PC va lenta, se 'traba interminetentemente'

#1

Hola [email protected]

Tengo un problema y es que desde hace aproximadamente una semana la compu se pone lenta por momentos, el navegador especialmente, durante un tiempo, cuando abro algún programa como PSD Illustrator o Sony Vegas. Pero luego de un rato se pone bien pero por momentos vuelve a ralentizarse. No sé qué podría ser. Muchas gracias por la ayuda que podrían brindarme. Saludos.

#2
  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

#3

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05.2019 01 Ran by CamoVlog (administrator) on CAMOVLOG-PC (BIOSTAR Group GF8100 M2+ TE) (16-05-2019 08:51:26) Running from C:\Users\CamoVlog\Desktop Loaded Profiles: CamoVlog & UpdatusUser & (Available Profiles: CamoVlog & UpdatusUser) Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-114870127-2458051889-1227169053-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-114870127-2458051889-1227169053-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-114870127-2458051889-1227169053-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\RETROS~1.SCR [1122304 2013-04-09] (Andy Fielding ([email protected])) [File not signed]
HKU\S-1-5-21-114870127-2458051889-1227169053-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05162019084938615\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-114870127-2458051889-1227169053-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05162019084938615\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-114870127-2458051889-1227169053-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05162019084938615\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\RETROS~1.SCR [1122304 2013-04-09] (Andy Fielding ([email protected])) [File not signed]
HKU\S-1-5-21-114870127-2458051889-1227169053-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-114870127-2458051889-1227169053-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05162019084942863\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-04-30] (Google LLC -> Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0859AF08-1444-4ED4-A47A-63BF9223A2F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {13B72605-1A80-4B9E-B8CF-4D4B2A4B6C53} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {1B4EC751-7FA0-4DAC-B38A-C41295624D99} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {2D5C01AC-A53E-4E0F-A108-11BB39AFB46E} - System32\Tasks\AdobeAAMUpdater-1.0-CamoVlog-PC-CamoVlog => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {32700ACC-DAD2-4729-9AB6-7A8AE5BD939B} - System32\Tasks\AdobeGCInvoker-1.0-CamoVlog-PC-CamoVlog => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {53F08B00-1517-4B6B-947C-D1B729FCCBE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-23] (Google Inc -> Google Inc.)
Task: {59B94E4B-4BB7-4A90-9CB3-3A2D1D724723} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {67ED0661-35C1-4E90-A8CF-C413A9091D4A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {93A012B8-1E34-4583-A963-4EEB5D19C1A5} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: {944C4603-AE03-44AF-AB50-AC9B9157171A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-23] (Google Inc -> Google Inc.)
Task: {9BE4940B-3126-4091-964A-DD626AFCF483} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {9F6AE999-037B-4638-BB6D-B379493C1C27} - System32\Tasks\{8FA60A6A-DF3D-4FCD-80A1-3951649CA889} => C:\Windows\system32\pcalua.exe -a C:\Users\CamoVlog\Desktop\15.53_nforce_win7_32bit_international_whql.exe -d C:\Users\CamoVlog\Desktop
Task: {9FAC344B-68AD-4C8D-8533-260A1AC8C824} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A69A6431-0C05-4881-B6D2-D3A2D4B104AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7E07013-8E60-4C8F-8D1E-DA40919FEBFD} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2873016 2019-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{59A07129-2A80-4590-8912-728E3F948B7E}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-114870127-2458051889-1227169053-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-co/?ocid=iehp
HKU\S-1-5-21-114870127-2458051889-1227169053-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05162019084942863\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-co/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: kegqctbr.default-1547173959495
FF ProfilePath: C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\kegqctbr.default-1547173959495 [2019-05-16]
FF Homepage: Mozilla\Firefox\Profiles\kegqctbr.default-1547173959495 -> www.google.com
FF Extension: (Magic Actions for YouTube™) - C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\kegqctbr.default-1547173959495\Extensions\[email protected] [2019-03-28]
FF Extension: (Español (México) Language Pack) - C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\kegqctbr.default-1547173959495\Extensions\[email protected] [2019-03-26]
FF Extension: (EPUBReader) - C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\kegqctbr.default-1547173959495\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2019-04-25]
FF Extension: (Video DownloadHelper) - C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\kegqctbr.default-1547173959495\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-01-10]
FF Extension: (Greasemonkey) - C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Profiles\kegqctbr.default-1547173959495\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2019-05-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-12-10] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-10] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default [2019-05-16]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2019-05-04]
CHR Extension: (MEGA) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2019-05-12]
CHR Extension: (Unlock Premium Content) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjmcpnogioojilaohalakcjniiaekgcp [2019-04-17]
CHR Extension: (Tags for YouTube™) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggphokdgjikekfiakjcpidcclbmkfga [2019-03-28]
CHR Extension: (Web for Instagram) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkhjjcoidmkfegigfdedmafpfemccpk [2019-05-12]
CHR Extension: (ZenMate VPN - Mejor seguridad para Internet) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2018-10-18]
CHR Extension: (Avira Navegación segura) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-03-19]
CHR Extension: (AdBlock) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-12]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-05-12]
CHR Extension: (Video DownloadHelper) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-08-19]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-17]
CHR Extension: (Flash-HTML5 for YouTube™) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\omimccinlhlkpjaeaocglgmkbelejlhj [2018-08-19]
CHR Extension: (Chrome Media Router) - C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-26]
CHR Profile: C:\Users\CamoVlog\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1202216 2019-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483232 2019-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483232 2019-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1765472 2019-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [466280 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET, spol. s r.o. -> ESET)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] (NVIDIA Corporation -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] (NVIDIA Corporation -> )
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [5020672 2009-07-13] (Microsoft Windows -> ATI Technologies Inc.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [65104 2019-02-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [216416 2019-04-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175104 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2018-06-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-02-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-07-28] (Glarysoft LTD -> Glarysoft Ltd)
S3 HPFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2007-07-16] (Hewlett-Packard Company -> Hewlett Packard)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-05-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-05-16] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-05-16] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-05-16] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [107368 2019-05-16] (Malwarebytes Corporation -> Malwarebytes)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-16 08:51 - 2019-05-16 09:06 - 000023515 _____ C:\Users\CamoVlog\Desktop\FRST.txt
2019-05-16 08:50 - 2019-05-16 08:50 - 002434560 _____ (Farbar) C:\Users\CamoVlog\Desktop\FRST64.exe
2019-05-16 08:48 - 2019-05-16 08:48 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-05-16 08:48 - 2019-05-16 08:48 - 000107368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-05-16 08:48 - 2019-05-16 08:48 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-05-16 08:45 - 2019-05-16 08:45 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-15 14:34 - 2019-05-15 14:37 - 000011894 _____ C:\Users\CamoVlog\Desktop\game_of_thrones.zip
2019-05-15 10:41 - 2019-05-15 10:41 - 000021352 _____ C:\Users\CamoVlog\Downloads\cc_20190515_104138.reg
2019-05-15 10:07 - 2019-05-15 10:07 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-15 10:07 - 2019-05-15 10:07 - 000002820 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-05-15 10:06 - 2019-05-15 10:07 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-15 10:04 - 2019-05-15 10:04 - 021254208 _____ (Piriform Software Ltd) C:\Users\CamoVlog\Desktop\ccsetup556.exe
2019-05-15 10:00 - 2019-05-15 10:00 - 000001583 _____ C:\Users\CamoVlog\Desktop\AdwCleaner[C01].txt
2019-05-15 09:39 - 2019-05-15 09:39 - 007025360 _____ (Malwarebytes) C:\Users\CamoVlog\Desktop\adwcleaner_7.3.exe
2019-05-15 09:37 - 2019-05-15 09:37 - 000001768 _____ C:\Users\CamoVlog\Desktop\Malwarebytes Informe.txt
2019-05-15 09:05 - 2019-05-15 09:05 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-05-15 09:03 - 2019-05-15 09:03 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-05-15 09:03 - 2019-05-15 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-15 09:03 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-05-15 08:56 - 2019-05-15 08:58 - 063304984 _____ (Malwarebytes ) C:\Users\CamoVlog\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10597.exe
2019-05-14 15:58 - 2019-05-14 15:58 - 000000000 ____D C:\HP Universal Print Driver
2019-05-14 13:49 - 2019-04-30 14:28 - 000397112 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-05-14 13:49 - 2019-04-30 13:37 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-05-14 13:49 - 2019-04-29 19:51 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-05-14 13:49 - 2019-04-29 19:51 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-05-14 13:49 - 2019-04-24 23:01 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-05-14 13:49 - 2019-04-24 22:52 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-05-14 13:49 - 2019-04-24 22:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-05-14 13:49 - 2019-04-24 22:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-05-14 13:49 - 2019-04-24 22:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-05-14 13:49 - 2019-04-24 22:38 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-05-14 13:49 - 2019-04-24 22:38 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-05-14 13:49 - 2019-04-24 22:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-05-14 13:49 - 2019-04-24 22:31 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-05-14 13:49 - 2019-04-24 22:31 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-05-14 13:49 - 2019-04-24 22:30 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-05-14 13:49 - 2019-04-24 22:28 - 005775360 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-05-14 13:49 - 2019-04-24 22:28 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-05-14 13:49 - 2019-04-24 22:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-05-14 13:49 - 2019-04-24 22:26 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-05-14 13:49 - 2019-04-24 22:26 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-05-14 13:49 - 2019-04-24 22:26 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-05-14 13:49 - 2019-04-24 22:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-05-14 13:49 - 2019-04-24 22:19 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-05-14 13:49 - 2019-04-24 22:16 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-05-14 13:49 - 2019-04-24 22:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-05-14 13:49 - 2019-04-24 22:12 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-05-14 13:49 - 2019-04-24 22:11 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-05-14 13:49 - 2019-04-24 22:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-05-14 13:49 - 2019-04-24 22:09 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-05-14 13:49 - 2019-04-24 22:09 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-05-14 13:49 - 2019-04-24 22:09 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-05-14 13:49 - 2019-04-24 22:08 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-05-14 13:49 - 2019-04-24 22:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-05-14 13:49 - 2019-04-24 22:05 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-05-14 13:49 - 2019-04-24 22:05 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-05-14 13:49 - 2019-04-24 22:05 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-05-14 13:49 - 2019-04-24 22:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-05-14 13:49 - 2019-04-24 22:03 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-05-14 13:49 - 2019-04-24 22:03 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-05-14 13:49 - 2019-04-24 22:02 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-05-14 13:49 - 2019-04-24 22:02 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-05-14 13:49 - 2019-04-24 22:01 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-05-14 13:49 - 2019-04-24 21:54 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-05-14 13:49 - 2019-04-24 21:52 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-05-14 13:49 - 2019-04-24 21:50 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-05-14 13:49 - 2019-04-24 21:50 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-05-14 13:49 - 2019-04-24 21:50 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-05-14 13:49 - 2019-04-24 21:49 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-05-14 13:49 - 2019-04-24 21:49 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-05-14 13:49 - 2019-04-24 21:48 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-05-14 13:49 - 2019-04-24 21:47 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-05-14 13:49 - 2019-04-24 21:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-05-14 13:49 - 2019-04-24 21:46 - 015285248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-05-14 13:49 - 2019-04-24 21:46 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-05-14 13:49 - 2019-04-24 21:45 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-05-14 13:49 - 2019-04-24 21:43 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-05-14 13:49 - 2019-04-24 21:40 - 004493312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-05-14 13:49 - 2019-04-24 21:38 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-05-14 13:49 - 2019-04-24 21:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-05-14 13:49 - 2019-04-24 21:36 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-05-14 13:49 - 2019-04-24 21:35 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-05-14 13:49 - 2019-04-24 21:35 - 005303808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-05-14 13:49 - 2019-04-24 21:35 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-05-14 13:49 - 2019-04-24 21:24 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-05-14 13:49 - 2019-04-24 21:18 - 004831232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-05-14 13:49 - 2019-04-24 21:14 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-05-14 13:49 - 2019-04-24 21:14 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-05-14 13:49 - 2019-04-24 21:12 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-05-14 13:49 - 2019-04-18 21:54 - 004057320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-05-14 13:49 - 2019-04-18 21:53 - 003963624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-05-14 13:49 - 2019-04-18 21:53 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-05-14 13:49 - 2019-04-18 21:51 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003072 ____H (Microsoft Corporation) C:\Windows
#4
\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:44 - 000185064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-05-14 13:49 - 2019-04-18 21:44 - 000095456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-05-14 13:49 - 2019-04-18 21:43 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-05-14 13:49 - 2019-04-18 21:43 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-05-14 13:49 - 2019-04-18 21:43 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-05-14 13:49 - 2019-04-18 21:43 - 000064232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2019-05-14 13:49 - 2019-04-18 21:43 - 000063208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2019-05-14 13:49 - 2019-04-18 21:43 - 000060648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2019-05-14 13:49 - 2019-04-18 21:43 - 000031976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2019-05-14 13:49 - 2019-04-18 21:43 - 000023784 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2019-05-14 13:49 - 2019-04-18 21:43 - 000020200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2019-05-14 13:49 - 2019-04-18 21:42 - 005552864 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-05-14 13:49 - 2019-04-18 21:42 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-05-14 13:49 - 2019-04-18 21:42 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-05-14 13:49 - 2019-04-18 21:42 - 000122600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2019-05-14 13:49 - 2019-04-18 21:42 - 000068328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2019-05-14 13:49 - 2019-04-18 21:42 - 000036064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2019-05-14 13:49 - 2019-04-18 21:42 - 000015080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2019-05-14 13:49 - 2019-04-18 21:42 - 000012136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2019-05-14 13:49 - 2019-04-18 21:40 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-05-14 13:49 - 2019-04-18 21:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:27 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-05-14 13:49 - 2019-04-18 21:26 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-05-14 13:49 - 2019-04-18 21:20 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-05-14 13:49 - 2019-04-18 21:20 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-05-14 13:49 - 2019-04-18 21:20 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-05-14 13:49 - 2019-04-18 21:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-05-14 13:49 - 2019-04-18 21:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-05-14 13:49 - 2019-04-18 21:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-05-14 13:49 - 2019-04-18 21:15 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-05-14 13:49 - 2019-04-18 21:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-05-14 13:49 - 2019-04-18 21:15 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-05-14 13:49 - 2019-04-18 21:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-05-14 13:49 - 2019-04-18 21:12 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-05-14 13:49 - 2019-04-18 21:11 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-05-14 13:49 - 2019-04-18 21:11 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-05-14 13:49 - 2019-04-18 21:08 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-05-14 13:49 - 2019-04-18 21:08 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-05-14 13:49 - 2019-04-18 21:08 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-05-14 13:49 - 2019-04-18 21:08 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-05-14 13:49 - 2019-04-18 21:08 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-05-14 13:49 - 2019-04-18 21:08 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-05-14 13:49 - 2019-04-18 21:07 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-05-14 13:49 - 2019-04-18 21:07 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-05-14 13:49 - 2019-04-18 21:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-05-14 13:49 - 2019-04-18 21:07 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-05-14 13:49 - 2019-04-18 21:07 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-05-14 13:49 - 2019-04-18 21:07 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-05-14 13:49 - 2019-04-18 21:07 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-05-14 13:49 - 2019-04-16 10:17 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-05-14 13:49 - 2019-04-16 10:17 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-05-14 13:49 - 2019-04-16 10:17 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-05-14 13:49 - 2019-04-16 10:17 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-05-14 13:49 - 2019-04-16 10:17 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-05-14 13:49 - 2019-04-16 10:17 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-05-14 13:49 - 2019-04-16 10:16 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-05-14 13:49 - 2019-04-16 10:05 - 014184448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-05-14 13:49 - 2019-04-16 10:05 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-05-14 13:49 - 2019-04-16 10:05 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-05-14 13:49 - 2019-04-16 10:05 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-05-14 13:49 - 2019-04-16 10:05 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-05-14 13:49 - 2019-04-16 10:05 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-05-14 13:49 - 2019-04-16 10:05 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-05-14 13:49 - 2019-04-16 10:05 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-05-14 13:49 - 2019-04-16 10:05 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-05-14 13:49 - 2019-04-16 09:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-05-14 13:49 - 2019-04-16 08:15 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2019-05-14 13:49 - 2019-04-16 08:15 - 000419648 _____ C:\Windows\system32\locale.nls
2019-05-14 13:49 - 2019-04-14 00:42 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-05-14 13:49 - 2019-04-14 00:40 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-05-14 13:49 - 2019-04-14 00:40 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-05-14 13:49 - 2019-04-14 00:39 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-05-14 13:49 - 2019-04-14 00:39 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-05-14 13:49 - 2019-04-14 00:28 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-05-14 13:49 - 2019-04-14 00:26 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-05-14 13:49 - 2019-04-14 00:26 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-05-14 13:49 - 2019-04-14 00:26 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-05-14 13:49 - 2019-04-14 00:26 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-05-14 13:49 - 2019-04-14 00:26 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-05-14 13:49 - 2019-04-14 00:12 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-05-14 13:49 - 2019-04-07 10:17 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-05-14 13:49 - 2019-04-07 10:17 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-05-14 13:49 - 2019-04-07 10:17 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-05-14 13:49 - 2019-04-07 10:17 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-05-14 13:49 - 2019-04-07 10:17 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-05-14 13:49 - 2019-04-07 10:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-05-14 13:49 - 2019-04-07 10:16 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-05-14 13:49 - 2019-04-07 10:16 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-05-14 13:49 - 2019-04-07 10:16 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-05-14 13:49 - 2019-04-07 10:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-05-14 13:49 - 2019-04-07 10:16 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-05-14 13:49 - 2019-04-07 10:16 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-05-14 13:49 - 2019-04-07 10:16 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-05-14 13:49 - 2019-04-07 10:16 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-05-14 13:49 - 2019-04-07 10:16 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-05-14 13:49 - 2019-04-07 10:16 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-05-14 13:49 - 2019-04-07 10:15 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-05-14 13:49 - 2019-04-07 10:15 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-05-14 13:49 - 2019-04-07 10:15 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-05-14 13:49 - 2019-04-07 10:15 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-05-14 13:49 - 2019-04-07 10:15 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-05-14 13:49 - 2019-04-07 10:15 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-05-14 13:49 - 2019-04-07 10:15 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-05-14 13:49 - 2019-04-07 10:15 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-05-14 13:49 - 2019-04-07 10:15 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-05-14 13:49 - 2019-04-07 10:15 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-05-14 13:49 - 2019-04-07 10:15 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-05-14 13:49 - 2019-04-07 10:05 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-05-14 13:49 - 2019-04-07 10:03 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-05-14 13:49 - 2019-04-07 10:03 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 001281536 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-05-14 13:49 - 2019-04-07 10:03 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-05-14 13:49 - 2019-04-07 10:03 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-05-14 13:49 - 2019-04-07 10:02 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-05-14 13:49 - 2019-04-07 10:02 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-05-14 13:49 - 2019-04-07 10:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-05-14 13:49 - 2019-04-07 10:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-05-14 13:49 - 2019-04-07 09:57 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-05-14 13:49 - 2019-04-07 09:49 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-05-14 13:49 - 2019-04-07 09:48 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-05-14 13:49 - 2019-04-07 09:45 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-05-14 13:49 - 2019-04-07 09:45 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-05-14 13:49 - 2019-04-07 09:45 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-05-14 13:49 - 2019-04-07 09:42 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-05-14 13:49 - 2019-04-07 09:42 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-05-14 13:49 - 2019-04-07 09:42 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-05-14 13:49 - 2019-04-07 09:42 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-05-14 13:49 - 2019-04-07 09:42 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-05-14 13:49 - 2019-04-07 09:38 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-05-14 13:49 - 2019-04-07 09:35 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-05-14 13:49 - 2019-04-07 09:33 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-05-14 13:49 - 2019-04-07 09:33 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-05-14 13:49 - 2019-04-07 08:05 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-05-14 13:49 - 2019-04-04 19:34 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2019-05-14 13:49 - 2019-04-04 19:23 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll
2019-05-11 16:16 - 2019-05-11 17:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-10 23:44 - 2019-05-10 23:49 - 126582598 _____ C:\Users\CamoVlog\Documents\Sin título.mp4
2019-05-10 16:35 - 2019-05-10 17:33 - 000000000 ____D C:\Users\CamoVlog\Desktop\Videos Babys
2019-05-10 16:24 - 2019-05-15 22:53 - 000000000 ____D C:\Users\CamoVlog\Desktop\Mercadolibre
2019-05-07 10:31 - 2019-05-07 10:32 - 003674302 _____ C:\Users\CamoVlog\Downloads\24371130.pdf
2019-05-07 10:27 - 2019-05-07 10:27 - 003232021 _____ C:\Users\CamoVlog\Downloads\DDA-spa-2016-De_arrabal_a_barrio_cool.pdf
2019-05-07 10:21 - 2019-05-07 10:21 - 002414370 _____ C:\Users\CamoVlog\Downloads\u686232.pdf
2019-05-07 10:13 - 2019-05-07 10:13 - 000354770 _____ C:\Users\CamoVlog\Downloads\prepagosbogota Hola bebes quiero consentirlos HOY, si deseas Trío con alguna de mis amigas.mp4
2019-05-07 09:57 - 2019-05-07 09:57 - 011179578 _____ C:\Users\CamoVlog\Downloads\ElDato Reservas de petróleo probadas en el mundo..mp4
2019-05-07 09:43 - 2019-05-07 09:43 - 005203483 _____ C:\Users\CamoVlog\Downloads\Yo por qué no había visto esta genialidad - - GoTS8.mp4
2019-05-06 09:53 - 2019-05-06 09:53 - 000732301 _____ C:\Users\CamoVlog\Downloads\Historias • Instagram(5).mp4
2019-05-06 09:04 - 2019-05-06 09:04 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-05-05 23:17 - 2019-05-05 23:17 - 001417049 _____ C:\Users\CamoVlog\Downloads\Historias • Instagram(4).mp4
2019-05-05 13:54 - 2019-05-05 14:47 - 000000000 ____D C:\Users\CamoVlog\Desktop\Fuentes NacionalSocialistas
2019-05-05 13:04 - 2017-08-11 08:09 - 455581932 _____ C:\Users\CamoVlog\Desktop\V2_ El cohete nazi.mp4
2019-05-05 10:57 - 2019-05-05 10:57 - 004122833 _____ C:\Users\CamoVlog\Downloads\micheleeramirez-20190504-0001.mp4
2019-05-05 10:15 - 2019-05-05 10:15 - 000003562 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-CamoVlog-PC-CamoVlog
2019-05-04 12:34 - 2019-05-04 12:34 - 001292668 _____ C:\Users\CamoVlog\Desktop\Beattie_Melody_-_Ya_no_Seas_Codependiente.13493939.pdf
2019-05-04 10:20 - 2019-05-04 11:34 - 455707097 _____ C:\Users\CamoVlog\Downloads\cohetenaziBy_Blade.rar
2019-05-02 20:39 - 2019-05-02 20:40 - 000000000 ____D C:\Users\CamoVlog\Downloads\Libro Prohibido
2019-05-02 19:42 - 2019-05-11 10:00 - 000000000 ____D C:\ProgramData\Adobe
2019-05-02 19:41 - 2019-05-02 19:41 - 000000000 ____D C:\Users\CamoVlog\AppData\Local\Adobe
2019-05-02 00:10 - 2019-05-02 00:10 - 000000140 _____ C:\ProgramData\defraggler_list.txt
2019-04-30 09:49 - 2019-04-30 09:50 - 006583895 _____ C:\Users\CamoVlog\Downloads\Pero quién ha hecho esta maravilla GameofThrones - podéis verlo, no tiene spoilers.mp4
2019-04-29 22:31 - 2019-04-29 22:31 - 002294483 _____ C:\Users\CamoVlog\Downloads\Fans reaction for gameofthrones season 8 episode 3 climax scene !! AryaStark Starks Got NotToday.mp4
2019-04-27 18:27 - 2019-04-27 18:30 - 000000000 ____D C:\Users\CamoVlog\AppData\Local\Illustrator Repair Toolbox
2019-04-27 18:26 - 2019-04-27 18:26 - 003959936 _____ (File Master LLC ) C:\Users\CamoVlog\Downloads\IllustratorRepairToolboxInstall.exe
2019-04-25 22:41 - 2019-04-25 22:41 - 000000188 _____ C:\Users\CamoVlog\Documents\THUG LIFE.m2ts.sfl
2019-04-25 22:24 - 2019-04-25 22:41 - 106549248 _____ C:\Users\CamoVlog\Documents\THUG LIFE.m2ts
2019-04-25 20:36 - 2019-04-25 20:36 - 070660009 _____ C:\Users\CamoVlog\Downloads\GLITCH OVERYLAY PACK.rar
2019-04-24 15:51 - 2019-05-04 12:31 - 000000000 ____D C:\Users\CamoVlog\Desktop\LIBROS
2019-04-21 23:19 - 2019-04-21 23:19 - 087042320 _____ C:\Users\CamoVlog\Desktop\Rey Nocturno.psd
2019-04-20 11:24 - 2019-04-20 11:24 - 000015145 _____ C:\Users\CamoVlog\Downloads\102road.rar
2019-04-20 11:17 - 2019-04-20 11:17 - 000014235 _____ C:\Users\CamoVlog\Downloads\101winter.rar
2019-04-19 15:01 - 2019-04-19 15:01 - 000543508 _____ C:\Users\CamoVlog\Downloads\EMILY - - Una cola deliciosa! - - Info Móvil y WhatsApp -  57 3188649622.mp4
2019-04-19 14:59 - 2019-04-19 14:59 - 003713060 _____ C:\Users\CamoVlog\Downloads\MARIANA - - Unas curvas exquisitas y un servicio lleno de pasión y lujuria! - EscortsBogota Escorts Prepagos Bogota - - Info Móvil y WhatsApp  (3).mp4
2019-04-19 14:59 - 2019-04-19 14:59 - 001240961 _____ C:\Users\CamoVlog\Downloads\MARIANA - - Unas curvas exquisitas y un servicio lleno de pasión y lujuria! - EscortsBogota Escorts Prepagos Bogota - - Info Móvil y WhatsApp  (2).mp4
2019-04-19 14:58 - 2019-04-19 14:59 - 002893891 _____ C:\Users\CamoVlog\Downloads\MARIANA - - Unas curvas exquisitas y un servicio lleno de pasión y lujuria! - EscortsBogota Escorts Prepagos Bogota - - Info Móvil y WhatsApp  (1).mp4
2019-04-19 14:58 - 2019-04-19 14:58 - 000838849 _____ C:\Users\CamoVlog\Downloads\MARIANA - - Unas curvas exquisitas y un servicio lleno de pasión y lujuria! - EscortsBogota Escorts Prepagos Bogota - - Info Móvil y WhatsApp .mp4
2019-04-19 14:57 - 2019-04-19 14:57 - 002574228 _____ C:\Users\CamoVlog\Downloads\CATALINA - - Una lolita divina! Excelente actitud y servicio tipo novia! - - Fines de Semana - Reserva previa - - Info Móvil y WhatsApp -  57 31.mp4
2019-04-17 17:59 - 2019-04-17 17:59 - 000457877 _____ C:\Users\CamoVlog\Downloads\victoria_fiebre_1.mp4
2019-04-17 17:58 - 2019-04-17 17:58 - 000417356 _____ C:\Users\CamoVlog\Downloads\victoria_fiebre.mp4

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-16 09:06 - 2018-08-06 22:40 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2019-05-16 08:56 - 2009-07-13 23:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-16 08:56 - 2009-07-13 23:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-16 08:51 - 2018-11-16 22:29 - 000000000 ____D C:\FRST
2019-05-16 08:46 - 2017-11-23 17:39 - 000000000 ____D C:\Users\CamoVlog\AppData\LocalLow\Mozilla
2019-05-16 08:44 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-16 00:57 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-05-15 23:10 - 2019-02-02 14:20 - 000000000 ____D C:\Users\CamoVlog\Desktop\Videos Twitter
2019-05-15 15:15 - 2018-06-29 15:24 - 000000033 _____ C:\Users\CamoVlog\AppData\Roaming\AdobeWLCMCache.dat
2019-05-15 14:58 - 2017-11-23 18:07 - 000241872 _____ C:\Users\CamoVlog\AppData\Local\GDIPFONTCACHEV1.DAT
2019-05-15 14:55 - 2009-07-13 23:45 - 006123136 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-15 10:14 - 2017-11-28 21:46 - 000000000 ____D C:\Users\CamoVlog\AppData\Roaming\MPC-HC
2019-05-15 10:07 - 2017-11-24 14:23 - 000000000 ____D C:\Program Files\CCleaner
2019-05-15 10:03 - 2010-11-21 02:09 - 002351822 _____ C:\Windows\system32\perfh00A.dat
2019-05-15 10:03 - 2010-11-21 02:09 - 000685074 _____ C:\Windows\system32\perfc00A.dat
2019-05-15 10:03 - 2009-07-14 00:13 - 000006208 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-15 10:00 - 2017-11-24 16:22 - 000000000 ____D C:\Users\UpdatusUser
2019-05-15 09:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-05-15 09:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\Dism
2019-05-15 09:02 - 2018-01-13 13:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-14 20:11 - 2017-11-23 17:55 - 000003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-14 20:11 - 2017-11-23 17:55 - 000003342 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-13 16:06 - 2018-08-06 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-05-11 17:20 - 2017-11-23 17:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-11 16:03 - 2017-11-23 17:32 - 000000000 ____D C:\Users\CamoVlog
2019-05-11 10:01 - 2018-01-24 14:49 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2019-05-11 10:01 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2019-05-10 23:36 - 2018-12-07 12:21 - 000000188 _____ C:\Users\CamoVlog\Documents\Sin título.m2ts.sfl
2019-05-10 23:36 - 2018-11-18 14:07 - 152432640 _____ C:\Users\CamoVlog\Documents\Lila.mp4
2019-05-10 23:01 - 2018-11-13 12:53 - 000000000 ____D C:\Users\CamoVlog\Desktop\VIDEOS - LILA
2019-05-03 14:13 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2019-04-30 15:12 - 2017-11-23 17:55 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-25 09:32 - 2018-06-29 14:46 - 000000000 ____D C:\ProgramData\Package Cache
2019-04-17 14:45 - 2018-08-06 22:40 - 000216416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

==================== Files in the root of some directories =======

2018-06-29 15:24 - 2019-05-15 15:15 - 000000033 _____ () C:\Users\CamoVlog\AppData\Roaming\AdobeWLCMCache.dat
2019-03-13 22:57 - 2019-03-13 23:41 - 000000132 _____ () C:\Users\CamoVlog\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2018-08-23 18:19 - 2018-08-23 18:19 - 000140800 _____ () C:\Users\CamoVlog\AppData\Local\installer.dat
2018-09-27 11:04 - 2018-09-27 11:04 - 000000000 _____ () C:\Users\CamoVlog\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-13 15:42
==================== End of FRST.txt ============================
#5
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05.2019 01
Ran by CamoVlog (16-05-2019 09:10:10)
Running from C:\Users\CamoVlog\Desktop
Windows 7 Professional Service Pack 1 (X64) (2017-11-23 22:32:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-114870127-2458051889-1227169053-500 - Administrator - Disabled)
CamoVlog (S-1-5-21-114870127-2458051889-1227169053-1000 - Administrator - Enabled) => C:\Users\CamoVlog
Invitado (S-1-5-21-114870127-2458051889-1227169053-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-114870127-2458051889-1227169053-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: ESET Security (Disabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
AIDA64 Extreme v5.95 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.95 - FinalWire Ltd.)
Another Matrix Screen Saver (HKLM-x32\...\Another Matrix Screen Saver_is1) (Version:  - NicheScreenSavers.com)
Argente - Registry Cleaner 3.1.2.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.2.0 - Raúl Argente)
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
Avira (HKLM-x32\...\{2504137A-5E42-4340-8F34-2086B49FBD1A}) (Version: 1.2.133.21088 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{b3f1f775-e558-4660-a503-9129ae9d7310}) (Version: 1.2.133.21088 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.1905.1271 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
K-Lite Codec Pack 14.1.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.0 - KLCP)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Matrix-ks (HKLM-x32\...\{16F0EE77-B2B1-4417-A8CC-07E06C78CCC4}) (Version: 3.6 - KellySoftware)
MatrixWorld 3D Screensaver 1.5 (HKLM-x32\...\MatrixWorld 3D Screensaver_is1) (Version: 1.5 - Digital Minds Software)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x64 es-ES) (HKLM\...\Mozilla Firefox 66.0.3 (x64 es-ES)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
NVIDIA Controlador de audio HD 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version:  - )
Panel de control de NVIDIA 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 306.97 - NVIDIA Corporation) Hidden
PowerLed 2.85.0 (HKLM-x32\...\PowerLed_is1) (Version:  - TF-TOP)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Retro Sci-Fi Screensaver (HKLM-x32\...\RetroSciFi_is1) (Version: 1.22 - Andy Fielding)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Skype versión 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Solar System - Moon 3D Screensaver v1.8.00 (HKLM-x32\...\Solar System - Moon 3D Screensaver_is1) (Version:  - Rixane Interactive)
Spotify (HKU\S-1-5-21-114870127-2458051889-1227169053-1000\...\Spotify) (Version: 1.0.96.181.gf6bc1b6b - Spotify AB)
Spotify (HKU\S-1-5-21-114870127-2458051889-1227169053-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05162019084938615\...\Spotify) (Version: 1.0.96.181.gf6bc1b6b - Spotify AB)
Star Wars 3D Screensaver 1.3 (HKLM-x32\...\Star Wars 3D Screensaver_is1) (Version:  - )
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
Vegas Pro 11.0 (HKLM-x32\...\{E7D91321-E930-11E0-9C25-F04DA23A5C58}) (Version: 11.0.370 - Sony)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A8582A9E-FE98-11E1-B899-F04DA23A5C58}) (Version: 12.0.367 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-114870127-2458051889-1227169053-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05162019084938615_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-114870127-2458051889-1227169053-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2018-03-26 12:58 - 2018-03-26 12:58 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2018-08-23 18:54 - 000000527 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 mydownloaddomain.com
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 360devtraking.website
127.0.0.1 dscdn.pw
127.0.0.1 bcnmonetize.go2affise.com
127.0.0.1 beautifllink.xyz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-114870127-2458051889-1227169053-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Fondo de escritorio.bmp
HKU\S-1-5-21-114870127-2458051889-1227169053-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05162019084938615\Control Panel\Desktop\\Wallpaper -> C:\Users\CamoVlog\AppData\Roaming\Mozilla\Firefox\Fondo de escritorio.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: avgsvc => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: ekrn => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: WinDefend => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\startupfolder: C:^Users^CamoVlog^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^brffgeav.lnk => C:\Windows\pss\brffgeav.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: Avira SystrayStartTrigger => "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Spotify => C:\Users\CamoVlog\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{2ACDFBA9-5B97-4955-83B9-03A27A17A2C3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{CB61FD96-8BE0-4DA5-AEB2-D9E78C3AFA2E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{16FBAE1A-F03C-41CD-A78F-CB4C8D92A3CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1DF784CF-DC5E-4BBA-A401-063EC1DFFB46}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E1698717-51E0-4EE5-B5FB-C100327FC990}C:\users\camovlog\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\camovlog\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{D571366B-820F-49D2-A403-4BD87E4FB02F}C:\users\camovlog\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\camovlog\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6CB594F2-E339-4956-AE7F-306909A846DF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E87CDEB4-5BE3-476B-A0DB-C1FB49D6248E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9241AC1-3C4D-4CAD-A45D-DE60A6E6D949}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

05-05-2019 17:06:41 Punto de control programado
13-05-2019 15:50:22 Punto de control programado
15-05-2019 08:51:03 Windows Update

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2019 08:45:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (05/15/2019 02:57:00 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/15/2019 02:57:00 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.

Contexto: aplicación Windows

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/15/2019 02:57:00 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: No se puede inicializar el objeto Recopilador.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/15/2019 02:57:00 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.TripoliIndexer>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	No se ha encontrado el elemento.  (HRESULT : 0x80070490) (0x80070490)

Error: (05/15/2019 02:56:59 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.JetPropStore>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/15/2019 02:56:59 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: El servicio Windows Search no puede cargar la información del almacén de propiedades.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	La base de datos del índice de contenido está dañada.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (05/15/2019 02:56:59 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (05/16/2019 08:45:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (05/16/2019 08:44:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Mozilla Maintenance Service se cerró con el siguiente error: 
Función incorrecta.

Error: (05/16/2019 12:57:39 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado.

Error: (05/15/2019 02:57:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (05/15/2019 02:57:00 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: El servicio Windows Search se cerró con el error específico de servicio %%-1073473535.

Error: (05/15/2019 02:56:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (05/15/2019 02:56:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Mozilla Maintenance Service se cerró con el siguiente error: 
Función incorrecta.

Error: (05/15/2019 02:55:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 02:53:30 p.m. del ‎15/‎05/‎2019 resultó inesperado.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 080015 02/23/2009
Motherboard: BIOSTAR Group GF8100 M2+ TE
Processor: AMD Phenom(tm) 9650 Quad-Core Processor
Percentage of memory in use: 92%
Total physical RAM: 4095.24 MB
Available physical RAM: 316.11 MB
Total Virtual: 8188.63 MB
Available Virtual: 3007.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.78 GB) (Free:135.67 GB) NTFS
Drive i: (COMPAÑÍAS) (Fixed) (Total:232.88 GB) (Free:163.62 GB) NTFS

\\?\Volume{f0827ac3-d09c-11e7-b8bf-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 31555714)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
#6

Hola Miguel, gracias por tu ayuda. Acabo de enviar los reportes. Gracias, quedoa tento. Saludos.

#7

Ejecuta la herramienta de limpieza de Eset, pues hay restos

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el pc