias.

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
Ran by CamoVlog (18-11-2018 00:35:08) Run:1
Running from C:\Users\CamoVlog\Desktop
Loaded Profiles: CamoVlog (Available Profiles: CamoVlog & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START

CREATERESTOREPOINT:

CLOSEPROCESSES:

HKLM-x32\...\Run: [] => [X]

SearchScopes: HKLM-x32 -> DefaultScope value is missing

ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} =>  -> No File

ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} =>  -> No File

ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} =>  -> No File

ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>  -> No File

ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File

ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File

ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>  -> No File

ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File

Task: {272A9F80-BBFA-48A7-9628-481EAE29F9B2} - \SUPERAntiSpyware Scheduled Task e3758aa6-dbb1-472b-92f4-21b55f87b3ad -> No File <==== ATTENTION

Task: {9E7CF693-C980-4336-8C2B-747EBBB59D8C} - \SUPERAntiSpyware Scheduled Task 222c19a7-2d4d-4764-942c-8cfa29dce4d7 -> No File <==== ATTENTION

Task: {AC6B2887-AA05-416E-A34D-5E109CDF412E} - \StartWop PC Port -> No File <==== ATTENTION

ShortcutWithArgument: C:\Users\CamoVlog\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

ShortcutWithArgument: C:\Users\CamoVlog\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

HOSTS:

REMOVEPROXY:

EMPTYTEMP:

CMD: netsh winsock reset

CMD: ipconfig /renew

CMD: ipconfig /flushdns

CMD: bitsadmin /reset /allusers

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

END
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   AccExtIco1 => removed successfully
HKLM\Software\Classes\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   AccExtIco2 => removed successfully
HKLM\Software\Classes\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   AccExtIco3 => removed successfully
HKLM\Software\Classes\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AccExt => removed successfully
HKLM\Software\Classes\CLSID\{2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\AccExt => removed successfully
HKLM\Software\Classes\CLSID\{2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{272A9F80-BBFA-48A7-9628-481EAE29F9B2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{272A9F80-BBFA-48A7-9628-481EAE29F9B2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task e3758aa6-dbb1-472b-92f4-21b55f87b3ad" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E7CF693-C980-4336-8C2B-747EBBB59D8C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E7CF693-C980-4336-8C2B-747EBBB59D8C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task 222c19a7-2d4d-4764-942c-8cfa29dce4d7" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{AC6B2887-AA05-416E-A34D-5E109CDF412E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC6B2887-AA05-416E-A34D-5E109CDF412E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartWop PC Port" => removed successfully
C:\Users\CamoVlog\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument removed successfully
C:\Users\CamoVlog\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Shortcut argument removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Shortcut argument removed successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-114870127-2458051889-1227169053-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-114870127-2458051889-1227169053-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::5505:3938:2560:fac2%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.6
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::1%11
                                       192.168.0.1

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{2AC34DFA-6D03-474F-A24D-1ACF449A749D} canceled.
{58A8AC60-A703-439B-B9D2-18E7C101704B} canceled.
{709A2EC5-E89D-42BA-9915-BB27976771E8} canceled.
{D35A0B80-78F2-4985-B106-C6C695A64721} canceled.
4 out of 4 jobs canceled.

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4097411 B
Java, Flash, Steam htmlcache => 1052 B
Windows/system/drivers => 89909733 B
Edge => 0 B
Chrome => 233737114 B
Firefox => 1107280473 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
CamoVlog => 2686217418 B
UpdatusUser => 0 B

RecycleBin => 99466 B
EmptyTemp: => 3.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-11-2018 00:42:02)

C:\Windows\System32\Drivers\etc\hosts => Could not move
Could not restore Hosts.

==== End of Fixlog 00:42:03 ====

Hola Daniela.

Mira, sigue muy lento. Como te digo al iniciar Windows se demora casi 3 minutos, igual al abrir el navegador. Luego de esto parece funcionar fluido pero por momentos de congela (al abrir Twitter por ejemplo o Youtube), no sé qué pueda ser esta vez. Gracias por tu ayuda.

Hola

Ya puedes perdonar que no te haya respondido antes, no vi tu respuesta

Prueba en “modo seguro” para ver si también funciona lento.

Vuelves al “modo normal” y realiza lo siguiente:

• Abre CCleaner a Herramientas. Inicio. En la pestaña Windows, presiona Guardar a un archivo de texto. Este lo guardas como Inicio.

• Luego ve a Herramientas, Inicio, Tareas Programadas, Guardar a un archivo de texto, guárdalo con el nombre de "Tareas"

• Abre CCleaner, Herramientas, Plugins de navegador . En la pestaña Google Chrome, presiona Guardar a un archivo de texto. Este lo guardas como Chrome.

Los guardas en el escritorio para que tengas mejor acceso a ellos.

Pon los informes y comenta como funciona en modo seguro.

Un saludo

Hola Daniela. Gracias, te envío los informes a continuación en su orden:

Inicio

|No|HKCU:Run|CCleaner Monitoring|Piriform Ltd|"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR|
|---|---|---|---|---|
|Si|HKCU:Run|CCleaner Smart Cleaning|Piriform Ltd|"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR|
|No|HKCU:Run|Sidebar|Microsoft Corporation|C:\Program Files\Windows Sidebar\sidebar.exe /autoRun|
|Si|HKLM:Run|Adobe Creative Cloud|Adobe Systems Incorporated|"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true|
|No|HKLM:Run|AdobeAAMUpdater-1.0||"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"|
|Si|HKLM:Run|AdobeGCInvoker-1.0|Adobe Systems, Incorporated|"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"|
|No|HKLM:Run|AvgUi|AVG Technologies CZ, s.r.o.|"C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw|
|Si|HKLM:Run|Avira SystrayStartTrigger|Avira Operations GmbH & Co. KG|"C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"|
|No|HKLM:Run|RtHDVCpl|Realtek Semiconductor|C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s|
|Si|Startup User|brffgeav.lnk|Microsoft Corporation|C:\Windows\System32\cmd.exe|

|Si|Task|AdobeAAMUpdater-1.0-CamoVlog-PC-CamoVlog||C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled|
|---|---|---|---|---|
|Si|Task|AdobeGCInvoker-1.0-CamoVlog-PC-CamoVlog|Adobe Systems, Incorporated|C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe|
|Si|Task|CCleanerSkipUAC|Piriform Ltd|"C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)|
|Si|Task|GlaryInitialize 5||C:\Program Files (x86)\Glary Utilities 5\Initialize.exe|
|Si|Task|GoogleUpdateTaskMachineCore|Google Inc.|C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c|
|Si|Task|GoogleUpdateTaskMachineUA|Google Inc.|C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler|
|Si|Task|{8FA60A6A-DF3D-4FCD-80A1-3951649CA889}|Microsoft Corporation|C:\Windows\system32\pcalua.exe -a C:\Users\CamoVlog\Desktop\15.53_nforce_win7_32bit_international_whql.exe -d C:\Users\CamoVlog\Desktop|

|No|Extension|AdBlock|3.34.0|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.34.0_0|
|---|---|---|---|---|---|
|Si|Extension|Avira Navegación segura|2.6.4.1980|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\2.6.4.1980_0|
|Si|Extension|Boomerang for Gmail|1.2.8|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll\1.2.8_0|
|No|Extension|Flash-HTML5 for YouTube™|0.1.9|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\omimccinlhlkpjaeaocglgmkbelejlhj\0.1.9_0|
|Si|Extension|Magic Actions for YouTube™|7.8.0.0|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\7.8.0.0_0|
|No|Extension|MEGA|3.46.5|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod\3.46.5_0|
|No|Extension|Tags for YouTube™|8.4|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggphokdgjikekfiakjcpidcclbmkfga\8.4_0|
|No|Extension|Unlimited Free VPN - Hola|1.113.625|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.113.625_0|
|No|Extension|Unlock Premium Content|1.7|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjmcpnogioojilaohalakcjniiaekgcp\1.7_0|
|Si|Extension|Video DownloadHelper|7.3.5.0|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk\7.3.5.0_0|
|No|Extension|Web for Instagram|13.3|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkhjjcoidmkfegigfdedmafpfemccpk\13.3_0|
|No|Extension|ZenMate VPN - Mejor seguridad para Internet|6.3.0|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme\6.3.0_0|

En “modo seguro” el compu funciona muy fluido y ágil, así quisiera que trabajara siempre Y en modo normal, te cuento que se ralentiza mucho, al apgarse demora mucho también y lo mismo durante el encendido. Gracias por tu valiosa ayuda, quedo atento.

Hola

Abre CCleaner a Herramientas. Inicio. En la pestaña Windows desactiva todas de una en una.

Luego ve a Herramientas, Inicio, Tareas Programadas y desactiva todas.

En Plugins de navegador borra esta:

Si|Extension|Boomerang for Gmail|1.2.8|Persona 1|C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll\1.2.8_0|

Reinicia un par de veces y comprueba el funcionamiento.

Un saludo

Hola cómo estás? Mira, hice lo que me dijiste y está aún más lento, se ralentiza mucho, se para. Está más lento que antes Crees que deba reinstalar el windows? Gracias.

Mira, la verdad se está bloqueando mucho Entro a cualquier programa y se ralentiza muchísimo. Ayudaaaaa. Hago edición de video en Sony Vegas y ayer estaba bien y hoy se bloquea. Aprecio tus consejos, gracias. Saludos.

Hola

Cuando un equipo da tantos problemas, a veces es mejor reinsatalar de nuevo.

Hace mucho que no realizas una limpieza de ventilador, cambio de pasta térmica, etc?

Vamos a ver si tiene alguna infección más.

Realiza las siguientes acciones:

Análisis del PC con Eset Online Scaner : Manual de Uso

Análisis del PC con Kasperky Virus Removal Tool: Manual de Uso

NOTAS IMPORTANTES:

1. En Tu próxima respuesta, debes pegar ambos reportes.

2. Debes copiar y pegar los reportes solicitados con todo su contenido. Usaras varios mensajes si recibes un mensaje de error indicando que es muy largo (mas de 50.000 caracteres aprox.).

3. Envuelve cada uno de los informes con una etiqueta escrita al inicio del informe y otra como este al final del mismo.

Nos comentas como sigue el problema.

Un saludo

Buenos días.

Envío informes solicitados de Malwarebytes y AdwCleaner, gracias.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 15/5/19
Hora del análisis: 9:17
Archivo de registro: 3088bcc0-771c-11e9-aa8d-00306703166e.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.10614
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: CamoVlog-PC\CamoVlog

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 256469
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 16 min, 17 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 2
PUM.Optional.DisableMRT, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU, En cuarentena, [7118], [676880],1.0.10614
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU, En cuarentena, [7118], [676880],1.0.10614

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-15-2019
# Duration: 00:00:13
# OS:       Windows 7 Professional
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Multitimer

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1345 octets] - [16/11/2018 15:07:01]
AdwCleaner[C00].txt - [1471 octets] - [16/11/2018 15:09:29]
AdwCleaner[S01].txt - [1417 octets] - [15/05/2019 09:46:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########