Muy buenas se me ha presentado un caso de infeccion con el adware mail.ru el cual no puede ser eliminado, tengo internet y parece navegar por momentos pero me niega la conexion en chrome y firefox. Desde ya les agradezco cualquier asistencia.
Buenas @lapcsos.
Para revisar tu maquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.
Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :
-
Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
-
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
Ejecutas las herramientas de una en una y en el orden indicado :
CCleaner.-
-
Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
-
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
-
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).
Malwarebytes.-
-
Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
-
Realiza un Análisis Completo.
-
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
-
En el apartado del manual Historial encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.
AdwCleaner.-
-
Ejecuta Adwcleaner.exe.
-
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
-
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt
Junkware Removal Tool.-
-
Ejecuta JRT.exe.
-
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
-
Si en algún momento te pide Reiniciar hazlo.
-
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
-
Copia y pega el contenido de JRT.txt en tu próxima respuesta.
Farbar Recovery Scan Tool.-
-
Ejecuta FRST.exe.
-
En el mensaje de la ventana del Disclaimer, pulsamos Yes
-
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
-
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los informes en tu próxima respuesta de :
- Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Y nos cuentas como funciona tu equipo en relación al problema planteado.
Saludos Javier.
Muy bien sr. muchas gracias por su pronta respuesta!!, ni bien tenga acceso le alcanzo los logs de cada herramienta!
Hola.
Perfecto, por aquí esperaremos
Saludos.
Muy buenas estimado; paso a adjuntarle los logs que me ha solicitado.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 20/9/19
Hora del análisis: 15:19
Archivo de registro: 1f5770d8-dbd3-11e9-baaa-7085c2c01261.json
-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.12577
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 18362.295)
CPU: x64
Sistema de archivos: NTFS
Usuario: System
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 285161
Amenazas detectadas: 25
Amenazas en cuarentena: 0
Tiempo transcurrido: 4 min, 19 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 11
PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MailRuUpdater, Sin acciones por parte del usuario, [254], [403909],1.0.12577
PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{60D1FF79-E8C2-44CC-B2B9-C67921F5B326}, Sin acciones por parte del usuario, [254], [403909],1.0.12577
PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{60D1FF79-E8C2-44CC-B2B9-C67921F5B326}, Sin acciones por parte del usuario, [254], [403909],1.0.12577
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\SOFTWARE\TotalRecipeSearch, Sin acciones por parte del usuario, [1780], [444113],1.0.12577
PUP.Optional.MindSpark, HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TotalRecipeSearchTooltab Uninstall Internet Explorer, Sin acciones por parte del usuario, [651], [352442],1.0.12577
PUP.Optional.VisualBookmarks.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hjdkfkdkokphfploiiddakjokndinfgb, Sin acciones por parte del usuario, [2597], [712263],1.0.12577
PUP.Optional.VisualBookmarks.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Sin acciones por parte del usuario, [2597], [-1],0.0.0
PUP.Optional.VisualBookmarks.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, Sin acciones por parte del usuario, [2597], [-1],0.0.0
PUP.Optional.VisualBookmarks.ChrPRST, HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\SOFTWARE\POLICIES\GOOGLE\CHROME, Sin acciones por parte del usuario, [2597], [-1],0.0.0
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\iepoegkaoeljnbhagabakjodgpfniimo, Sin acciones por parte del usuario, [254], [655213],1.0.12577
Rootkit.Agent.PUA, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\c05de1eada538eaf, Sin acciones por parte del usuario, [450], [735118],1.0.12577
Valor del registro: 4
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\SOFTWARE\TotalRecipeSearch|START PAGE, Sin acciones por parte del usuario, [1780], [444113],1.0.12577
PUP.Optional.MindSpark, HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TotalRecipeSearchTooltab Uninstall Internet Explorer|PUBLISHER, Sin acciones por parte del usuario, [651], [352442],1.0.12577
Rootkit.Agent, HKLM\SOFTWARE\MICROSOFT|MSVER1, Sin acciones por parte del usuario, [448], [678869],1.0.12577
PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{60D1FF79-E8C2-44CC-B2B9-C67921F5B326}|PATH, Sin acciones por parte del usuario, [254], [403907],1.0.12577
Datos del registro: 4
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7202f8f4-d373-4b58-9e53-d961b79f316d}|NameServer, Sin acciones por parte del usuario, [3079], [733165],1.0.12577
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7202f8f4-d373-4b58-9e53-d961b79f316d}|NameServer, Sin acciones por parte del usuario, [3079], [733166],1.0.12577
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8c9ee129-6f79-4fb8-8497-030297c1ebb2}|NameServer, Sin acciones por parte del usuario, [3079], [733165],1.0.12577
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8c9ee129-6f79-4fb8-8497-030297c1ebb2}|NameServer, Sin acciones por parte del usuario, [3079], [733166],1.0.12577
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 1
PUP.Optional.VisualBookmarks.ChrPRST, C:\USERS\RYZEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\HJDKFKDKOKPHFPLOIIDDAKJOKNDINFGB, Sin acciones por parte del usuario, [2597], [712263],1.0.12577
Archivo: 5
PUP.Optional.MailRu, C:\WINDOWS\SYSTEM32\TASKS\MailRuUpdater, Sin acciones por parte del usuario, [254], [403909],1.0.12577
PUP.Optional.VisualBookmarks.ChrPRST, C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hjdkfkdkokphfploiiddakjokndinfgb\LOG.old, Sin acciones por parte del usuario, [2597], [712263],1.0.12577
PUP.Optional.VisualBookmarks.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\USER\REGISTRY.POL, Sin acciones por parte del usuario, [2597], [-1],0.0.0
PUP.Optional.VisualBookmarks.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Sin acciones por parte del usuario, [2597], [-1],0.0.0
Rootkit.Agent.PUA, C:\WINDOWS\SYSTEM32\DRIVERS\C05DE1EADA538EAF.SYS, Sin acciones por parte del usuario, [450], [735118],1.0.12577
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-04-2019
# Database: 2019-08-27.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-20-2019
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|MailRuUpdater
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MailRuUpdater
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
*************************
AdwCleaner_Debug.log - [77676 octets] - [17/09/2019 20:08:44]
AdwCleaner[S00].txt - [3301 octets] - [17/09/2019 20:09:47]
AdwCleaner[C00].txt - [2917 octets] - [17/09/2019 20:10:36]
AdwCleaner[S01].txt - [1755 octets] - [17/09/2019 20:13:42]
AdwCleaner[S02].txt - [10068 octets] - [18/09/2019 19:34:46]
AdwCleaner[S03].txt - [3147 octets] - [18/09/2019 19:51:08]
AdwCleaner[C03].txt - [2815 octets] - [18/09/2019 19:51:26]
AdwCleaner[S04].txt - [2164 octets] - [20/09/2019 19:36:46]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Ryzen (Administrator) on 20/09/2019 at 19:39:20,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\Users\Ryzen\AppData\Roaming\Mozilla\Firefox\Profiles\2d5krbea.default\user.js (File)
Deleted the following from C:\Users\Ryzen\AppData\Roaming\Mozilla\Firefox\Profiles\2d5krbea.default\prefs.js
user_pref(extensions.webextensions.ExtensionStorageIDB.migrated.homepage@mail.ru, true);
user_pref(extensions.webextensions.uuids, {\[email protected]\:\ef3da5a3-ac4e-4e7e-940c-a5b0997415c4\,\[email protected]\:\6f9772ac-98e8-4f17-a71c-8bb4f90
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/09/2019 at 19:41:40,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2019 01
Ran by Ryzen (administrator) on CONTADORA (20-09-2019 19:43:42)
Running from C:\Users\Ryzen\Desktop
Loaded Profiles: Ryzen (Available Profiles: Ryzen)
Platform: Windows 10 Pro Version 1903 18362.295 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0333854.inf_amd64_6dc0bbc404f76288\B334021\atiesrxx.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [830304 2018-10-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [180448 2019-07-30] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [ActuOnLine] => C:\Program Files (x86)\Errepar\Actualidad OnLine\ActuOnLine.exe [2927104 2010-07-07] (Errepar) [File not signed]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1092304 2016-03-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRWE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-28] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02BA35AB-3D29-4FE3-8C12-C340905B9799} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DBA5738-1E56-4B6E-AFFE-D388D2A9AB12} - System32\Tasks\EPSON L395 Series Update {1CF81808-0887-43BB-97ED-B8EE78A720B9} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRWE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {1EA93FA0-6807-4438-8274-F7A95C279334} - \Microsoft\Windows\UpdateOrchestrator\Universal Orchestrator Start -> No File <==== ATTENTION
Task: {57C8EB7A-B5BF-44B5-8573-2A599DBC95F8} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [63880 2018-10-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {62C820E0-3C62-4418-B83C-D27E3F529F6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {6EE31486-90BB-4F39-8332-5D6CA42167B6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-10-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {76416B8C-31FD-4871-B6D2-48852585C90A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C819BA2A-1BBD-4EB5-9083-7CA60DFDCD1C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {D66D0AB5-14D6-481D-837D-708E24BEE6AB} - \Microsoft\Windows\UpdateOrchestrator\AC Power Download -> No File <==== ATTENTION
Task: {DA5DB928-D050-4B8C-8877-8EC0590FF527} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E18FDA94-7DFF-454B-ABCF-29779DF3C71E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F583D21C-C765-48ED-BDF0-42DC88386E02} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2019-06-25] (Piriform Ltd -> Piriform Ltd)
Task: {F96B69B0-6AD5-426A-B73A-A74B3E935214} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\EPSON L395 Series Update {1CF81808-0887-43BB-97ED-B8EE78A720B9}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRWE.EXE:/EXE:{1CF81808-0887-43BB-97ED-B8EE78A720B9} /F:UpdateGRUPO\CONTADORA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4c5ce223-424b-4a0e-ba56-e5e49eea5ac7}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{7202f8f4-d373-4b58-9e53-d961b79f316d}: [NameServer] 213.166.69.3,
Tcpip\..\Interfaces\{7202f8f4-d373-4b58-9e53-d961b79f316d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c9ee129-6f79-4fb8-8497-030297c1ebb2}: [NameServer] 213.166.69.3,
Tcpip\..\Interfaces\{8c9ee129-6f79-4fb8-8497-030297c1ebb2}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.ar/
SearchScopes: HKU\S-1-5-21-2936734617-3609513407-3023620558-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 2d5krbea.default
FF ProfilePath: C:\Users\Ryzen\AppData\Roaming\Mozilla\Firefox\Profiles\2d5krbea.default [2019-09-20]
FF NetworkProxy: Mozilla\Firefox\Profiles\2d5krbea.default -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\2d5krbea.default -> Enabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\2d5krbea.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Security Update Tool) - C:\Users\Ryzen\AppData\Roaming\Mozilla\Firefox\Profiles\2d5krbea.default\Extensions\{f819cd6a-0d11-4e67-9a6f-e3bdaf4eee3b}.xpi [2019-08-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-06-25] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-06-25] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1232202.dll [2018-03-09] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.ar/
CHR Profile: C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default [2019-09-20]
CHR Extension: (Presentaciones) - C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-25]
CHR Extension: (Documentos) - C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-25]
CHR Extension: (Google Drive) - C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-25]
CHR Extension: (YouTube) - C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-25]
CHR Extension: (Hojas de cálculo) - C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-25]
CHR Extension: (Chrome Update Tool) - C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjdblhobihaknilfmfjfpidfblgajmk [2019-09-02]
CHR Extension: (Gmail) - C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-25]
CHR Extension: (Chrome Media Router) - C:\Users\Ryzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-13]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\u0333854.inf_amd64_6dc0bbc404f76288\B334021\atiesrxx.exe [507152 2018-10-10] (Advanced Micro Devices, Inc. -> AMD)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-07-30] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-07-30] (ESET, spol. s r.o. -> ESET)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [678328 2018-06-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [830304 2018-10-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5775208 2019-08-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-25] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [34568 2019-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\u0333854.inf_amd64_6dc0bbc404f76288\B334021\atikmdag.sys [47497488 2018-10-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\u0333854.inf_amd64_6dc0bbc404f76288\B334021\atikmpag.sys [589288 2018-10-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [137688 2018-10-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2019-07-30] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189232 2019-07-30] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [113336 2019-07-30] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-09-18] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-09-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-09-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-09-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116112 2019-09-20] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1131024 2018-10-23] (Realtek Semiconductor Corp. -> Realtek )
S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [6635848 2017-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 RtlWlanu_OldIC; C:\Windows\System32\drivers\rtwlanu_oldIC.sys [3814400 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [47496 2019-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [337632 2019-06-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-25] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-20 19:43 - 2019-09-20 19:44 - 000019139 _____ C:\Users\Ryzen\Desktop\FRST.txt
2019-09-20 19:43 - 2019-09-20 19:43 - 000000000 ____D C:\FRST
2019-09-20 19:41 - 2019-09-20 19:41 - 000001034 _____ C:\Users\Ryzen\Desktop\JRT.txt
2019-09-20 19:38 - 2019-09-20 19:38 - 000002050 _____ C:\Users\Ryzen\Desktop\AdwCleaner[C04].txt
2019-09-20 19:37 - 2019-09-20 19:37 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-09-20 19:37 - 2019-09-20 19:37 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-09-20 19:37 - 2019-09-20 19:37 - 000116112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-09-20 19:37 - 2019-09-20 19:37 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-09-20 19:35 - 2019-09-20 19:35 - 000005840 _____ C:\Users\Ryzen\Desktop\malwarebytes.txt
2019-09-20 19:30 - 2019-09-20 19:19 - 001615360 _____ (Farbar) C:\Users\Ryzen\Desktop\FRST64.exe
2019-09-20 19:30 - 2019-09-20 19:18 - 001790024 _____ (Malwarebytes) C:\Users\Ryzen\Desktop\JRT.exe
2019-09-20 19:29 - 2019-09-20 19:29 - 000090368 _____ C:\Users\Ryzen\Documents\cc_20190920_192930.reg
2019-09-20 17:55 - 2019-09-20 17:55 - 000046689 _____ C:\Users\Ryzen\Downloads\lsp_190-0004-00000003.pdf
2019-09-18 19:53 - 2019-09-18 19:53 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-09-18 19:52 - 2019-09-18 19:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-18 19:52 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-09-18 19:52 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-09-18 19:44 - 2019-09-18 19:52 - 064333800 _____ (Malwarebytes ) C:\Users\Ryzen\Downloads\mb3-setup-adwc.adwc100.3.8.3.exe
2019-09-18 19:31 - 2019-09-18 19:32 - 007622344 _____ (Malwarebytes) C:\Users\Ryzen\Desktop\adwcleaner_7.4.1.exe
2019-09-18 18:59 - 2019-09-18 18:59 - 000000000 ____D C:\Users\Ryzen\AppData\Local\OneDrive
2019-09-17 20:08 - 2019-09-17 20:10 - 000000000 ____D C:\AdwCleaner
2019-09-12 19:52 - 2019-09-12 19:52 - 000000000 ____D C:\Users\Ryzen\AppData\Local\mbamtray
2019-09-12 19:52 - 2019-09-12 19:52 - 000000000 ____D C:\Users\Ryzen\AppData\Local\mbam
2019-09-12 19:52 - 2019-09-12 19:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-09-12 19:52 - 2019-09-12 19:52 - 000000000 ____D C:\Program Files\Malwarebytes
2019-09-12 19:34 - 2019-09-12 19:34 - 000000000 ____D C:\Users\Ryzen\AppData\Roaming\SUPERAntiSpyware.com
2019-09-12 19:33 - 2019-09-18 19:24 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-09-12 19:33 - 2019-09-12 19:33 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-09-12 19:23 - 2019-09-12 19:23 - 000000000 ____D C:\Users\Ryzen\AppData\LocalLow\Oracle
2019-09-02 21:48 - 2019-09-03 16:53 - 000000000 ____D C:\ProgramData\Porland
2019-09-02 21:27 - 2019-09-02 21:27 - 000171197 _____ C:\Users\Ryzen\Downloads\prototypetrainer.zip
2019-09-02 21:17 - 2019-09-12 19:58 - 000000000 ____D C:\ProgramData\{842629B2-CCC2-ECFB-BAD1-7860BA362131}
2019-09-02 21:17 - 2019-09-12 19:58 - 000000000 ____D C:\ProgramData\{167ACA31-2F41-7EA7-3932-24F239D57DA3}
2019-09-02 21:17 - 2019-09-02 21:17 - 000000000 ____D C:\Users\Ryzen\AppData\Local\AdvinstAnalytics
2019-09-02 21:17 - 2019-09-02 21:17 - 000000000 ____D C:\ProgramData\lgqavQQRTGS
2019-09-02 21:17 - 2019-09-02 21:17 - 000000000 ____D C:\ProgramData\Lamia
2019-09-02 21:16 - 2019-09-18 19:23 - 000000000 ____D C:\Users\Ryzen\AppData\Local\Mail.Ru
2019-09-02 21:16 - 2019-09-03 16:54 - 000000000 ____D C:\Users\Ryzen\AppData\Roaming\mfmvlggvyuzx
2019-09-02 21:16 - 2019-09-02 21:17 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-08-29 19:39 - 2019-08-29 19:40 - 000037266 _____ C:\Users\Ryzen\Downloads\20127706612_001_00004_00000031(1).pdf
2019-08-29 19:36 - 2019-08-29 19:36 - 000037266 _____ C:\Users\Ryzen\Downloads\20127706612_001_00004_00000031.pdf
2019-08-26 21:25 - 2019-09-02 20:48 - 000000000 ____D C:\Users\Ryzen\Documents\Prototype
2019-08-26 20:59 - 2019-08-26 21:07 - 000000000 ____D C:\Root
2019-08-26 20:47 - 2019-08-26 20:47 - 000000000 ____D C:\Program Files (x86)\Activision
2019-08-23 16:07 - 2019-08-23 16:07 - 000461668 _____ C:\Users\Ryzen\Downloads\POLIZA_2100_64991_206.pdf
2019-08-21 20:20 - 2019-08-21 20:20 - 000087040 _____ C:\Users\Ryzen\Documents\Copia de Gastos domesticos (Autoguardado).xls
2019-08-21 20:20 - 2019-08-21 20:20 - 000000000 ____D C:\Users\Ryzen\Documents\Plantillas personalizadas de Office
2019-08-21 19:29 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2019-08-21 19:29 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-08-21 19:29 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2019-08-21 19:29 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2019-08-21 19:29 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-08-21 19:29 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2019-08-21 19:29 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-08-21 19:29 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2019-08-21 19:29 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2019-08-21 19:29 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2019-08-21 19:29 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2019-08-21 19:29 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2019-08-21 19:29 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2019-08-21 19:29 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2019-08-21 19:29 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-08-21 19:29 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2019-08-21 19:29 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2019-08-21 19:29 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2019-08-21 19:29 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2019-08-21 19:29 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2019-08-21 19:29 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2019-08-21 19:29 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2019-08-21 19:29 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2019-08-21 19:29 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2019-08-21 19:29 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2019-08-21 19:29 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2019-08-21 19:29 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2019-08-21 19:29 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2019-08-21 19:29 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2019-08-21 19:29 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2019-08-21 19:29 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2019-08-21 19:29 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2019-08-21 19:29 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2019-08-21 19:29 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2019-08-21 19:29 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2019-08-21 19:29 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2019-08-21 19:29 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2019-08-21 19:29 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2019-08-21 19:29 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2019-08-21 19:29 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2019-08-21 19:29 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2019-08-21 19:29 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2019-08-21 19:29 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2019-08-21 19:29 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2019-08-21 19:29 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2019-08-21 19:29 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2019-08-21 19:29 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2019-08-21 19:29 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2019-08-21 19:29 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2019-08-21 19:29 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2019-08-21 19:29 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2019-08-21 19:29 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2019-08-21 19:29 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2019-08-21 19:29 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2019-08-21 19:29 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2019-08-21 19:29 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2019-08-21 19:29 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2019-08-21 19:29 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2019-08-21 19:29 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2019-08-21 19:29 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2019-08-21 19:29 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2019-08-21 19:29 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2019-08-21 19:29 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2019-08-21 19:29 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2019-08-21 19:29 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2019-08-21 19:29 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2019-08-21 19:29 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2019-08-21 19:29 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2019-08-21 19:29 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2019-08-21 19:29 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2019-08-21 19:29 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2019-08-21 19:29 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2019-08-21 19:29 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2019-08-21 19:29 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2019-08-21 19:29 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2019-08-21 19:29 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2019-08-21 19:29 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2019-08-21 19:29 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2019-08-21 19:29 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2019-08-21 19:29 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2019-08-21 19:29 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2019-08-21 19:29 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2019-08-21 19:29 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2019-08-21 19:29 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2019-08-21 19:29 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2019-08-21 19:29 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2019-08-21 19:29 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2019-08-21 19:29 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2019-08-21 19:29 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2019-08-21 19:29 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2019-08-21 19:29 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2019-08-21 19:29 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2019-08-21 19:29 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2019-08-21 19:29 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2019-08-21 19:29 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2019-08-21 19:29 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2019-08-21 19:29 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2019-08-21 19:29 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2019-08-21 19:29 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2019-08-21 19:29 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2019-08-21 19:29 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2019-08-21 19:29 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2019-08-21 19:29 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2019-08-21 19:29 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2019-08-21 19:29 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2019-08-21 19:29 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2019-08-21 19:29 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2019-08-21 19:29 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2019-08-21 19:29 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2019-08-21 19:29 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2019-08-21 19:29 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2019-08-21 19:29 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2019-08-21 19:29 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2019-08-21 19:29 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2019-08-21 19:29 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2019-08-21 19:29 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2019-08-21 19:29 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2019-08-21 19:29 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2019-08-21 19:29 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2019-08-21 19:29 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2019-08-21 19:29 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2019-08-21 19:29 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2019-08-21 19:29 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2019-08-21 19:29 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2019-08-21 19:29 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2019-08-21 19:29 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2019-08-21 19:29 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2019-08-21 19:29 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2019-08-21 19:29 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2019-08-21 19:29 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2019-08-21 19:29 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2019-08-21 19:29 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2019-08-21 19:29 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2019-08-21 19:29 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2019-08-21 19:29 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2019-08-21 19:29 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2019-08-21 19:29 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2019-08-21 19:29 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2019-08-21 19:29 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2019-08-21 19:29 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2019-08-21 19:29 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2019-08-21 19:29 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2019-08-21 19:29 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2019-08-21 19:29 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2019-08-21 19:29 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2019-08-21 19:29 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2019-08-21 19:29 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2019-08-21 19:29 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2019-08-21 19:29 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2019-08-21 19:29 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2019-08-21 19:29 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2019-08-21 19:29 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2019-08-21 19:29 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2019-08-21 19:29 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2019-08-21 19:29 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2019-08-21 19:29 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2019-08-21 19:29 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2019-08-21 19:29 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2019-08-21 19:29 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2019-08-21 19:29 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2019-08-21 19:29 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2019-08-21 19:29 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2019-08-21 19:29 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2019-08-21 19:29 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2019-08-21 19:29 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2019-08-21 19:29 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2019-08-21 19:29 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2019-08-21 19:29 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2019-08-21 19:29 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2019-08-21 19:29 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2019-08-21 19:29 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2019-08-21 19:29 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2019-08-21 19:29 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2019-08-21 19:29 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2019-08-21 19:29 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2019-08-21 19:29 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2019-08-21 19:29 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2019-08-21 19:29 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2019-08-21 19:29 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2019-08-21 19:29 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2019-08-21 19:28 - 2019-08-21 19:28 - 000000000 ____D C:\Users\Ryzen\Downloads\directx_Jun2010_redist
2019-08-21 19:27 - 2019-08-21 19:28 - 100271992 _____ (Microsoft Corporation) C:\Users\Ryzen\Downloads\directx_Jun2010_redist.exe
2019-08-21 19:21 - 2019-08-21 19:21 - 000000000 ____D C:\Users\Ryzen\Downloads\prototype2engine
2019-08-21 19:20 - 2019-08-21 19:21 - 007375255 _____ C:\Users\Ryzen\Downloads\prototype2engine.zip
2019-08-21 19:05 - 2019-09-20 19:21 - 000000000 ____D C:\Users\Ryzen\AppData\Roaming\uTorrent
2019-08-21 19:05 - 2019-08-21 19:05 - 000000896 _____ C:\Users\Ryzen\Desktop\µTorrent.lnk
2019-08-21 18:47 - 2019-08-21 18:47 - 000000000 ____D C:\Program Files (x86)\Thief
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-20 19:38 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-20 19:37 - 2019-03-19 04:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-09-20 19:37 - 2019-03-19 01:37 - 000524288 _____ C:\Windows\system32\config\BBI
2019-09-20 19:32 - 2019-03-19 04:59 - 000436920 _____ C:\Windows\system32\FNTCACHE.DAT
2019-09-20 19:32 - 2019-03-19 04:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-09-20 19:23 - 2019-06-25 12:46 - 000000000 ____D C:\Program Files\CCleaner
2019-09-20 19:22 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2019-09-20 19:18 - 2019-06-25 12:46 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-09-20 19:13 - 2019-06-25 18:14 - 000000000 ____D C:\Users\Ryzen\AppData\LocalLow\Mozilla
2019-09-20 19:12 - 2019-06-25 18:56 - 000000000 ____D C:\her
2019-09-20 18:05 - 2019-07-18 11:40 - 000000000 ____D C:\Users\Ryzen\Documents\Archivos de Outlook
2019-09-20 18:05 - 2019-07-18 11:24 - 000140800 _____ C:\Users\Ryzen\Documents\Resúmen analítico de Compras y Ventas.xls
2019-09-20 17:35 - 2019-07-18 11:24 - 000414720 _____ C:\Users\Ryzen\Documents\Retiros Particulares Farmacia.xls
2019-09-20 17:35 - 2019-07-18 11:23 - 000088064 _____ C:\Users\Ryzen\Documents\Copia de Gastos domesticos.xls
2019-09-19 17:57 - 2019-03-19 05:19 - 000000000 ____D C:\Users\Ryzen\AppData\Local\D3DSCache
2019-09-19 16:04 - 2019-07-18 11:24 - 000540160 _____ C:\Users\Ryzen\Documents\Planilla de caja.xls
2019-09-18 19:52 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-09-18 19:51 - 2019-07-18 15:08 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2019-09-18 19:30 - 2019-06-25 18:21 - 000000000 ____D C:\Program Files\Java
2019-09-18 19:29 - 2019-03-19 05:06 - 000003368 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2936734617-3609513407-3023620558-1001
2019-09-18 19:29 - 2019-03-19 05:06 - 000000000 ___RD C:\Users\Ryzen\OneDrive
2019-09-18 19:29 - 2019-03-19 05:04 - 000002401 _____ C:\Users\Ryzen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-18 19:24 - 2019-03-19 05:04 - 000000000 ____D C:\Users\Ryzen
2019-09-18 19:23 - 2019-06-25 18:28 - 000000000 ____D C:\Users\Ryzen\AppData\Local\Microsoft Help
2019-09-18 19:23 - 2019-06-25 18:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-18 19:15 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-18 19:14 - 2019-06-25 18:14 - 000000000 ____D C:\Users\Ryzen\AppData\Local\Mozilla
2019-09-18 19:14 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\registration
2019-09-18 19:04 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\NDF
2019-09-17 20:10 - 2019-07-18 15:08 - 000000000 ____D C:\Users\Ryzen\AppData\Roaming\Lavasoft
2019-09-17 20:10 - 2019-07-18 15:08 - 000000000 ____D C:\ProgramData\Lavasoft
2019-09-17 19:47 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\LiveKernelReports
2019-09-17 19:47 - 2019-03-19 00:59 - 000000000 ____D C:\Windows\Panther
2019-09-10 19:48 - 2019-07-23 17:15 - 000000000 ____D C:\Users\Ryzen\AppData\Roaming\AnyDesk
2019-09-05 17:01 - 2019-03-19 05:04 - 000000000 ____D C:\Users\Ryzen\AppData\Local\Packages
2019-09-05 16:46 - 2019-08-08 17:36 - 000000000 ____D C:\facturasdgi
2019-09-03 17:11 - 2019-06-25 18:14 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-09-03 17:11 - 2019-06-25 18:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-09-03 17:01 - 2019-03-19 01:37 - 000524288 _____ C:\Windows\system32\config\BBI(16)
2019-09-02 21:17 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-09-02 21:17 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-09-02 21:16 - 2019-06-25 12:44 - 000000000 ____D C:\Program Files (x86)\Google
2019-08-30 21:26 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness
2019-08-28 16:29 - 2019-06-25 12:46 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-28 16:29 - 2019-06-25 12:46 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-26 21:07 - 2019-03-19 05:15 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-08-22 15:46 - 2019-06-25 12:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-08-21 18:59 - 2019-07-18 15:21 - 000000000 ____D C:\Program Files (x86)\BearShare
==================== Files in the root of some directories ================
2014-05-09 19:44 - 2009-10-19 06:47 - 000073728 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\foxhhelp9.exe
2014-05-09 19:44 - 2009-10-19 06:48 - 000016384 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\foxhhelpps9.dll
2014-05-09 19:44 - 2007-10-15 10:11 - 001507328 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\VFP9ENU.DLL
2014-05-09 19:44 - 2009-04-03 12:01 - 004734976 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\vfp9r.dll
2014-05-09 19:44 - 2007-10-15 10:15 - 001187840 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\VFP9RENU.DLL
2014-05-09 19:44 - 2007-10-15 10:47 - 001228800 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\vfp9resn.dll
==================== FLock ================
2019-03-19 05:03 C:\Windows\CSC
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-09-2019 01
Ran by Ryzen (20-09-2019 19:45:28)
Running from C:\Users\Ryzen\Desktop
Windows 10 Pro Version 1903 18362.295 (X64) (2019-03-19 08:01:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2936734617-3609513407-3023620558-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2936734617-3609513407-3023620558-503 - Limited - Disabled)
Invitado (S-1-5-21-2936734617-3609513407-3023620558-501 - Limited - Enabled)
Ryzen (S-1-5-21-2936734617-3609513407-3023620558-1001 - Administrator - Enabled) => C:\Users\Ryzen
WDAGUtilityAccount (S-1-5-21-2936734617-3609513407-3023620558-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
Account Soft - Componentes 9 (HKLM-x32\...\Account_Soft) (Version: 9 - Account Soft)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.12 - Advanced Micro Devices, Inc.)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Baja o recambio de memoria de Controladores Fiscales v.1.01 (HKLM-x32\...\ST5UNST #15) (Version: - )
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden
BP-AyP (HKLM-x32\...\ST5UNST #2) (Version: - )
C.I.T.I. Compras (HKLM-x32\...\ST5UNST #14) (Version: - )
C.I.T.I. Ventas (HKLM-x32\...\ST5UNST #12) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
Compensaciones y Volantes de Pago (HKLM-x32\...\ST5UNST #11) (Version: - )
Diagnóstico de impresoras Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{816185C8-7C13-4650-9AB4-FC2EC9651A77}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{E244A764-EDD0-46B0-8689-661F6B28D9E5}) (Version: 3.10.0069 - Seiko Epson Corporation)
EPSON L395 Series Printer Uninstall (HKLM\...\EPSON L395 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}) (Version: 3.0.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}) (Version: 4.4.11 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Errepar Actualidad OnLine (HKLM-x32\...\Actualidad OnLine) (Version: - )
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 12.2.23.0 - ESET, spol. s r.o.)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Formulario Multinota (HKLM-x32\...\ST5UNST #16) (Version: - )
Ganancias personas físicas (HKLM-x32\...\ST5UNST #19) (Version: - )
GMP V900 - R2 (HKLM-x32\...\ST5UNST #3) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GPFBP V1801 - R0 (HKLM-x32\...\ST5UNST #4) (Version: - )
GPJ v16.0 R3 (HKLM-x32\...\ST5UNST #6) (Version: - )
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I.V.A. (HKLM-x32\...\ST5UNST #7) (Version: - )
Informe para Fines Fiscales (HKLM-x32\...\ST5UNST #5) (Version: - )
Juego Prototype(TM) (HKLM-x32\...\InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Manual Epson L395 (HKLM-x32\...\UsersGuideManual Epson L395_is1) (Version: 1.0 - Epson America, Inc.)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 69.0 (x64 es-AR) (HKLM\...\Mozilla Firefox 69.0 (x64 es-AR)) (Version: 69.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nombre de su organización)
Participaciones Societarias (HKLM-x32\...\ST5UNST #20) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plan de Facilidades de Pago R.G.984 v300 r2 (HKLM-x32\...\ST5UNST #21) (Version: - )
Prototype(TM) (HKLM-x32\...\{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8560 - Realtek Semiconductor Corp.)
Régimen de Asistencia Financiera (HKLM-x32\...\ST5UNST #18) (Version: - )
Regimen de Información de Compras y Ventas V.1.0 R.6 (HKLM-x32\...\ST5UNST #13) (Version: - )
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
S.I.Ap. (HKLM-x32\...\ST5UNST #1) (Version: - )
S.I.J.P. Retenciones y Percepciones (HKLM-x32\...\ST5UNST #8) (Version: - )
Samsung C410 Series (HKLM-x32\...\Samsung C410 Series) (Version: 1.15 (12/06/2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
SICORE (HKLM-x32\...\ST5UNST #10) (Version: - )
SICOSS (HKLM-x32\...\ST5UNST #9) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
TP-Link TL-WN8200ND Driver (HKLM-x32\...\{32887DD5-7B1E-46C1-9D01-FCDD363B6A8F}) (Version: 1.0.0 - TP-Link)
Transferencias de Inmuebles (HKLM-x32\...\ST5UNST #17) (Version: - )
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.2 - VideoLAN)
Web Companion (HKLM-x32\...\{2f6cbdb0-2936-40d1-9e70-42a7a744d4bc}) (Version: 4.8.2021.3909 - Lavasoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.9.7.0_x86__kgqvnymyfvs32 [2019-09-18] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.19.5.0_x86__kgqvnymyfvs32 [2019-09-18] (king.com)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.136.0_x64__dt26b99r8h8gj [2019-09-18] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0 [2019-09-18] (Spotify AB)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-30] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-30] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-10-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-30] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 01:49 - 2019-03-19 01:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\...\StartupApproved\Run: => "utweb"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{60B43C17-3750-4888-B8E2-1F2DF3CB42EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A65212C0-2868-41B2-9560-84D48D7A16B6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{1AFFCD21-B326-41E0-80CA-F0B4CDC1FF3C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F4C0DD0D-7AAD-49FA-B8CF-93B2C5B8B5CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{26E02BD4-3AE9-4DCE-98AA-19DFA3BF1ED0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{FADFFCBB-61D9-46B2-A801-5C8F01A9CEA0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E0A864BE-A4F4-4EC4-BDAC-3CB4E5694AF4}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF81ECBA-8D01-4BE5-8039-1A60A5CE6DFA}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5705EB20-5335-47BF-851F-1A0F33908C51}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{240EB671-3C06-4259-927A-9C6783AAF486}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B380DCB-89DC-4624-931A-F8282C0E4614}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{D43503AA-8B9D-48A5-B3DC-88B68B178B8B}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{E0E191E4-5032-4348-BF2A-94FBABD1545A}C:\program files (x86)\bearshare\bearshare.exe] => (Allow) C:\program files (x86)\bearshare\bearshare.exe No File
FirewallRules: [UDP Query User{CDE48745-E62D-4CCC-966C-45027B9E5E84}C:\program files (x86)\bearshare\bearshare.exe] => (Allow) C:\program files (x86)\bearshare\bearshare.exe No File
FirewallRules: [TCP Query User{9EE4BCBF-C538-4FE4-99AF-58641FB002F2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{E0993BEA-41FF-4A59-9E14-81A5FC22EE49}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{9EE5B22E-D201-4482-BE3A-9A673CA7A99D}C:\users\ryzen\desktop\anydesk.exe] => (Allow) C:\users\ryzen\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{42A92FB4-2A47-46F4-AC04-3CEEBEE1B519}C:\users\ryzen\desktop\anydesk.exe] => (Allow) C:\users\ryzen\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [{350103D3-005D-44CC-B594-AE089BD829F2}] => (Allow) C:\Users\Ryzen\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{82FEE491-A92C-4085-A977-AF16F52F77B8}] => (Allow) C:\Users\Ryzen\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{064C7BDA-83F8-4601-B376-5D49B1337A26}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9F1AE880-9B8A-429C-BD9F-97E08B232EAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{72638072-BC78-43B1-87B2-33B9F033DA5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{374A8185-DDE1-43E5-96C3-628FBC1033E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{544FB219-2FA1-4A70-AA05-A19F9EF8AB2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94863CDB-81A5-4B78-A2BE-7594A4FEBACE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{538AFBB2-A3B1-4362-9A0E-17E492DF613D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F32A803F-0D9E-4CA4-A073-C7F1160E39F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{10078826-6EC0-4E7B-B89B-7D100D6726FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
26-08-2019 20:47:26 Instalado Juego Prototype(TM)
05-09-2019 18:44:55 Punto de control programado
12-09-2019 19:45:24 Removed Online Application
18-09-2019 19:12:53 Operación de restauración
20-09-2019 19:39:20 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/20/2019 07:14:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 3.1.0.1838, marca de tiempo: 0x5d13b12f
Nombre del módulo con errores: Qt5Core.dll, versión: 5.11.1.0, marca de tiempo: 0x5cba0161
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0018dc19
Identificador del proceso con errores: 0x262c
Hora de inicio de la aplicación con errores: 0x01d57000adbd1a3e
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: d0d20663-a2fc-4c34-9929-f716ea6bc110
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (09/18/2019 07:46:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa adwcleaner_7.4.1.exe (versión 7.4.1.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.
Id. de proceso: 2a48
Hora de Inicio: 01d56e71116d5cd6
Hora de finalización: 4294967295
Ruta de la aplicación: C:\her\adwcleaner_7.4.1.exe
Id. de informe: a66cdabe-c84a-4802-ab4e-2b9eef9e2b67
Nombre completo del paquete con errores:
Id. de la aplicación relativa al paquete con errores:
Tipo de bloqueo: Top level window is idle
Error: (09/18/2019 07:24:49 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Error no especificado durante Restaurar sistema: (Punto de control programado). Información adicional: 0xc0000022.
Error: (09/18/2019 07:24:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4716,R,98) SRUJet: Error -1811 (0xfffff8ed) al abrir un archivo de registro C:\Windows\system32\SRU\SRU00520.log.
Error: (09/17/2019 06:37:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: firefox.exe, versión: 69.0.0.7178, marca de tiempo: 0x5d6491ca
Nombre del módulo con errores: ntdll.dll, versión: 10.0.18362.267, marca de tiempo: 0xc00f8a30
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f9269
Identificador del proceso con errores: 0x1090
Hora de inicio de la aplicación con errores: 0x01d56d9f649bbef0
Ruta de acceso de la aplicación con errores: C:\Program Files\Mozilla Firefox\firefox.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Identificador del informe: ca83d42e-27c9-4330-9a19-bc5bda5624ae
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (09/11/2019 10:38:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa SearchUI.exe (versión 10.0.18362.267) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.
Id. de proceso: 34c
Hora de Inicio: 01d568fda4db6c3d
Hora de finalización: 4294967295
Ruta de la aplicación: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Id. de informe: b7de689e-a70b-4c26-a694-78c44cd93505
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.12.3.18362_neutral_neutral_cw5n1h2txyewy
Id. de la aplicación relativa al paquete con errores: CortanaUI
Tipo de bloqueo: Cross-thread
Error: (09/09/2019 09:16:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: prototypef.exe, versión: 1.0.0.1, marca de tiempo: 0x49ef07ae
Nombre del módulo con errores: prototypeenginef.dll, versión: 1.0.0.1, marca de tiempo: 0x49ef9366
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00a9b392
Identificador del proceso con errores: 0x1c14
Hora de inicio de la aplicación con errores: 0x01d5676cdf138a4d
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Activision\Prototype\prototypef.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Activision\Prototype\prototypeenginef.dll
Identificador del informe: a137f525-19d8-46cd-8f99-4cb9583797bf
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (09/09/2019 09:15:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: prototypef.exe, versión: 1.0.0.1, marca de tiempo: 0x49ef07ae
Nombre del módulo con errores: prototypeenginef.dll, versión: 1.0.0.1, marca de tiempo: 0x49ef9366
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00a9b392
Identificador del proceso con errores: 0x534
Hora de inicio de la aplicación con errores: 0x01d5676ca8b5409a
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Activision\Prototype\prototypef.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Activision\Prototype\prototypeenginef.dll
Identificador del informe: 852c38ad-161e-43c1-a8c4-c19e0431e22c
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
System errors:
=============
Error: (09/20/2019 07:39:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Realtek Audio Universal Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (09/20/2019 07:37:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Realtek Audio Universal Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (09/20/2019 07:37:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/20/2019 07:37:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio EpsonCustomerResearchParticipation se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/20/2019 07:37:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Epson Scanner Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/20/2019 07:37:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD External Events Utility se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/20/2019 07:21:15 PM) (Source: DCOM) (EventID: 10000) (User: CONTADORA)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error
"2147942767"
al iniciar este comando:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (09/20/2019 07:12:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Google Update Servicio (gupdate) no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
CodeIntegrity:
===================================
Date: 2019-09-20 19:39:44.281
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-09-20 19:39:44.264
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-09-20 19:39:39.581
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-09-20 19:39:31.042
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-09-20 19:39:31.035
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-09-20 19:39:30.252
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-09-20 19:39:30.248
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-09-20 19:39:30.223
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.00 11/22/2018
Motherboard: ASRock A320M-HDV R4.0
Processor: AMD Ryzen 5 2400G with Radeon Vega Graphics
Percentage of memory in use: 33%
Total physical RAM: 7097.91 MB
Available physical RAM: 4744.84 MB
Total Virtual: 8249.91 MB
Available Virtual: 6045.94 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:446.5 GB) (Free:320.84 GB) NTFS
\\?\Volume{77a5ba3f-f7b3-45a0-947a-4a763db9b790}\ (Recuperación) (Fixed) (Total:0.52 GB) (Free:0.13 GB) NTFS
\\?\Volume{a6d7bca4-26f0-4378-9480-b4ff31a7065f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
He reiniciado el equipo y vuelto a conectar a Internet y la infección no desaparece tanto en chrome como firefox y me redirecciona a otras webs que no he solicitado.
Hola.
El informe de Malwarebyes indica “Sin acciones por parte del usuario” y deberías haberlo enviado TODO a la cuarentena para que fueran eliminados.
Repítelo y pones el nuevo informe obtenido con Malwarebytes.
Saludos.
Si , efectivamente los mande a todos a cuarentena y reinicie el equipo como me pidio el programa, no tengo idea porque dice eso. pero repito el proceso.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 20/9/19
Hora del análisis: 20:14
Archivo de registro: 67aa30fe-dbfc-11e9-a7ec-7085c2c01261.json
-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.625
Versión del paquete de actualización: 1.0.12581
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 18362.295)
CPU: x64
Sistema de archivos: NTFS
Usuario: CONTADORA\Ryzen
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 285137
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 1 min, 5 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 2
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7202f8f4-d373-4b58-9e53-d961b79f316d}|NameServer, Sustituido, [3079], [733165],1.0.12581
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8c9ee129-6f79-4fb8-8497-030297c1ebb2}|NameServer, Sustituido, [3079], [733165],1.0.12581
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Volví a probar y la pc ya quedo sin conexión, ahora ya no se conecta a la red.
Hola.
Después de volver a usar Malwarebytes has Reiniciado .?
Reinicia de todas maneras de nuevo y comprueba si tienes conexión .
La conexión a Internet la haces por wifi o por cable .??
Prueba de ambas maneras para descartar y nos comentas.
Todavía tengo que revisar los informes de FRST para darte indicaciones.
Espero tus comentarios
Saludos
Muy buenas, volvi a reiniciar y la conexion se restablecio, pero cuando navego por firefox vuelve a marcar la infeccion.de una web llamada myprotectpc.com.
Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :
-
Para hacerlo descarga DelFix.exe(en tu escritorio).
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {1EA93FA0-6807-4438-8274-F7A95C279334} - \Microsoft\Windows\UpdateOrchestrator\Universal Orchestrator Start -> No File <==== ATTENTION
Task: {D66D0AB5-14D6-481D-837D-708E24BEE6AB} - \Microsoft\Windows\UpdateOrchestrator\AC Power Download -> No File <==== ATTENTION
Tcpip\..\Interfaces\{7202f8f4-d373-4b58-9e53-d961b79f316d}: [NameServer] 213.166.69.3,
Tcpip\..\Interfaces\{8c9ee129-6f79-4fb8-8497-030297c1ebb2}: [NameServer] 213.166.69.3,
FF NetworkProxy: Mozilla\Firefox\Profiles\2d5krbea.default -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\2d5krbea.default -> Enabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\2d5krbea.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Security Update Tool) - C:\Users\Ryzen\AppData\Roaming\Mozilla\Firefox\Profiles\2d5krbea.default\Extensions\{f819cd6a-0d11-4e67-9a6f-e3bdaf4eee3b}.xpi [2019-08-27]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File]
2019-09-02 21:16 - 2019-09-18 19:23 - 000000000 ____D C:\Users\Ryzen\AppData\Local\Mail.Ru
2019-09-02 21:16 - 2019-09-03 16:54 - 000000000 ____D C:\Users\Ryzen\AppData\Roaming\mfmvlggvyuzx
2019-09-02 21:16 - 2019-09-02 21:17 - 000000000 ____D C:\ProgramData\Mail.Ru
2014-05-09 19:44 - 2009-10-19 06:47 - 000073728 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\foxhhelp9.exe
2014-05-09 19:44 - 2009-10-19 06:48 - 000016384 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\foxhhelpps9.dll
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
-
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
-
Presionar el botón FIX y aguardar a que termine.
-
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-09-2019 01
Ran by Ryzen (21-09-2019 12:15:09) Run:1
Running from C:\Users\Ryzen\Desktop
Loaded Profiles: Ryzen (Available Profiles: Ryzen)
Boot Mode: Safe Mode (minimal)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {1EA93FA0-6807-4438-8274-F7A95C279334} - \Microsoft\Windows\UpdateOrchestrator\Universal Orchestrator Start -> No File <==== ATTENTION
Task: {D66D0AB5-14D6-481D-837D-708E24BEE6AB} - \Microsoft\Windows\UpdateOrchestrator\AC Power Download -> No File <==== ATTENTION
Tcpip\..\Interfaces\{7202f8f4-d373-4b58-9e53-d961b79f316d}: [NameServer] 213.166.69.3,
Tcpip\..\Interfaces\{8c9ee129-6f79-4fb8-8497-030297c1ebb2}: [NameServer] 213.166.69.3,
FF NetworkProxy: Mozilla\Firefox\Profiles\2d5krbea.default -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\2d5krbea.default -> Enabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\2d5krbea.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Security Update Tool) - C:\Users\Ryzen\AppData\Roaming\Mozilla\Firefox\Profiles\2d5krbea.default\Extensions\{f819cd6a-0d11-4e67-9a6f-e3bdaf4eee3b}.xpi [2019-08-27]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File]
2019-09-02 21:16 - 2019-09-18 19:23 - 000000000 ____D C:\Users\Ryzen\AppData\Local\Mail.Ru
2019-09-02 21:16 - 2019-09-03 16:54 - 000000000 ____D C:\Users\Ryzen\AppData\Roaming\mfmvlggvyuzx
2019-09-02 21:16 - 2019-09-02 21:17 - 000000000 ____D C:\ProgramData\Mail.Ru
2014-05-09 19:44 - 2009-10-19 06:47 - 000073728 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\foxhhelp9.exe
2014-05-09 19:44 - 2009-10-19 06:48 - 000016384 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\foxhhelpps9.dll
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\SOFTWARE\Policies\Google => removed successfully
HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EA93FA0-6807-4438-8274-F7A95C279334}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Universal Orchestrator Start" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D66D0AB5-14D6-481D-837D-708E24BEE6AB}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\AC Power Download" => not found
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7202f8f4-d373-4b58-9e53-d961b79f316d}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8c9ee129-6f79-4fb8-8497-030297c1ebb2}\\NameServer" => removed successfully
Firefox Proxy settings were reset.
"Firefox HomepageOverride ([email protected]) " => removed successfully
"Firefox NewTabOverride ({a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}) " => removed successfully
C:\Users\Ryzen\AppData\Roaming\Mozilla\Firefox\Profiles\2d5krbea.default\Extensions\{f819cd6a-0d11-4e67-9a6f-e3bdaf4eee3b}.xpi => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9 => removed successfully
C:\Users\Ryzen\AppData\Local\Mail.Ru => moved successfully
C:\Users\Ryzen\AppData\Roaming\mfmvlggvyuzx => moved successfully
C:\ProgramData\Mail.Ru => moved successfully
C:\Program Files (x86)\Common Files\foxhhelp9.exe => moved successfully
C:\Program Files (x86)\Common Files\foxhhelpps9.dll => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2936734617-3609513407-3023620558-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to connect to BITS - 0x8007043c
========= End of CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= End of CMD: =========
========= netsh int ipv4 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
========= netsh int ipv6 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19714552 B
Java, Flash, Steam htmlcache => 422 B
Windows/system/drivers => 11020 B
Edge => 66048 B
Chrome => 21130166 B
Firefox => 60792449 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 59090 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Ryzen => 78349804 B
RecycleBin => 2268078261 B
EmptyTemp: => 2.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:15:42 ====
EStoy probando el equipo en estos instantes, si se vuelve a presentar algun mensaje de infeccion le estare avisando, desde ya le agradezco por tomarse la molestia en ayudarme, mil gracias!!
Hola.
Entendido, comprueba tu equipo durante 24 horas más.
Y de momento , Por Favor, mientras estemos desinfectando/arreglando tu maquina :
No realices pasos/acciones que NOSOTROS no te hayamos indicado.
No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
No instales NADA (programas/software/complementos/extensiones del navegador…)
No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…)
No realices por tu cuenta otros procedimientos.
Usa tu equipo EXCLUSIVAMENTE para desinfectarlo/arreglarlo siguiendo nuestras indicaciones.
Cuando vuelvas y nos comentes los resultados te daremos los últimos pasos que debes hacer con el equipo.
Saludos.