PC algo lenta despues de un formateo

#1

Buenas tardes ! Estuve leyendo que hay varios threads ya de esto , y particularmente leí uno que fue el que me hizo registrarme para así aprender mas, y ver si pueden ayudarme a solucionar mis problemas … Desde ya muchas gracias ! Es un i7 con 32 gb de ram, dos SSD de 250 gigas c/u, en uno de los cuales tengo el sistema operativo, instalado hoy a la mañana … pensé que eso iba a ser lo que me solucionara el problema de lentitud … Si, y digo problema de lentitud porque es similar a este:


con la diferencia que lo único que noto es la lentitud en las reacciones, nada mas. El uso de la pc nunca supera el 2 o 3% (a veces va a mas, pero por unos segundos y después vuelve a lo citado). El sistema operativo es el 7 professional de 64 bits, el navegador es el Opera de 64 bits y tengo un photoshop instalado, y algunos otros programas mas, como el notepad++ , el adiirc (de chat, clon del mIRC), y un par mas. Desde ya muchas gracias ! qué debo de hacer? digo, ya leí las respuestas y cosas para bajar y escanear en ese tema, pero espero la guía del experto …

1 me gusta
#2

Me olvidé del primer screenshot. Este es de Speccy, por si de algo sirve como primer dato, acá está: Imgur

Y esta es una captura del Windows Update: Imgur

1 me gusta
#3

Hola @CaLy y Bienvenido al Foro. :+1:

Nos puedes poner los informes de las herramientas que has usado…??

Saludos.

1 me gusta
#4

Es que justamente @JavierHF todavia no usé ninguna porque no se con cual empezar. Mb3 ? o cuales? Gracias mil

1 me gusta
#5

Bien…pues empezaremos revisando tu máquina y para hacerlo sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos.

#6

Gracias @JavierHF voy a hacer eso YA mismo , y luego te comento !

#7

OK Acá va. Con el ccleaner borré todos los temporales, y luego el registro tal como dijiste.

El Malwarebytes:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/21/19
Scan Time: 8:27 PM
Log File: 13a13bf7-648d-11e9-afe2-fcaa147da0b6.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.563
Update Package Version: 1.0.10240
License: Free

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Stargate-PC\Internet

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 245349
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 0 min, 36 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Ahora el adwcleaner:

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-21-2019
# Duration: 00:00:05
# OS:       Windows 7 Professional
# Scanned:  27198
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Ahora el JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64 
Ran by Stargate (Administrator) on 21/04/2019 at 20:31:42,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 16 

Successfully deleted: C:\Users\Stargate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Stargate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Y2T65ZX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Stargate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Stargate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6F7KPCO4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Stargate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKQYYCG3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Stargate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Stargate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Stargate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VDN4S2M4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Y2T65ZX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6F7KPCO4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKQYYCG3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VDN4S2M4 (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21/04/2019 at 20:32:08,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

El FarBar

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.04.2019 01
Ran by Stargate (administrator) on STARGATE-PC (Gigabyte Technology Co., Ltd. Z97X-SLI) (21-04-2019 20:33:01)
Running from C:\Users\Internet\Desktop
Loaded Profiles: Stargate & Internet (Available Profiles: Stargate & Internet)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7611608 2014-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2155461421-2815423461-2220668013-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2155461421-2815423461-2220668013-1000\...\MountPoints2: {34948cd0-642c-11e9-b02c-806e6f6e6963} - H:\Run.exe
Startup: C:\Users\Stargate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2019-04-21]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3CE193AF-BCCD-462D-9C8E-35DAEF013CB7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {81735720-585E-4657-AC91-697CE541E9BF} - System32\Tasks\Opera scheduled Autoupdate 1555849555 => C:\Program Files\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {A46FE110-3058-4417-9B3F-0A68FCE440C1} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B929C9BB-FD3E-4311-AE09-2F5AFCD3B5A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C481A7C2-AE23-4772-B6DD-C755AABCC93A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F5D20719-0D5D-4357-994E-4F5D8EC6EC56} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.81.125.130 200.3.220.23
Tcpip\..\Interfaces\{D9446419-272F-4DB1-A69F-7F8A2CCF3C3A}: [DhcpNameServer] 200.81.125.130 200.3.220.23

Internet Explorer:
==================
HKU\S-1-5-21-2155461421-2815423461-2220668013-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2155461421-2815423461-2220668013-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2019-04-21] (Adobe Systems) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation -> Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-21 20:33 - 2019-04-21 20:33 - 000009310 _____ C:\Users\Internet\Desktop\FRST.txt
2019-04-21 20:32 - 2019-04-21 20:33 - 000000000 ____D C:\FRST
2019-04-21 20:32 - 2019-04-21 20:32 - 000003206 _____ C:\Users\Stargate\Desktop\JRT.txt
2019-04-21 20:29 - 2019-04-21 20:29 - 000000000 ____D C:\AdwCleaner
2019-04-21 20:27 - 2019-04-21 20:27 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-21 20:27 - 2019-04-21 20:27 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-21 20:27 - 2019-04-21 20:27 - 000000000 ____D C:\Users\Stargate\AppData\Local\mbam
2019-04-21 20:27 - 2019-04-21 20:27 - 000000000 ____D C:\Users\Internet\AppData\Local\mbamtray
2019-04-21 20:27 - 2019-04-21 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-21 20:27 - 2019-04-21 20:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-21 20:27 - 2019-04-21 20:27 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-21 20:27 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-04-21 20:26 - 2019-04-21 20:26 - 000030824 _____ C:\Users\Stargate\Documents\cc_20190421_202616.reg
2019-04-21 20:26 - 2019-04-21 20:26 - 000005264 _____ C:\Users\Stargate\Documents\cc_20190421_202630.reg
2019-04-21 20:25 - 2019-04-21 20:25 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-21 20:25 - 2019-04-21 20:25 - 000002820 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-04-21 20:25 - 2019-04-21 20:25 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-21 20:25 - 2019-04-21 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-21 20:25 - 2019-04-21 20:25 - 000000000 ____D C:\Program Files\CCleaner
2019-04-21 20:23 - 2019-04-21 20:23 - 002435072 _____ (Farbar) C:\Users\Internet\Desktop\FRST64.exe
2019-04-21 20:22 - 2019-04-21 20:22 - 007025360 _____ (Malwarebytes) C:\Users\Internet\Desktop\adwcleaner_7.3.exe
2019-04-21 20:22 - 2019-04-21 20:22 - 001790024 _____ (Malwarebytes) C:\Users\Internet\Desktop\JRT.exe
2019-04-21 20:20 - 2019-04-21 20:21 - 062824224 _____ (Malwarebytes ) C:\Users\Internet\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.10240.exe
2019-04-21 20:19 - 2019-04-21 20:19 - 021254208 _____ (Piriform Software Ltd) C:\Users\Internet\Desktop\ccsetup556.exe
2019-04-21 19:26 - 2019-04-21 19:26 - 000000000 ____D C:\Users\Stargate\AppData\Local\ESET
2019-04-21 19:25 - 2019-04-21 19:25 - 000000000 ____D C:\Users\Internet\AppData\Local\ESET
2019-04-21 19:22 - 2019-04-21 19:22 - 000001912 _____ C:\Users\Stargate\Desktop\Rkill.txt
2019-04-21 18:20 - 2019-04-21 18:20 - 000000796 _____ C:\Users\Public\Desktop\Speccy.lnk
2019-04-21 18:20 - 2019-04-21 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2019-04-21 18:20 - 2019-04-21 18:20 - 000000000 ____D C:\Program Files\Speccy
2019-04-21 18:17 - 2019-04-21 18:17 - 000000000 ____D C:\Windows\system32\appmgmt
2019-04-21 17:41 - 2019-04-21 17:41 - 000000600 _____ C:\Users\Internet\AppData\Roaming\winscp.rnd
2019-04-21 17:37 - 2019-04-21 17:37 - 000000000 ____D C:\Users\Internet\AppData\Roaming\WinRAR
2019-04-21 17:37 - 2019-04-21 17:37 - 000000000 ____D C:\Users\Internet\AppData\Roaming\Far Manager
2019-04-21 17:37 - 2019-04-21 17:37 - 000000000 ____D C:\Users\Internet\AppData\Local\Far Manager
2019-04-21 13:54 - 2019-04-21 20:25 - 000000000 ____D C:\Windows\Panther
2019-04-21 13:54 - 2019-04-21 13:54 - 000008192 __RSH C:\BOOTSECT.BAK
2019-04-21 13:54 - 2010-11-21 00:23 - 000383786 __RSH C:\bootmgr
2019-04-21 11:47 - 2019-04-21 11:47 - 000000000 ____D C:\Users\Internet\AppData\LocalLow\Adobe
2019-04-21 11:45 - 2019-04-21 11:45 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-04-21 11:45 - 2019-04-21 11:45 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-21 11:45 - 2019-04-21 11:45 - 000002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-04-21 11:45 - 2015-07-18 10:08 - 000984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-04-21 11:45 - 2015-07-18 10:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-04-21 11:40 - 2019-04-21 11:40 - 000000000 ____D C:\Users\Stargate\AppData\Local\Adobe
2019-04-21 11:35 - 2019-04-21 11:47 - 000000000 ____D C:\Users\Internet\AppData\Roaming\Adobe
2019-04-21 11:35 - 2019-04-21 11:47 - 000000000 ____D C:\Users\Internet\AppData\Local\Adobe
2019-04-21 11:35 - 2019-04-21 11:35 - 000001698 _____ C:\Users\Internet\Desktop\Photoshop.lnk
2019-04-21 11:35 - 2019-04-21 11:35 - 000000000 ____D C:\Users\Internet\Documents\Updater
2019-04-21 11:12 - 2019-04-21 11:41 - 000000000 ____D C:\Users\Internet\AppData\Local\IIID
2019-04-21 11:12 - 2019-04-21 11:12 - 000000000 ____D C:\Users\Internet\AppData\Roaming\IrfanView
2019-04-21 11:03 - 2019-04-21 18:38 - 000000000 ____D C:\Users\Internet\AppData\Roaming\AIMP
2019-04-21 10:55 - 2019-04-21 18:19 - 000000000 ____D C:\Users\Internet\AppData\Local\QuickPar
2019-04-21 10:32 - 2019-04-21 10:32 - 000063688 _____ C:\Users\Internet\Downloads\Ben Liebrand in the mix _amp_ BijnaWeekendMix _amp_ Radio Calletti 2019-04-19 _amp_ 20.nzb
2019-04-21 10:29 - 2019-04-21 10:33 - 000000000 ____D C:\nzb
2019-04-21 10:29 - 2019-04-21 10:30 - 000000000 ____D C:\Users\Internet\AppData\Local\Alt.Binz
2019-04-21 10:13 - 2019-04-21 10:14 - 000000000 ____D C:\Users\Internet\AppData\Roaming\Notepad++
2019-04-21 10:12 - 2019-04-21 10:12 - 000000000 ____D C:\Users\Internet\AppData\Local\Apps\2.0
2019-04-21 10:09 - 2019-04-21 10:09 - 000000000 ____D C:\Users\Internet\AppData\Roaming\GHISLER
2019-04-21 10:09 - 2019-04-21 10:09 - 000000000 ____D C:\Users\Internet\AppData\Local\GHISLER
2019-04-21 10:08 - 2019-04-21 10:08 - 000000000 ____D C:\Users\Internet\AppData\Roaming\Opera Software
2019-04-21 10:08 - 2019-04-21 10:08 - 000000000 ____D C:\Users\Internet\AppData\Local\Opera Software
2019-04-21 10:07 - 2019-04-21 11:35 - 000000000 ____D C:\Users\Internet\AppData\Local\VirtualStore
2019-04-21 10:07 - 2019-04-21 10:07 - 000108824 _____ C:\Users\Internet\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-21 10:07 - 2019-04-21 10:07 - 000001447 _____ C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-04-21 10:07 - 2019-04-21 10:07 - 000001413 _____ C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2019-04-21 10:07 - 2019-04-21 10:07 - 000000020 ___SH C:\Users\Internet\ntuser.ini
2019-04-21 10:07 - 2019-04-21 10:07 - 000000000 ____D C:\Users\Internet
2019-04-21 10:07 - 2011-04-12 05:28 - 000000000 ____D C:\Users\Internet\AppData\Roaming\Media Center Programs
2019-04-21 10:04 - 2019-04-21 10:04 - 000000828 _____ C:\Users\Stargate\Desktop\AdiIRC.lnk
2019-04-21 10:04 - 2019-04-21 10:04 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdiIRC
2019-04-21 10:04 - 2019-04-21 10:04 - 000000000 ____D C:\Users\Stargate\AppData\Local\AdiIRC
2019-04-21 10:04 - 2019-04-21 10:04 - 000000000 ____D C:\Program Files\AdiIRC
2019-04-21 10:03 - 2019-04-21 10:03 - 000749404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-04-21 09:51 - 2012-02-17 03:38 - 001031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-21 09:51 - 2012-02-17 02:34 - 000826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-04-21 09:51 - 2012-02-17 01:58 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2019-04-21 09:51 - 2012-02-17 01:57 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2019-04-21 09:49 - 2019-04-21 09:49 - 000108824 _____ C:\Users\Stargate\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-21 09:49 - 2019-04-21 09:49 - 000002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2019-04-21 09:49 - 2019-04-21 09:49 - 000001945 _____ C:\Windows\epplauncher.mif
2019-04-21 09:49 - 2019-04-21 09:49 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\Obsidium
2019-04-21 09:49 - 2019-04-21 09:49 - 000000000 ____D C:\Program Files\Microsoft Security Client
2019-04-21 09:49 - 2019-04-21 09:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2019-04-21 09:48 - 2019-04-21 09:56 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\mIRC
2019-04-21 09:44 - 2019-04-21 09:44 - 000000899 _____ C:\Users\Public\Desktop\AIMP.lnk
2019-04-21 09:44 - 2019-04-21 09:44 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\AIMP
2019-04-21 09:44 - 2019-04-21 09:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2019-04-21 09:44 - 2019-04-21 09:44 - 000000000 ____D C:\Program Files (x86)\AIMP
2019-04-21 09:42 - 2019-04-21 09:42 - 000001011 _____ C:\Users\Stargate\Desktop\QuickPar.lnk
2019-04-21 09:42 - 2019-04-21 09:42 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2019-04-21 09:42 - 2019-04-21 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2019-04-21 09:42 - 2019-04-21 09:42 - 000000000 ____D C:\Program Files (x86)\QuickPar
2019-04-21 09:41 - 2019-04-21 09:41 - 000001014 _____ C:\Users\Public\Desktop\Alt.Binz.lnk
2019-04-21 09:41 - 2019-04-21 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alt.Binz
2019-04-21 09:41 - 2019-04-21 09:41 - 000000000 ____D C:\Program Files (x86)\Alt.Binz
2019-04-21 09:40 - 2019-04-21 09:41 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\Notepad++
2019-04-21 09:40 - 2019-04-21 09:40 - 000000836 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2019-04-21 09:40 - 2019-04-21 09:40 - 000000000 ____D C:\Program Files\Notepad++
2019-04-21 09:39 - 2019-04-21 09:39 - 000001852 _____ C:\Users\Stargate\Desktop\IrfanView 64 Thumbnails.lnk
2019-04-21 09:39 - 2019-04-21 09:39 - 000000978 _____ C:\Users\Stargate\Desktop\IrfanView 64.lnk
2019-04-21 09:39 - 2019-04-21 09:39 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2019-04-21 09:39 - 2019-04-21 09:39 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\IrfanView
2019-04-21 09:39 - 2019-04-21 09:39 - 000000000 ____D C:\Program Files\IrfanView
2019-04-21 09:32 - 2014-05-14 13:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-04-21 09:32 - 2014-05-14 13:23 - 000700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-04-21 09:32 - 2014-05-14 13:23 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-04-21 09:32 - 2014-05-14 13:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-04-21 09:32 - 2014-05-14 13:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-04-21 09:32 - 2014-05-14 13:23 - 000038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-04-21 09:32 - 2014-05-14 13:23 - 000036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-04-21 09:32 - 2014-05-14 13:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-04-21 09:32 - 2014-05-14 13:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-04-21 09:32 - 2014-05-14 13:17 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2019-04-21 09:31 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-04-21 09:31 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-04-21 09:31 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-04-21 09:31 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-04-21 09:30 - 2019-04-21 09:30 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-21 09:30 - 2019-04-21 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-21 09:30 - 2019-04-21 09:30 - 000000000 ____D C:\Program Files\WinRAR
2019-04-21 09:29 - 2019-04-21 09:29 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2019-04-21 09:29 - 2019-04-21 09:29 - 000000000 ____D C:\Windows\PCHEALTH
2019-04-21 09:29 - 2019-04-21 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2019-04-21 09:29 - 2019-04-21 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2019-04-21 09:29 - 2019-04-21 09:29 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
2019-04-21 09:29 - 2019-04-21 09:29 - 000000000 ____D C:\Program Files\Microsoft Sync Framework
2019-04-21 09:29 - 2019-04-21 09:29 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2019-04-21 09:29 - 2019-04-21 09:29 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-04-21 09:28 - 2019-04-21 09:29 - 000000000 ____D C:\Program Files\Microsoft Office
2019-04-21 09:28 - 2019-04-21 09:28 - 000000000 __RHD C:\MSOCache
2019-04-21 09:28 - 2019-04-21 09:28 - 000000000 ____D C:\Users\Stargate\AppData\Local\Microsoft Help
2019-04-21 09:28 - 2019-04-21 09:28 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2019-04-21 09:28 - 2019-04-21 09:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2019-04-21 09:28 - 2019-04-21 09:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-04-21 09:28 - 2019-04-21 09:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2019-04-21 09:25 - 2019-04-21 09:26 - 000000000 ____D C:\Program Files\Opera
2019-04-21 09:25 - 2019-04-21 09:25 - 000003836 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1555849555
2019-04-21 09:25 - 2019-04-21 09:25 - 000001126 _____ C:\Users\Public\Desktop\Opera Browser.lnk
2019-04-21 09:25 - 2019-04-21 09:25 - 000001126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-04-21 09:25 - 2019-04-21 09:25 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\Opera Software
2019-04-21 09:25 - 2019-04-21 09:25 - 000000000 ____D C:\Users\Stargate\AppData\Local\Opera Software
2019-04-21 09:17 - 2019-04-21 09:17 - 000000000 ____D C:\Users\Stargate\AppData\Local\GHISLER
2019-04-21 09:15 - 2013-10-31 17:36 - 000001904 ____N C:\Windows\system32\SetupBD.din
2019-04-21 09:14 - 2019-04-21 09:14 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2019-04-21 09:14 - 2019-04-21 09:14 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-04-21 09:14 - 2019-04-21 09:14 - 000000000 ____D C:\Program Files\Realtek
2019-04-21 09:14 - 2014-05-22 05:24 - 000096568 _____ C:\Windows\system32\audioLibVc.dll
2019-04-21 09:14 - 2014-03-04 18:11 - 001048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2019-04-21 09:14 - 2014-03-04 18:11 - 000889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2019-04-21 09:14 - 2014-03-04 18:11 - 000724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2019-04-21 09:14 - 2014-03-04 18:11 - 000246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2019-04-21 09:14 - 2014-02-27 09:02 - 002162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2019-04-21 09:14 - 2014-02-06 00:28 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2019-04-21 09:14 - 2013-09-26 04:13 - 000565048 ____R (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2019-04-21 09:14 - 2013-08-29 05:49 - 000494864 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d62x64.sys
2019-04-21 09:14 - 2013-07-24 15:36 - 000073480 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll
2019-04-21 09:14 - 2013-07-10 19:36 - 000089888 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll
2019-04-21 09:14 - 2013-06-25 01:47 - 000871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2019-04-21 09:14 - 2013-06-25 01:47 - 000162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2019-04-21 09:14 - 2013-06-25 01:46 - 000582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2019-04-21 09:14 - 2012-01-30 00:43 - 000836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2019-04-21 09:14 - 2012-01-09 23:20 - 000065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2019-04-21 09:14 - 2012-01-06 02:03 - 000003114 _____ C:\Windows\system32\e1d62x64.din
2019-04-21 09:14 - 2011-03-17 01:17 - 001361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2019-04-21 09:14 - 2011-03-07 06:11 - 000148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2019-04-21 09:14 - 2009-05-25 22:05 - 000036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
2019-04-21 09:13 - 2014-05-28 09:23 - 003977944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2019-04-21 09:13 - 2014-05-28 03:35 - 002800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2019-04-21 09:13 - 2014-05-28 00:38 - 001137695 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2019-04-21 09:13 - 2014-05-26 04:00 - 062006272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2019-04-21 09:13 - 2014-05-23 02:54 - 000948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2019-04-21 09:13 - 2014-05-22 02:21 - 001022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2019-04-21 09:13 - 2014-05-19 06:16 - 002843352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2019-04-21 09:13 - 2014-05-14 04:47 - 002119472 _____ C:\Windows\system32\SStudio.dll
2019-04-21 09:13 - 2014-05-09 00:17 - 000628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2019-04-21 09:13 - 2014-04-10 01:20 - 012894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2019-04-21 09:13 - 2014-04-10 01:19 - 002101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2019-04-21 09:13 - 2014-04-09 05:39 - 000942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2019-04-21 09:13 - 2014-04-09 05:38 - 005751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2019-04-21 09:13 - 2014-03-06 05:35 - 001959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2019-04-21 09:13 - 2014-01-28 00:48 - 001286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2019-04-21 09:13 - 2013-10-11 00:31 - 000947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2019-04-21 09:13 - 2013-08-14 04:36 - 000662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2019-04-21 09:13 - 2012-08-31 08:18 - 007164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2019-04-21 09:13 - 2012-08-31 08:17 - 000434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2019-04-21 09:13 - 2012-08-31 08:17 - 000141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2019-04-21 09:13 - 2012-08-31 08:17 - 000124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2019-04-21 09:13 - 2012-08-31 08:17 - 000075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2019-04-21 09:13 - 2011-12-20 04:32 - 000331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2019-04-21 09:13 - 2011-11-22 05:28 - 000014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2019-04-21 09:13 - 2011-09-02 03:21 - 000221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2019-04-21 09:13 - 2011-09-02 03:21 - 000081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2019-04-21 09:13 - 2011-09-02 03:21 - 000078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2019-04-21 09:13 - 2010-11-07 20:31 - 000375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2019-04-21 09:13 - 2010-11-07 20:31 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2019-04-21 09:13 - 2010-11-07 20:31 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2019-04-21 09:13 - 2010-11-07 20:31 - 000204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2019-04-21 09:13 - 2010-11-07 20:31 - 000101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2019-04-21 09:13 - 2010-11-07 20:31 - 000078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2019-04-21 09:13 - 2010-11-03 07:30 - 000149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2019-04-21 09:13 - 2010-07-22 05:48 - 000074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2019-04-21 09:13 - 2009-11-23 22:55 - 000518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2019-04-21 09:13 - 2009-11-23 22:55 - 000211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2019-04-21 09:13 - 2009-11-23 22:55 - 000198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2019-04-21 09:13 - 2009-11-23 22:55 - 000155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2019-04-21 09:12 - 2019-04-21 09:14 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-04-21 09:12 - 2019-04-21 09:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-04-21 09:12 - 2019-04-21 09:12 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-04-21 09:12 - 2014-05-18 23:47 - 002080472 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2019-04-21 09:12 - 2014-04-17 06:42 - 001317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2019-04-21 09:12 - 2014-04-17 06:42 - 001168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2019-04-21 09:12 - 2014-04-17 06:42 - 001136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2019-04-21 09:12 - 2014-04-10 01:20 - 001934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2019-04-21 09:12 - 2014-04-10 01:19 - 028343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2019-04-21 09:12 - 2014-04-10 01:19 - 014863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2019-04-21 09:12 - 2014-04-10 01:19 - 003959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2019-04-21 09:12 - 2014-04-10 01:19 - 002041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2019-04-21 09:12 - 2014-04-10 01:19 - 001063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2019-04-21 09:12 - 2014-04-10 01:19 - 000900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2019-04-21 09:12 - 2014-04-07 05:03 - 006218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2019-04-21 09:12 - 2014-04-07 05:03 - 001939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2019-04-21 09:12 - 2014-04-07 05:03 - 000315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2019-04-21 09:12 - 2014-04-07 05:03 - 000261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2019-04-21 09:12 - 2014-03-21 03:17 - 000291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2019-04-21 09:12 - 2014-03-19 08:19 - 000956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2019-04-21 09:12 - 2014-02-18 06:04 - 002770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2019-04-21 09:12 - 2014-01-31 06:27 - 001313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2019-04-21 09:12 - 2013-10-15 16:43 - 000209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2019-04-21 09:12 - 2013-10-11 01:47 - 000113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2019-04-21 09:12 - 2013-10-06 13:26 - 000501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2019-04-21 09:12 - 2013-10-06 13:26 - 000487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2019-04-21 09:12 - 2013-10-06 13:26 - 000415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2019-04-21 09:12 - 2013-08-14 04:35 - 000663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2019-04-21 09:12 - 2013-06-21 00:01 - 000109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2019-04-21 09:12 - 2013-04-03 03:13 - 000906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2019-04-21 09:12 - 2012-03-08 00:47 - 000108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2019-04-21 09:12 - 2011-08-23 06:00 - 000603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 001756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 001568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 001486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 000728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 000712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 000693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 000491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 000432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 000428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 000242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 000242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2019-04-21 09:12 - 2011-05-30 22:42 - 000241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2019-04-21 09:12 - 2010-09-26 22:34 - 000318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2019-04-21 09:11 - 2019-04-21 09:15 - 000000000 ____D C:\Program Files\Intel
2019-04-21 09:11 - 2019-04-21 09:11 - 000000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2019-04-21 09:11 - 2019-04-21 09:11 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2019-04-21 09:11 - 2019-04-21 09:11 - 000000000 ____D C:\Users\Stargate\Intel
2019-04-21 09:11 - 2019-04-21 09:11 - 000000000 ____D C:\ProgramData\Package Cache
2019-04-21 09:11 - 2019-04-21 09:11 - 000000000 ____D C:\ProgramData\Intel
2019-04-21 09:11 - 2019-04-21 09:11 - 000000000 ____D C:\Program Files (x86)\Intel
2019-04-21 09:11 - 2012-07-26 01:55 - 000785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2019-04-21 09:11 - 2012-07-26 01:55 - 000054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2019-04-21 09:11 - 2012-07-25 23:36 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2019-04-21 09:11 - 2012-06-02 11:35 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2019-04-21 09:06 - 2019-04-21 09:08 - 000000010 _____ C:\Windows\GSetup.ini
2019-04-21 09:03 - 2019-04-21 09:03 - 000002089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2019-04-21 09:03 - 2019-04-21 09:03 - 000000000 ____D C:\Users\Public\Documents\Adobe PDF
2019-04-21 09:02 - 2019-04-21 11:48 - 000000000 ____D C:\ProgramData\Adobe
2019-04-21 09:02 - 2019-04-21 11:45 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-04-21 09:02 - 2019-04-21 09:02 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2019-04-21 09:02 - 2019-04-21 09:02 - 000002045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2019-04-21 09:02 - 2019-04-21 09:02 - 000002042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2019-04-21 09:02 - 2019-04-21 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2019-04-21 09:00 - 2019-04-21 10:51 - 000000000 ____D C:\totalcmd
2019-04-21 09:00 - 2019-04-21 09:00 - 000488711 __RSH C:\OIGQN
2019-04-21 09:00 - 2019-04-21 09:00 - 000000646 _____ C:\Users\Public\Desktop\Total Commander 64 bit.lnk
2019-04-21 09:00 - 2019-04-21 09:00 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\GHISLER
2019-04-21 09:00 - 2019-04-21 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2019-04-21 08:57 - 2019-04-21 18:20 - 000000000 ____D C:\Users\Stargate
2019-04-21 08:57 - 2019-04-21 08:57 - 000001447 _____ C:\Users\Stargate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-04-21 08:57 - 2019-04-21 08:57 - 000001413 _____ C:\Users\Stargate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2019-04-21 08:57 - 2019-04-21 08:57 - 000000020 ___SH C:\Users\Stargate\ntuser.ini
2019-04-21 08:57 - 2019-04-21 08:57 - 000000000 ____D C:\Users\Stargate\AppData\Local\VirtualStore
2019-04-21 08:57 - 2011-04-12 05:28 - 000000000 ____D C:\Users\Stargate\AppData\Roaming\Media Center Programs
2019-04-21 08:55 - 2019-04-21 08:55 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2019-04-21 08:55 - 2019-04-21 08:55 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2019-04-21 08:54 - 2019-04-21 08:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-21 20:31 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-04-21 19:02 - 2009-07-14 01:45 - 000031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-21 19:02 - 2009-07-14 01:45 - 000031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-21 19:01 - 2009-07-14 02:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-21 18:55 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-21 13:54 - 2009-07-14 02:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-04-21 09:58 - 2009-07-14 01:45 - 000416280 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-21 09:30 - 2009-07-14 00:20 - 000000000 ____D C:\Program Files\Common Files\System
2019-04-21 09:30 - 2009-07-13 23:34 - 000000478 _____ C:\Windows\win.ini
2019-04-21 09:29 - 2011-04-12 05:28 - 000000000 ____D C:\Windows\ShellNew
2019-04-21 09:29 - 2009-07-14 02:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-04-21 09:29 - 2009-07-14 00:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-04-21 09:15 - 2009-07-14 00:20 - 000000000 __RHD C:\Users\Public\Libraries
2019-04-21 08:56 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\rescache
2019-04-21 08:55 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\sysprep
2019-04-21 08:54 - 2011-04-12 05:28 - 000000000 ____D C:\Windows\CSC

Some files in TEMP:
====================
2019-04-21 10:00 - 2019-02-08 06:52 - 000136984 _____ (mIRC Co. Ltd.) C:\Users\Stargate\AppData\Local\Temp\uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-21 10:50
==================== End of FRST.txt ============================
#8

El addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.04.2019 01
Ran by Stargate (21-04-2019 20:33:24)
Running from C:\Users\Internet\Desktop
Windows 7 Professional Service Pack 1 (X64) (2019-04-21 11:56:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2155461421-2815423461-2220668013-500 - Administrator - Disabled)
Guest (S-1-5-21-2155461421-2815423461-2220668013-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2155461421-2815423461-2220668013-1002 - Limited - Enabled)
Internet (S-1-5-21-2155461421-2815423461-2220668013-1003 - Limited - Enabled) => C:\Users\Internet
Stargate (S-1-5-21-2155461421-2815423461-2220668013-1000 - Administrator - Enabled) => C:\Users\Stargate

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AdiIRC (HKLM-x32\...\AdiIRC) (Version: 3.3 - Per Amundsen)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Intel(R) Chipset Device Software (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6.6 - Notepad++ Team)
Opera Stable 60.0.3255.56 (HKLM-x32\...\Opera 60.0.3255.56) (Version: 60.0.3255.56 - Opera Software)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7256 - Realtek Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.20 release candidate 2 - Ghisler Software GmbH)
WinRAR 5.60 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.5 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6718864 2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4220304 2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-04-21] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-04-21] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-17] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-04-21 09:44 - 2019-04-21 09:44 - 001516080 _____ (Artem Izmaylov -> AIMP DevTeam) [File not signed] C:\Program Files (x86)\AIMP\System\aimp_menu64.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-21 20:27 - 2019-03-13 09:22 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2009-06-10 18:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2155461421-2815423461-2220668013-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2155461421-2815423461-2220668013-1003\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{217E3E11-BF85-4E76-896B-4D36C6076D62}] => (Allow) C:\Program Files\Opera\60.0.3255.56\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

21-04-2019 09:02:44 Installed Adobe Photoshop CS2
21-04-2019 09:14:41 Conexiones de red Intel®
21-04-2019 09:27:58 Installed Microsoft Office Professional Plus 2010
21-04-2019 09:31:56 Windows Update
21-04-2019 09:51:04 Windows Update
21-04-2019 11:45:11 Windows Update
21-04-2019 17:37:14 Installed Far Manager 3 x64
21-04-2019 18:16:56 Removed Far Manager 3 x64
21-04-2019 20:31:42 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Standard VGA Graphics Adapter
Description: Standard VGA Graphics Adapter
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: vga
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/21/2019 06:57:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/21/2019 04:48:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/21/2019 10:09:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/21/2019 10:00:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/21/2019 09:29:57 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (04/21/2019 09:29:57 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (04/21/2019 09:29:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (04/21/2019 09:29:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (04/21/2019 07:31:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading

Error: (04/21/2019 07:31:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Stargate\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (04/21/2019 07:31:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading

Error: (04/21/2019 07:31:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Stargate\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (04/21/2019 07:31:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading

Error: (04/21/2019 07:31:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Stargate\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (04/21/2019 07:31:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading

Error: (04/21/2019 07:31:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Stargate\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 19%
Total physical RAM: 32629.02 MB
Available physical RAM: 26361.41 MB
Total Virtual: 65256.24 MB
Available Virtual: 59196.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.57 GB) (Free:146.96 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
Drive e: () (Fixed) (Total:1863.01 GB) (Free:1862.56 GB) NTFS
Drive f: () (Fixed) (Total:1863.02 GB) (Free:1862.67 GB) NTFS
Drive g: () (Fixed) (Total:223.47 GB) (Free:223.38 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 75909938)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 4A250AD0)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0F Extended)

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0F Extended)

========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 2CF3056B)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
#9

Y ya que estamos te consulto @JavierHF . Tengo 218 updates importantes para instalar. Los instalo? Gracias

#10

Hola.

Si…mientras yo reviso esos informes, instala TODAS las update que te salgan, esa es otra de las muchas causas de que un equipo se ralentice.

Saludos.

#11

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-2155461421-2815423461-2220668013-1000\...\MountPoints2: {34948cd0-642c-11e9-b02c-806e6f6e6963} - H:\Run.exe
SearchScopes: HKU\S-1-5-21-2155461421-2815423461-2220668013-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2019-04-21 10:00 - 2019-02-08 06:52 - 000136984 _____ (mIRC Co. Ltd.) C:\Users\Stargate\AppData\Local\Temp\uninstall.exe
HKU\S-1-5-21-2155461421-2815423461-2220668013-1000\...\MountPoints2: {34948cd0-642c-11e9-b02c-806e6f6e6963} - H:\Run.exe
SearchScopes: HKU\S-1-5-21-2155461421-2815423461-2220668013-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2019-04-21 10:00 - 2019-02-08 06:52 - 000136984 _____ (mIRC Co. Ltd.) C:\Users\Stargate\AppData\Local\Temp\uninstall.exe
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.