Antes de que nada buenas noches y también me disculpo si es que estoy publicando mi post en el lugar equivocado…Lo siento! Hace como dos días me percate de que quería entrar algún lugar y la página se corregía sola a otra página y me salia un aviso para descargar Utilitool, no lo descargue pero igual eso no es impedimento para que la página se cambie sola y me continúe pidiendo descargar el Utilitool…Cómo puedo hacer para deshacerme de eso? Muchas gracias.
Maibel
Hola @BlueLunita
Bienvenid@ a esta nueva etapa de InfoSpyware!!!
Realiza lo siguiente:
1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.
2.- Descarga, instala y/o actualiza a las siguientes herramientas:
3.- Ejecutas respetando el orden los pasos:
CCleaner
Usando su opción Limpiador de acuerdo su Manual:
Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
NO necesitamos este reporte
AdwCleaner
Lo ejecutas.
ZHPCleaner
Malwarebytes
4.- Nota Importante:
En tu próxima respuesta debes pegar los reportes de AdwCleaner , ZHPCleaner y Malwarebytes.
Guía: [size=2]¿Como Pegar reportes en el Foro?[/size]
Nos comentas.
Salu2
Buenas tardes Sandra y gracias por la pronta repuesta…Hice todo cual usted me indico y aquí le dejo los tres reportes…Yo contaba con CCleaner y Malwarebytes ya que son herramientas de uso diario junto a mi antivirus…
Gracias!
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 4/6/19
Hora del análisis: 13:42
Archivo de registro: 286be182-86f0-11e9-9c74-3c07716f3594.json
-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.10900
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 17763.503)
CPU: x64
Sistema de archivos: NTFS
Usuario: DIVUKITA\noni1
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 298594
Amenazas detectadas: 51
Amenazas en cuarentena: 51
Tiempo transcurrido: 2 min, 28 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 2
PUP.Optional.VideoBrowse, HKU\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|cpobgelohgnelmomlcpfmbjabnefclja, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.PolarityTech.Generic, HKU\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|dopopnpbajbbidkeaghdigfefkenjjmc, En cuarentena, [1754], [603737],1.0.10900
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 13
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\images\icons, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\_metadata, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\scripts, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\images, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\USERS\NONI1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\CPOBGELOHGNELMOMLCPFMBJABNEFCLJA, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\USERS\NONI1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\dopopnpbajbbidkeaghdigfefkenjjmc, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\background, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\_metadata, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\prompt, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\icons, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\USERS\NONI1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\DOPOPNPBAJBBIDKEAGHDIGFEFKENJJMC, En cuarentena, [1754], [603737],1.0.10900
Archivo: 36
PUP.Optional.VideoBrowse, C:\USERS\NONI1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\USERS\NONI1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\USERS\NONI1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\CPOBGELOHGNELMOMLCPFMBJABNEFCLJA\2.0.0_0\MANIFEST.JSON, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\images\icons\128x128.png, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\images\icons\16x16.png, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\images\icons\32x32.png, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\images\icons\64x64.png, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\scripts\background.js, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\scripts\sitecontent.js, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\_metadata\verified_contents.json, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\closer.js, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.VideoBrowse, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja\2.0.0_0\tab.html, En cuarentena, [270], [668566],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dopopnpbajbbidkeaghdigfefkenjjmc\000003.log, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dopopnpbajbbidkeaghdigfefkenjjmc\CURRENT, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dopopnpbajbbidkeaghdigfefkenjjmc\LOCK, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dopopnpbajbbidkeaghdigfefkenjjmc\LOG, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dopopnpbajbbidkeaghdigfefkenjjmc\MANIFEST-000001, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\USERS\NONI1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\USERS\NONI1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\USERS\NONI1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\DOPOPNPBAJBBIDKEAGHDIGFEFKENJJMC\1.0.19.204_0\PROMPT.JS, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\background\ext.js, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\background\index.html, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\background\listeners.js, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\background\search.js, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\background\settings.js, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\background\startup.js, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\icons\128.png, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\icons\16.png, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\icons\32.png, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\icons\48.png, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\prompt\green-up-arrow.png, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\prompt\ok-green-square.png, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\prompt\prompt.js, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\_metadata\verified_contents.json, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\content.js, En cuarentena, [1754], [603737],1.0.10900
PUP.Optional.PolarityTech.Generic, C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc\1.0.19.204_0\manifest.json, En cuarentena, [1754], [603737],1.0.10900
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-04-2019
# Duration: 00:00:04
# OS: Windows 10 Home Single Language
# Cleaned: 8
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\noni1\AppData\Local\Temp\VideoConverter
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\thebrighttag.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted SaveFrom.net helper
Not Deleted SaveFrom.net helper
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1944 octets] - [04/06/2019 13:53:55]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
~ ZHPCleaner v2019.6.1.80 by Nicolas Coolman (2019/06/01)
~ Run by noni1 (Administrator) (04/06/2019 14:40:55)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\noni1\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\noni1\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit (Build 17763)
---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.
---\\ Services (0)
~ No malicious or unnecessary items found.
---\\ Browser internet (0)
~ No malicious or unnecessary items found.
---\\ Hosts file (1)
~ The hosts file is legitimate (26)
---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
---\\ Explorer ( File, Folder) (43)
MOVED file: C:\Users\noni1\AppData\Local\UmmyVideoDownloader\UmmyVideoDownloader.exe [ - UmmyVideoDownloader] =>Adware¨Pirrit
MOVED file: C:\Windows\Installer\wix{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}.SchedServiceConfig.rmi =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}.SchedServiceConfig.rmi =>.SUP.Empty
MOVED file: C:\Users\noni1\Downloads\uTorrent.exe [BitTorrent Inc. - µTorrent] =>BitTorrent (P2P)
MOVED file: C:\Users\noni1\AppData\Local\Temp\aria-debug-11936.log =>.SUP.Temporary.OneDrive
MOVED file^: C:\Users\noni1\AppData\Local\Temp\aria-debug-6580.log =>.SUP.Temporary.OneDrive
MOVED file: C:\Users\noni1\AppData\Local\Temp\mat-debug-14560.log =>.SUP.Temporary.Empty
MOVED file: C:\Users\noni1\AppData\Local\Temp\nsb892F.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\noni1\AppData\Local\Temp\wctBE98.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\noni1\AppData\Local\Temp\wctF80D.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\noni1\AppData\Local\Temp\wctFBC7.tmp =>.SUP.Temporary.Office
MOVED folder: C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpobgelohgnelmomlcpfmbjabnefclja =>PUP.Optional.DefaultSearch
MOVED folder: C:\Users\noni1\AppData\Local\UmmyVideoDownloader =>Adware¨Pirrit
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader =>Adware¨Pirrit
MOVED folder: C:\Users\noni1\AppData\Local\Temp\scoped_dir3408_24318 =>.SUP.Temporary.Steam
MOVED folder: C:\Users\noni1\AppData\Local\{0F376500-DFBE-47DE-A1F0-B86761A82BF2} =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI2A1.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI490D.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI5148.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI542.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI55EF.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI5E70.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI617C.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI69AB.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI6F39.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI81C5.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI8672.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI8CB.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI8EFF.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI9A5E.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSI9FA0.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSIA9EF.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSIB82D.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSIBFA.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSIC105.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSIC684.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSID0A5.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSID72.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSIDA45.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSIDBD6.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSIDD0F.tmp- =>.SUP.Empty
MOVED folder: C:\WINDOWS\Installer\MSIF414.tmp- =>.SUP.Empty
MOVED folder: C:\Users\noni1\AppData\LocalLow\Apple Computer =>.SUP.Empty
---\\ Registry ( Key, Value, Data) (7)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1 [UmmyVideoDownloader] =>Adware¨Pirrit
DELETED key*: HKEY_USERS\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\Magicbit [] =>.SUP.Magicbit
DELETED key**: HKCU\Software\Magicbit [] =>.SUP.Magicbit
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\076BBDED335E3BB41980EEE84CE0E8CC [C:\Program Files (x86)\Brother\iPrint&Scan\Converter\lib\CSDK\XISPNP.BIN] =>.SUP.Trotux
DELETED value: HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\[email protected] [C:\Users\noni1\AppData\Roaming\Mozilla\Firefox\Profiles\i6emirsr.default\extensions\staged\[email protected]] =>.SUP.BrowserExtension
DELETED value: HKLM64\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] [C:\Users\noni1\AppData\Roaming\Mozilla\Firefox\Profiles\i6emirsr.default\extensions\staged\[email protected]] =>.SUP.BrowserExtension
---\\ Summary of the elements found (11)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Adware¨Pirrit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.OneDrive
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Office
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.DefaultSearch
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Steam
https://nicolascoolman.eu/2017/12/23/sup-magicbit/ =>.SUP.Magicbit
https://nicolascoolman.eu/2017/03/14/superfluous-trotux/ =>.SUP.Trotux
https://nicolascoolman.eu/2017/10/05/sup-browserextension/ =>.SUP.BrowserExtension
---\\ Other deletions. (4)
~ Registry Keys Tracing deleted (4)
~ Remove the old reports ZHPCleaner. (0)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 2571
~ Items found : 0
~ Items cancelled : 0
~ Items options : 12/12
~ Space saving (bytes) : 40423
~ End of clean in 00h00mn34s
---\\ Reports (4)
ZHPCleaner-[R]-04062019-14_15_39.txt
ZHPCleaner-[S]-04062019-14_14_16.txt
ZHPCleaner-[S]-04062019-14_38_59.txt
ZHPCleaner-[R]-04062019-14_41_29.txt
Hola @BlueLunita
Has olvidado comentar como siguió el problema???
Realiza lo siguiente:
1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.
2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?
Guía: Como Ejecutar FRST
3.- En tu próxima respuesta, pega los reportes generados.
Guía : ¿Como Pegar reportes en el Foro?
Esperamos esos reporte.
Salu2
Buenas tardes Sandra y disculpa que olvidara comentar sobre si se había solucionado el problema o no después de realizar todo lo que usted me dijo que hiciera…Todo indica que se arreglo el problema ya que no me a aparecido más ese molesto mensaje de descargar esa aplicación…Aquí le dejo el reporte de First…Muchas gracias por la ayuda…Me tocó partir en dos el reporte por lo grande de resultado…Disculpe…
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-06-2019 01
Ran by noni1 (administrator) on DIVUKITA (Sony Corporation SVF15A16CXB) (05-06-2019 13:50:47)
Running from C:\Users\noni1\Desktop
Loaded Profiles: noni1 (Available Profiles: noni1)
Platform: Windows 10 Home Single Language Version 1809 17763.503 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19051.545.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(FastPCTools -> FastPcTools) C:\Program Files (x86)\FastPcTools\Fast VD\FastVD.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Malwarebytes Corporation -> Malwarebytes) C:\ProgramData\MB3Install\MBAMIService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\noni1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.1.50\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.1.50\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.1.50\nsWscSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-05-07] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4810224 2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [86120 2018-11-14] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\RunOnce: [ZHPCleaner_File1] => CMD /c DEL "C:\Users\noni1\AppData\Local\Temp\aria-debug-6580.log" /F /Q <==== ATTENTION
HKLM\...\RunOnce: [ZHPCleaner] => C:\Users\noni1\AppData\Roaming\ZHP\ZHPCleaner.txt [7076 2019-06-04] () [File not signed]
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198512 2019-04-27] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30919232 2019-03-19] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\...\Run: [FastVD] => C:\Program Files (x86)\FastPcTools\Fast VD\FastVD.exe [1812680 2019-05-15] (FastPCTools -> FastPcTools)
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-05-08] (Apple Inc. -> Apple Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01802FB0-E04E-476E-A86F-65291B0BE6F2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149520 2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {0826D698-4C2D-4533-BEBC-952760860DDC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {149A0B36-525D-4539-AFE7-34D9B32D38C4} - System32\Tasks\Norton Security with Backup\Norton Security Online Error Processor => C:\Program Files\Norton Security\Engine\22.17.1.50\SymErr.exe [101392 2019-04-22] (Symantec Corporation -> Symantec Corporation)
Task: {18860FBF-F0A9-4538-BE75-36214D89C6C5} - System32\Tasks\PowerEngagePatch => msiexec /p "C:\Program Files (x86)\PowerENGAGE\patches\PowerENGAGE-3.2.13-3.2.16.msp" /norestart /qn /quiet
Task: {30D173E3-7707-44B3-8EB1-0F11BFE3BC70} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-15] (Adobe Inc. -> Adobe)
Task: {37C1EAF4-F010-4B8A-9766-3083F44EF504} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166344 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3AC2F199-9B6C-4DDC-BA2E-9499015916C0} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {438C7E30-35D0-416F-8F2D-9AAF3F41E325} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2019-03-19] (Garmin International, Inc. -> )
Task: {47061102-0AC3-457A-8601-D4D56E09091B} - System32\Tasks\Norton Security with Backup\Norton Security Online Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.1.50\SymErr.exe [101392 2019-04-22] (Symantec Corporation -> Symantec Corporation)
Task: {488FC6A0-6362-48B6-92BA-41E697FB8842} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5E814190-F62A-433F-9188-7A01C958B5C1} - System32\Tasks\Norton Security with Backup\Norton Security Online Autofix => C:\Program Files\Norton Security\Engine\22.17.1.50\SymErr.exe [101392 2019-04-22] (Symantec Corporation -> Symantec Corporation)
Task: {725037B2-72D6-444D-926C-CEFAF6B500CE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364808 2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B6A6A44-E02A-4260-AB58-4D30150399D2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209368 2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {8AF3E865-B712-4BC8-BAC0-EB7266EA6AAE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8B8F5BA7-648B-4A81-9434-2C475CC78FB5} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {3489607F-EB88-42BC-AA2E-1A84E077F29A} /quiet /qn
Task: {8B8F5BA7-648B-4A81-9434-2C475CC78FB5} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {9A753EB2-5185-4668-91A8-E98A56892A24} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {ACCB8584-D938-492C-8AAF-31D910E3DD48} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364808 2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2D97E09-C1DA-41C7-BC4E-10FA47EF351D} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Online\Upgrade.exe [2226856 2019-04-22] (Symantec Corporation -> Symantec Corporation)
Task: {C9B5C58E-D6E4-4C34-92F7-BEC6EA14F304} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-15] (Adobe Inc. -> Adobe)
Task: {CA3AA52F-7509-4E26-BB3A-93F4ADBFD1C5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-15] (Adobe Inc. -> Adobe)
Task: {CC6F100F-5FEB-4FDC-94F0-B209E9D0AC9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-04] (Google Inc -> Google LLC)
Task: {CED81C5A-0B0E-4E06-AAD1-BEE8858BB65D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209368 2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D7DA72E5-D225-4680-A13E-5670ABB18F2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-04] (Google Inc -> Google LLC)
Task: {D8EC8624-9B43-4D1E-BB7F-2E5425BB950E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149520 2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBB35525-7978-4D0F-B5A0-4E121C037AEB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2484808343-1893561251-184537493-1001UA => C:\Users\noni1\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {EE7B88B1-AB48-4C5D-B16A-CF65A7C07079} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166344 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5E6D7C4-50D6-41EC-AF4E-7EAD8357531F} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.1.50\WSCStub.exe [2226856 2019-04-22] (Symantec Corporation -> Symantec Corporation)
Task: {F6CA3040-16B1-420E-B3BD-8ED6D7C0F473} - System32\Tasks\FastVD_UpdateSchedule => C:\Program Files (x86)\FastPcTools\Fast VD\FastVD.exe [1812680 2019-05-15] (FastPCTools -> FastPcTools)
Task: {F875A98D-17AD-486F-9E95-B2D694D8B90F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2484808343-1893561251-184537493-1001Core => C:\Users\noni1\AppData\Local\Google\Update\GoogleUpdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9c46d979-cb18-4ef9-ba26-35b0dce2a413}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2484808343-1893561251-184537493-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2484808343-1893561251-184537493-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2484808343-1893561251-184537493-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=1122&geo=US&ver=22.17.1.50&locale=en_US&guid=801DBE4C-E7AE-469C-837C-92BE44A15A21&doi=2016-09-01&gct=kwd&qsrc=2869
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.1.50\coIEPlg.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.1.50\coIEPlg.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.1.50\coIEPlg.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.1.50\coIEPlg.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKU\S-1-5-21-2484808343-1893561251-184537493-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2484808343-1893561251-184537493-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.1.50\coIEPlg.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: i6emirsr.default
FF ProfilePath: C:\Users\noni1\AppData\Roaming\Mozilla\Firefox\Profiles\i6emirsr.default [2019-06-05]
FF Homepage: Mozilla\Firefox\Profiles\i6emirsr.default -> Google.com
FF Extension: (uBlock Origin) - C:\Users\noni1\AppData\Roaming\Mozilla\Firefox\Profiles\i6emirsr.default\Extensions\[email protected] [2019-06-03]
FF SearchPlugin: C:\Users\noni1\AppData\Roaming\Mozilla\Firefox\Profiles\i6emirsr.default\searchplugins\bing-lavasoft-ff59.xml [2019-06-03]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-02-18]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-15] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-15] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://www.ficlab.com/favicon.ico
CHR DefaultSearchKeyword: Default -> VideoBrowse Search
CHR DefaultSuggestURL: Default -> hxxps://suggest.video-browse.com/suggest/get?q={searchTerms}
CHR Profile: C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default [2019-06-05]
CHR Extension: (Google Translate) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2019-04-16]
CHR Extension: (Slides) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-04]
CHR Extension: (FicLab - Download fanficton in ePub, ...) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\animioedpiadmmjelknniddfjcnadedo [2019-04-04]
CHR Extension: (Docs) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-04]
CHR Extension: (Google Drive) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-04]
CHR Extension: (YouTube) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-04]
CHR Extension: (FanFictionDownloader) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbfljoioekipmiaadcdmcdcjgnjdhkkl [2019-04-04]
CHR Extension: (Download Manager) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\daoidaoebhfcgccdpgjjcbdginkofmfe [2019-04-04]
CHR Extension: (mp10search) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopopnpbajbbidkeaghdigfefkenjjmc [2019-06-04]
CHR Extension: (Adobe Acrobat) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-03]
CHR Extension: (Norton Safe Search) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogpedgkejfmehnklhahflpmplhiceal [2019-04-04]
CHR Extension: (Sheets) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-04]
CHR Extension: (iCloud Bookmarks) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2019-06-02]
CHR Extension: (Norton Safe Web) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2019-06-04]
CHR Extension: (Google Docs Offline) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-04]
CHR Extension: (Spell Checker for Chrome) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg [2019-04-16]
CHR Extension: (MeddleMonkey) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihledlmchhofenpacbhphnbnpakgmo [2019-06-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-04]
CHR Extension: (FicLab Helper) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\obbeehkplijogilkjkpkicnanojdckoi [2019-04-04]
CHR Extension: (Gmail) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\noni1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.17.1.50\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [moihledlmchhofenpacbhphnbnpakgmo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.17.1.50\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11145800 2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 MBAMIService; C:\ProgramData\MB3Install\MBAMIService.exe [230096 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.1.50\NortonSecurity.exe [225608 2019-04-22] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.1.50\nsWscSvc.exe [935248 2019-04-22] (Symantec Corporation -> Symantec Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-04-16] (Microsoft) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830128 2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-04-16] (Microsoft) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation -> Broadcom Corporation)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.15.0.88\Definitions\BASHDefs\20190603.005\BHDrvx64.sys [1934048 2019-04-01] (Symantec Corporation -> Symantec Corporation)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [188160 2015-03-27] (Broadcom Corporation -> Broadcom Corporation.)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611010.032\ccSetx64.sys [192704 2019-04-22] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2018-11-13] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153296 2019-04-04] (Symantec Corporation -> Symantec Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.15.0.88\Definitions\IPSDefs\20190604.061\IDSvia64.sys [1441800 2019-04-18] (Symantec Corporation -> Symantec Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-04] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1611010.032\SRTSP64.SYS [864480 2019-04-22] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1611010.032\SRTSPX64.SYS [49888 2019-04-22] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1611010.032\SYMEFASI64.SYS [1998552 2019-04-22] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1611010.032\SymELAM.sys [25744 2019-04-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-04-04] (Symantec Corporation -> Symantec Corporation)
S4 SymEvnt; C:\Program Files\Norton Security\NortonData\22.15.0.88\SymPlatform\SymEvnt.sys [709128 2019-05-20] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1611010.032\Ironx64.SYS [315912 2019-04-22] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1611010.032\symnets.sys [573448 2019-04-22] (Symantec Corporation -> Symantec Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2019-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611010.032\wpCtrlDrv.sys [1012120 2019-04-22] (Symantec Corporation -> Symantec Corporation)
S1 lovvwiku; \??\C:\WINDOWS\system32\drivers\lovvwiku.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-05 13:50 - 2019-06-05 13:52 - 000044050 _____ C:\Users\noni1\Desktop\FRST.txt
2019-06-05 13:50 - 2019-06-05 13:50 - 000000000 ____D C:\FRST
2019-06-05 13:47 - 2019-06-05 13:47 - 000000000 ____D C:\Users\noni1\AppData\Local\CrashDumps
2019-06-05 13:46 - 2019-06-05 13:48 - 002417664 _____ (Farbar) C:\Users\noni1\Desktop\FRST64.exe
2019-06-05 13:45 - 2019-06-05 13:45 - 002417664 _____ (Farbar) C:\Users\noni1\Downloads\Unconfirmed 757301.crdownload
2019-06-04 19:04 - 2019-06-04 19:04 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-06-04 14:55 - 2019-06-04 14:55 - 000006912 _____ C:\Users\noni1\Desktop\startup.txt
2019-06-04 14:47 - 2019-06-04 14:47 - 021315608 _____ (Piriform Software Ltd) C:\Users\noni1\Downloads\ccsetup557.exe
2019-06-04 14:43 - 2019-06-04 14:43 - 000007098 _____ C:\Users\noni1\Desktop\ZHPCleaner Report.txt
2019-06-04 14:41 - 2019-06-04 14:41 - 000007076 _____ C:\Users\noni1\Desktop\ZHPCleaner (R).txt
2019-06-04 14:38 - 2019-06-04 14:38 - 000006833 _____ C:\Users\noni1\Desktop\ZHPCleaner (S).txt
2019-06-04 14:26 - 2019-06-04 14:26 - 003146624 _____ (Nicolas Coolman) C:\Users\noni1\Downloads\ZHPCleaner.exe
2019-06-04 14:02 - 2019-06-04 14:02 - 000001962 _____ C:\Users\noni1\Desktop\AdwCleaner[C00].txt
2019-06-04 13:57 - 2019-06-04 13:57 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-06-04 13:51 - 2019-06-04 13:52 - 007025360 _____ (Malwarebytes) C:\Users\noni1\Desktop\adwcleaner_7.3.exe
2019-06-04 13:48 - 2019-06-04 13:48 - 000011684 _____ C:\Users\noni1\Desktop\Malwarebytes.txt
2019-06-04 13:34 - 2019-06-04 13:56 - 000000000 ____D C:\AdwCleaner
2019-06-04 13:33 - 2019-06-04 13:33 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-04 13:33 - 2019-06-04 13:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-04 13:33 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-06-04 13:33 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-06-04 13:32 - 2019-06-04 14:41 - 000000000 ____D C:\Users\noni1\AppData\Roaming\ZHP
2019-06-04 13:32 - 2019-06-04 14:28 - 000000875 _____ C:\Users\noni1\Desktop\ZHPCleaner.lnk
2019-06-04 13:32 - 2019-06-04 13:32 - 000000000 ____D C:\Users\noni1\AppData\Local\ZHP
2019-06-04 10:54 - 2019-06-04 10:55 - 063633664 _____ (Malwarebytes ) C:\Users\noni1\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10880.exe
2019-06-04 10:36 - 2019-06-04 10:36 - 000000000 ___HD C:\OneDriveTemp
2019-06-04 01:14 - 2019-06-04 01:14 - 000000000 ____D C:\ProgramData\MB3Install
2019-06-03 21:31 - 2019-06-03 21:31 - 000000000 ____D C:\Users\noni1\AppData\Local\ElevatedDiagnostics
2019-06-03 18:26 - 2019-06-04 13:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-03 18:26 - 2019-06-03 18:26 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-03 15:38 - 2019-06-03 21:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-03 15:37 - 2019-06-03 15:37 - 000000000 ____D C:\Users\noni1\.fontconfig
2019-06-03 15:36 - 2019-06-03 15:36 - 000000000 ____D C:\Users\noni1\AppData\Local\Movavi
2019-06-03 15:36 - 2019-06-03 15:36 - 000000000 ____D C:\Users\noni1\AppData\Local\CrashRpt
2019-06-03 15:36 - 2019-06-03 15:36 - 000000000 ____D C:\Users\noni1\AppData\Local\ConverterAgent
2019-06-03 15:36 - 2019-06-03 15:36 - 000000000 ____D C:\Users\noni1\AppData\Local\converter
2019-06-03 15:35 - 2019-06-03 15:35 - 000004983 _____ C:\ProgramData\yubhinti.sju
2019-06-03 15:35 - 2019-06-03 15:35 - 000000016 _____ C:\ProgramData\mntemp
2019-06-03 15:35 - 2019-06-03 15:35 - 000000000 ____D C:\ProgramData\movavi
2019-06-03 12:14 - 2019-06-03 12:14 - 000011816 _____ C:\Users\noni1\Downloads\1208c6c7d231eb6261a5da00b4116e0d8f81ded1.torrent
2019-06-03 12:12 - 2019-06-03 12:12 - 000020194 _____ C:\Users\noni1\Downloads\197ef50e094bfc0901851df63ce5cf4a2b039dc0.torrent
2019-06-03 10:55 - 2019-06-04 14:50 - 000000000 ____D C:\Users\noni1\AppData\Roaming\uTorrent
2019-06-03 10:55 - 2019-06-03 10:55 - 000000876 _____ C:\Users\noni1\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-06-03 10:50 - 2019-06-04 14:53 - 000000000 ____D C:\Users\noni1\Documents\CC-Reg Files
2019-06-03 03:22 - 2019-06-03 13:25 - 578464315 _____ C:\Users\noni1\Downloads\Ghost (1990) [Worldfree4u.link] 720p BluRay x264 ESub [Dual Audio] [Hindi DD 2.0 + English DD 2.0].mkv
2019-06-03 02:51 - 2019-06-03 02:51 - 000000000 ____D C:\Users\noni1\Downloads\Vero Wang
2019-06-03 02:49 - 2019-06-03 06:32 - 000000000 ____D C:\Users\noni1\Downloads\Canciones Infantiles
2019-06-03 02:47 - 2019-06-03 02:47 - 000000017 _____ C:\Users\noni1\Desktop\Worldfree4u.trade.txt
2019-06-03 02:07 - 2019-06-03 02:33 - 1089478510 ____R C:\Users\noni1\Desktop\Hunter Killer.mkv
2019-06-03 01:55 - 2019-06-03 02:05 - 1030287892 _____ C:\Users\noni1\Downloads\Kung Pow Enter The Fist (2002) [Worldfree4u.trade] UNCUT 1080p HDRip x264 [Dual Audio] [Hindi DD 2.0 + English DD 5.1].mkv
2019-06-03 01:08 - 2019-06-03 05:42 - 1492275200 _____ C:\Users\noni1\Desktop\Made In Heaven.avi
2019-06-02 23:46 - 2019-06-04 14:01 - 000000000 ___RD C:\Users\noni1\iCloudDrive
2019-06-02 23:46 - 2019-06-02 23:46 - 000000000 ____D C:\Users\noni1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2019-06-02 23:46 - 2019-06-02 23:46 - 000000000 ____D C:\Users\noni1\AppData\Local\Apple Inc
2019-06-02 23:45 - 2019-06-04 11:34 - 000000000 ____D C:\Users\noni1\Documents\Outlook Files
2019-06-02 23:45 - 2019-06-02 23:46 - 000000000 ____D C:\Users\noni1\AppData\Local\F42F90D3-FB43-4B3A-93FC-B49CC053D588.aplzod
2019-06-02 21:47 - 2019-06-02 22:09 - 135301367 _____ C:\Users\noni1\Downloads\www.NewAlbumReleases.net_Sound_Of_Peace_-_Sounds_Of_Peace_(2019).rar
2019-06-02 21:14 - 2019-06-02 21:14 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-06-02 21:14 - 2019-06-02 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-06-02 21:14 - 2019-06-02 21:14 - 000000000 ____D C:\Program Files\iPod
2019-06-02 21:13 - 2019-06-02 21:14 - 000000000 ____D C:\Program Files\iTunes
2019-06-02 21:08 - 2019-06-03 12:18 - 000000000 ____D C:\Users\noni1\AppData\Local\Apple Computer
2019-06-02 21:08 - 2019-06-02 21:08 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2019-06-02 21:08 - 2019-06-02 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-06-02 21:08 - 2019-06-02 21:08 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2019-06-02 20:15 - 2019-06-04 01:06 - 000000000 ____D C:\Users\noni1\AppData\LocalLow\uTorrent
2019-06-01 21:56 - 2019-06-01 21:57 - 006953256 _____ (SaveFrom.net ) C:\Users\noni1\Downloads\SFHelper-Setup-[bfd2c51fa3f2b382#300#].exe
2019-06-01 20:29 - 2019-06-01 21:26 - 000000000 ____D C:\Users\noni1\Desktop\Música Pa El Cl
2019-06-01 00:51 - 2019-06-01 00:51 - 000003340 _____ C:\WINDOWS\System32\Tasks\FastVD_UpdateSchedule
2019-06-01 00:51 - 2019-06-01 00:51 - 000001213 _____ C:\Users\Public\Desktop\Fast Video Downloader.lnk
2019-06-01 00:51 - 2019-06-01 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast VD
2019-06-01 00:51 - 2019-06-01 00:51 - 000000000 ____D C:\Program Files (x86)\FastPcTools
2019-06-01 00:28 - 2019-06-01 00:28 - 000000000 ____D C:\Users\noni1\AppData\Local\mbam
2019-06-01 00:27 - 2019-06-01 00:27 - 000000000 ____D C:\Users\noni1\AppData\Local\mbamtray
2019-06-01 00:02 - 2019-06-01 00:02 - 000000505 _____ C:\Users\noni1\Desktop\Programs and Features - Shortcut.lnk
2019-05-31 12:25 - 2019-06-01 01:06 - 000000000 ____D C:\Users\noni1\AppData\Local\FastVD
2019-05-31 11:56 - 2019-05-31 12:02 - 006972148 _____ C:\Users\noni1\Desktop\Sanet.st_Medical Medium Celery Juice - Anthony William.epub
2019-05-31 09:01 - 2011-11-26 14:35 - 000000111 _____ C:\Users\noni1\Desktop\New Album Releases.url
2019-05-31 07:44 - 2019-05-31 07:44 - 000000964 _____ C:\Users\Public\Desktop\Brother iPrint&Scan.lnk
2019-05-31 01:08 - 2019-06-04 01:19 - 000000000 ____D C:\Users\noni1\Downloads\APP
2019-05-31 00:16 - 2019-05-31 00:16 - 000000000 ____D C:\Users\noni1\AppData\Local\DeepBlue.Update
2019-05-31 00:15 - 2019-05-31 00:17 - 000000000 ____D C:\Users\noni1\AppData\Local\DisorderedAuriculahpgInstaller
2019-05-31 00:15 - 2019-05-31 00:16 - 000000000 ____D C:\Users\noni1\AppData\Local\CitrusCompleteingUpgrade
2019-05-31 00:14 - 2019-06-03 06:53 - 000000000 ____D C:\Users\noni1\AppData\Roaming\MediaPlayer10
2019-05-31 00:14 - 2019-05-31 00:14 - 000000000 ____D C:\Program Files (x86)\CodeTechno
2019-05-26 01:04 - 2019-05-26 01:04 - 000000000 ____D C:\Users\noni1\AppData\Local\BitTorrentHelper
2019-05-24 10:18 - 2019-05-24 22:56 - 000000000 ____D C:\WINDOWS\Minidump
2019-05-24 00:32 - 2019-05-24 00:32 - 000000018 _____ C:\Users\noni1\Desktop\CM.txt
2019-05-21 00:11 - 2019-03-05 10:01 - 000000119 _____ C:\Users\noni1\Desktop\Accesa Ya!.url
2019-05-20 22:30 - 2019-05-20 22:30 - 000000000 ____D C:\N360_BACKUP
2019-05-19 21:43 - 2019-05-19 21:43 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 019022336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 006072320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 004660736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 003905536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-19 21:43 - 2019-05-19 21:43 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-19 21:43 - 2019-05-19 21:43 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-19 21:43 - 2019-05-19 21:43 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-19 21:42 - 2019-05-19 21:43 - 026807808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 023438848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-19 21:42 - 2019-05-19 21:42 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 007879680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 005498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-05-19 21:42 - 2019-05-19 21:42 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-19 21:42 - 2019-05-19 21:42 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-19 21:42 - 2019-05-19 21:42 - 002780000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-19 21:42 - 2019-05-19 21:42 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 001699496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-19 21:42 - 2019-05-19 21:42 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 001470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-19 21:42 - 2019-05-19 21:42 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 001342608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-19 21:42 - 2019-05-19 21:42 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-19 21:42 - 2019-05-19 21:42 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-19 21:42 - 2019-05-19 21:42 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-19 21:42 - 2019-05-19 21:42 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000586280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-05-19 21:42 - 2019-05-19 21:42 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-19 21:42 - 2019-05-19 21:42 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-19 21:42 - 2019-05-19 21:42 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-19 21:42 - 2019-05-19 21:42 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 002708480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-19 21:41 - 2019-05-19 21:41 - 001253904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-19 21:41 - 2019-05-19 21:41 - 001225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-19 21:41 - 2019-05-19 21:41 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-19 21:41 - 2019-05-19 21:41 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-19 21:41 - 2019-05-19 21:41 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-19 21:41 - 2019-05-19 21:41 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-19 21:41 - 2019-05-19 21:41 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-19 21:41 - 2019-05-19 21:41 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-19 21:41 - 2019-05-19 21:41 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-19 21:41 - 2019-05-19 21:41 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-19 21:41 - 2019-05-19 21:41 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-19 21:41 - 2019-05-19 21:41 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-19 21:41 - 2019-05-19 21:41 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-19 21:41 - 2019-05-19 21:41 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-19 21:41 - 2019-05-19 21:41 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-19 21:41 - 2019-05-19 21:41 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-19 21:41 - 2019-05-19 21:41 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-19 21:41 - 2019-05-19 21:41 - 000090640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 000080184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-19 21:41 - 2019-05-19 21:41 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-19 21:41 - 2019-05-19 21:41 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-19 21:41 - 2019-05-19 21:41 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-05-19 21:41 - 2019-05-19 21:41 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-05-19 21:41 - 2019-05-19 21:41 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-05-19 21:41 - 2019-05-19 21:41 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-05-19 21:41 - 2019-05-19 21:41 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-05-19 21:41 - 2019-05-19 21:41 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-05-19 21:41 - 2019-05-19 21:41 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-05-19 21:41 - 2019-05-19 21:41 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-05-06 22:43 - 2019-05-24 11:26 - 000001083 _____ C:\Users\noni1\Desktop\TagScanner.lnk
2019-05-06 22:43 - 2019-05-24 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner
2019-05-06 22:43 - 2019-05-24 11:26 - 000000000 ____D C:\Program Files (x86)\TagScanner
2019-05-06 22:43 - 2019-05-06 22:43 - 000000000 ____D C:\Users\noni1\AppData\Roaming\TagScanner
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-05 13:49 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-05 13:49 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-05 13:46 - 2019-04-05 16:48 - 000004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DDDAB6C9-0145-49BC-9002-49F5E7142E03}
2019-06-05 13:46 - 2019-04-04 21:38 - 000002940 _____ C:\WINDOWS\System32\Tasks\PowerEngagePatch
2019-06-05 13:45 - 2019-04-04 15:37 - 000000000 ____D C:\Program Files (x86)\PowerENGAGE
2019-06-05 13:42 - 2019-04-04 02:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-05 01:19 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-04 22:00 - 2019-05-03 23:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2019-06-04 14:50 - 2018-09-15 03:31 - 000000000 ____D C:\WINDOWS\INF
2019-06-04 14:47 - 2019-04-04 05:48 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-04 14:47 - 2019-04-04 05:48 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-04 14:47 - 2019-04-04 05:48 - 000000000 ____D C:\Program Files\CCleaner
2019-06-04 14:01 - 2019-04-04 00:42 - 000000000 ___RD C:\Users\noni1\OneDrive
2019-06-04 14:00 - 2019-04-04 00:39 - 000000000 __SHD C:\Users\noni1\IntelGraphicsProfiles
2019-06-04 13:57 - 2019-04-04 02:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-04 13:56 - 2018-09-15 02:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-04 13:33 - 2018-09-15 03:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-04 11:34 - 2019-04-04 03:19 - 000860272 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-04 01:00 - 2019-04-04 07:17 - 000000000 ____D C:\Users\noni1\AppData\LocalLow\Mozilla
2019-06-03 21:59 - 2019-04-04 00:56 - 000000000 ____D C:\ProgramData\Packages
2019-06-03 21:52 - 2019-04-06 18:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-03 19:09 - 2019-04-06 18:45 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-03 18:39 - 2018-09-15 02:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-06-03 15:37 - 2019-04-04 00:36 - 000000000 ____D C:\Users\noni1
2019-06-03 12:18 - 2019-04-04 22:26 - 000000000 ____D C:\Users\noni1\AppData\Roaming\Apple Computer
2019-06-03 06:36 - 2019-04-06 00:11 - 000000000 ____D C:\Users\noni1\AppData\Roaming\vlc
2019-06-02 21:08 - 2019-04-04 22:23 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2019-06-02 21:08 - 2019-04-04 22:22 - 000000000 ____D C:\Program Files\Common Files\Apple
2019-06-02 20:33 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-02 20:29 - 2019-04-04 02:25 - 000000000 ____D C:\Program Files\Microsoft Office
2019-06-01 18:30 - 2019-04-04 15:19 - 000000000 ____D C:\Program Files (x86)\Brother
2019-06-01 18:29 - 2019-04-04 15:24 - 000000000 ____D C:\Program Files (x86)\Browny02
2019-06-01 18:29 - 2019-04-04 15:19 - 000000000 ____D C:\ProgramData\Brother
2019-06-01 18:28 - 2018-09-15 03:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-01 18:10 - 2019-04-04 15:25 - 000000000 ____D C:\Program Files (x86)\PC-FAXReceive
2019-06-01 18:09 - 2019-04-04 15:23 - 000000000 ____D C:\ProgramData\ControlCenter4
2019-06-01 18:09 - 2019-04-04 15:23 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2019-06-01 18:08 - 2019-04-04 15:37 - 000003642 _____ C:\WINDOWS\System32\Tasks\PowerENGAGE
2019-06-01 18:06 - 2019-04-04 15:26 - 000002121 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2019-05-31 22:47 - 2019-04-04 00:42 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2484808343-1893561251-184537493-1001
2019-05-31 22:46 - 2019-04-04 00:36 - 000002363 _____ C:\Users\noni1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-31 07:45 - 2019-04-04 15:22 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-31 07:44 - 2019-04-04 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2019-05-31 01:09 - 2019-04-06 18:48 - 000000000 ____D C:\Users\noni1\Desktop\FanFictionDownloader
2019-05-21 23:30 - 2019-04-04 00:53 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 23:30 - 2019-04-04 00:53 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-21 02:07 - 2019-04-04 02:48 - 000457960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-21 02:01 - 2018-09-15 03:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-21 02:01 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-15 10:56 - 2018-09-15 03:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-15 10:56 - 2018-09-15 03:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-15 10:55 - 2019-04-04 03:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 10:42 - 2019-04-04 02:55 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-15 10:42 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-05-15 10:41 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-15 10:39 - 2019-04-04 03:37 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-15 10:20 - 2019-04-04 00:53 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 10:20 - 2019-04-04 00:53 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-15 10:19 - 2019-04-06 20:19 - 000004574 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-13 21:38 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-07 22:42 - 2019-04-04 00:39 - 000000000 ____D C:\Users\noni1\AppData\Local\Packages
2019-05-06 23:09 - 2019-05-04 02:01 - 000000000 ____D C:\Users\noni1\AppData\Roaming\Mp3tag
==================== Files in the root of some directories =======
2019-04-04 03:32 - 2019-04-04 03:32 - 000000410 _____ () C:\Users\noni1\AppData\Local\oobelibMkey.log
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================Mis disculpas no me percate que había dejado uno fuera, aquí lo tiene… Gracias.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-06-2019 01
Ran by noni1 (05-06-2019 13:53:02)
Running from C:\Users\noni1\Desktop
Windows 10 Home Single Language Version 1809 17763.503 (X64) (2019-04-04 07:30:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2484808343-1893561251-184537493-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2484808343-1893561251-184537493-503 - Limited - Disabled)
Guest (S-1-5-21-2484808343-1893561251-184537493-501 - Limited - Disabled)
noni1 (S-1-5-21-2484808343-1893561251-184537493-1001 - Administrator - Enabled) => C:\Users\noni1
WDAGUtilityAccount (S-1-5-21-2484808343-1893561251-184537493-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Online (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Online (Disabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
ANT Drivers Installer x64 (HKLM\...\{6AE0802A-390F-4A82-B58B-A7F37F1FD82E}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{EF7AC07F-8DC8-4446-918B-3FD544496894}) (Version: 2.0.10.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{0473af6f-6d5b-448f-8410-50c98e43ed00}) (Version: 4.3.1.1 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{F9F653E2-4490-471B-BF2C-A8CFF2C68AED}) (Version: 4.3.1.1 - Brother Industries, Ltd.) Hidden
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{0F6B8799-05C1-44C3-B6BE-CAC670D40E4A}) (Version: 1.0.4.4 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{3CE8B8E8-B33B-453C-BB7A-821ED6E18A24}) (Version: 1.0.27 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{113D31E0-0791-4654-9000-5F77221E99F7}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{F921362C-796E-4BC7-9385-86CED819E73D}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{85B3C0BD-7326-4860-9471-A5D97A1F7D59}) (Version: 1.0.19.0 - Brother Industries Ltd.) Hidden
calibre 64bit (HKLM\...\{8C83C594-266D-4965-A44D-F4B84BBD9835}) (Version: 3.40.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Elevated Installer (HKLM-x32\...\{486DCE02-1FB0-4962-9CB3-4265F2D49126}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
FanFictionDownloader version 0.9.1.0 (HKLM-x32\...\{1D868954-1083-4BBA-8379-C7A9B2705CBA}_is1) (Version: 0.9.1.0 - Raimond Eisele)
Fast VD 3.1.0.29 (HKLM-x32\...\9ED08AFF-E977-47db-8923-2499D74C97C5_Fast VD_is1) (Version: 3.1.0.29 - FastPcTools)
Garmin Express (HKLM-x32\...\{A05A8CFE-F458-4731-BD47-01C675E8944C}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{b347cf7c-d07d-417b-b26a-8d6a851f696d}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
iCloud (HKLM\...\{DA6D808E-3629-4933-8FB3-583F9BCB0DEF}) (Version: 7.12.0.14 - Apple Inc.)
iTunes (HKLM\...\{A8AF3EF8-5010-4A92-BCCA-90F62A7D62B8}) (Version: 12.9.5.7 - Apple Inc.)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\Proplus2019Retail - en-us) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2484808343-1893561251-184537493-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 en-US) (HKLM\...\Mozilla Firefox 67.0 (x64 en-US)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.2 - Mozilla)
Mp3tag v2.95 (HKLM-x32\...\Mp3tag) (Version: 2.95 - Florian Heidenreich)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Norton Security Online (HKLM-x32\...\NGC) (Version: 22.17.1.50 - Symantec Corporation)
Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
PC-FAXReceive (HKLM-x32\...\{DE8708D3-A79A-46ED-BCB4-3B2F01321704}) (Version: 1.7.5.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{03BF5A21-6363-410C-B3BE-0946B0012704}) (Version: 3.7.3.1 - Brother Industries Ltd.) Hidden
PowerENGAGE (HKLM-x32\...\{3489607F-EB88-42BC-AA2E-1A84E077F29A}) (Version: 3.2.15 - Aviata, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{B14AD0FC-6ED6-4596-B379-24DC590855AC}) (Version: 3.9.3.1 - Brother Industries Ltd.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
SoftwareUpdateNotification (HKLM-x32\...\{C2430580-570A-48D4-BF61-FA55E35BD052}) (Version: 1.0.8.0 - Brother Insutries Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1264 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
TagScanner 6.0.35 (HKLM-x32\...\TagScanner_is1) (Version: - Sergey Serkov)
UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version: - )
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.71 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.1 - win.rar GmbH)
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.13.5.0_x86__kgqvnymyfvs32 [2019-05-19] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1520.1.0_x86__kgqvnymyfvs32 [2019-06-03] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_4.0.0.1_x86__m9bz608c1b9ra [2019-04-04] (Nordcurrent)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-04-04] (Fitbit)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-04] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.3.4032.0_x86__8wekyb3d8bbwe [2019-04-12] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-04-04] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-04-04] (Thumbmunkeys Ltd) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.1.50\buShell.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.1.50\buShell.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.1.50\buShell.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.1.50\buShell.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.1.50\buShell.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.1.50\buShell.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.1.50\buShell.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-04-18] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-05-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.1.50\NavShExt.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-04-18] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.1.50\NavShExt.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-04-18] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.1.50\buShell.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.1.50\NavShExt.dll [2019-04-22] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-02] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-11-25 10:18 - 2016-11-25 10:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-03-22 17:21 - 2018-01-18 15:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-10-04 14:25 - 2018-01-18 15:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2017-04-05 09:53 - 2017-11-07 19:55 - 000137728 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 000087552 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 017974784 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2017-01-27 15:33 - 2017-11-07 20:04 - 000087040 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2017-04-05 09:53 - 2017-11-07 19:55 - 000440832 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\Track.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 000808960 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 001227264 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 067109376 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 002246144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2019-04-04 15:20 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2016-11-25 10:18 - 2016-11-25 10:18 - 000225280 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
2017-04-05 13:35 - 2017-04-05 13:35 - 003581952 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
2017-03-30 16:39 - 2018-01-19 11:26 - 002976256 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
2017-03-22 17:21 - 2018-01-18 15:39 - 000314368 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
2019-04-04 15:20 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2019-03-19 15:27 - 2019-03-19 15:27 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2019-04-18 04:31 - 2019-04-18 04:31 - 000424448 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2019-04-16 13:24 - 2019-04-16 13:24 - 000012288 _____ (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
2019-04-16 13:24 - 2019-04-16 13:24 - 000020480 _____ (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
2019-03-19 15:25 - 2019-03-19 15:25 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2017-04-18 05:45 - 2017-04-18 05:45 - 000008192 _____ (The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
2017-04-09 23:49 - 2017-04-09 23:49 - 000434176 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2484808343-1893561251-184537493-1001\...\localhost -> localhost
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 03:31 - 2019-04-04 22:45 - 000000926 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 license.piriform.com
0.0.0.0 superantispyware.com
0.0.0.0 license.superantispyware.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Calibre2\
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\noni1\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdobeARMservice => 2
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ED2B763E-C9D3-460B-938B-9CB964E1F183}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A8D6AF9E-D013-4AF2-876E-2DECD1B36322}] => (Allow) LPort=54925
FirewallRules: [{C5E060A7-A75A-440D-9FB4-EE424464ACA9}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{3518D411-ECA9-4E47-853C-D78367562D27}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{1611CD0C-8334-493E-A47F-BEAACA30B021}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{19DF9FEA-E105-41AF-A749-F2B68E203EF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{61E904B0-88DB-4EEB-A2B0-75A535F94160}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3014796B-C8C5-465A-B2DE-B1856BFC8FA0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{637272C9-9074-47FB-BB8D-A828BC165770}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3F4AF95A-A7AF-4B2B-83B1-218BFED267BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{C3B24432-D765-4D74-A26E-FEEAC5FC6FC3}] => (Allow) LPort=54950
FirewallRules: [{0729EC9B-6E6A-498B-9DA4-37B55405371D}] => (Allow) LPort=54955
FirewallRules: [{979A4F4A-8900-4AED-928E-ABF37131FCC5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8507B61F-87BF-45C8-B6E1-6B78CD5243BE}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
==================== Restore Points =========================
03-06-2019 03:04:45 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/05/2019 01:51:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Divukita.local already in use; will try Divukita-2.local instead
Error: (06/05/2019 01:51:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Divukita.local. Addr 192.168.0.13
Error: (06/05/2019 01:51:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.13:5353 16 Divukita.local. AAAA 2601:058A:8700:6490:F8AB:47C9:51DB:22A7
Error: (06/05/2019 01:51:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Divukita.local. AAAA FE80:0000:0000:0000:F8AB:47C9:51DB:22A7
Error: (06/05/2019 01:51:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.13:5353 16 Divukita.local. AAAA 2601:058A:8700:6490:F8AB:47C9:51DB:22A7
Error: (06/05/2019 01:51:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Divukita.local. Addr 192.168.0.13
Error: (06/05/2019 01:51:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.13:5353 16 Divukita.local. AAAA 2601:058A:8700:6490:F8AB:47C9:51DB:22A7
Error: (06/05/2019 01:47:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: malwarebytes_assistant.exe, version: 3.1.0.1807, time stamp: 0x5cc0b6fa
Faulting module name: Qt5Core.dll, version: 5.11.1.0, time stamp: 0x5cba0161
Exception code: 0xc0000005
Fault offset: 0x001a86be
Faulting process id: 0x730
Faulting application start time: 0x01d51bc6bfb21d47
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 20e55a00-d03d-4f6a-9889-710039e0afd3
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (06/05/2019 01:45:57 PM) (Source: DCOM) (EventID: 10016) (User: DIVUKITA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DIVUKITA\noni1 SID (S-1-5-21-2484808343-1893561251-184537493-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/04/2019 05:56:51 PM) (Source: DCOM) (EventID: 10016) (User: DIVUKITA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DIVUKITA\noni1 SID (S-1-5-21-2484808343-1893561251-184537493-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/04/2019 04:32:00 PM) (Source: DCOM) (EventID: 10016) (User: DIVUKITA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DIVUKITA\noni1 SID (S-1-5-21-2484808343-1893561251-184537493-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/04/2019 03:30:08 PM) (Source: DCOM) (EventID: 10016) (User: DIVUKITA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DIVUKITA\noni1 SID (S-1-5-21-2484808343-1893561251-184537493-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/04/2019 02:59:32 PM) (Source: DCOM) (EventID: 10016) (User: DIVUKITA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DIVUKITA\noni1 SID (S-1-5-21-2484808343-1893561251-184537493-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/04/2019 02:50:24 PM) (Source: DCOM) (EventID: 10000) (User: DIVUKITA)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"0"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (06/04/2019 02:47:53 PM) (Source: DCOM) (EventID: 10016) (User: DIVUKITA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DIVUKITA\noni1 SID (S-1-5-21-2484808343-1893561251-184537493-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/04/2019 02:42:08 PM) (Source: DCOM) (EventID: 10016) (User: DIVUKITA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DIVUKITA\noni1 SID (S-1-5-21-2484808343-1893561251-184537493-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2019-04-04 04:15:00.277
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
ID: 2147593794
Severity: High
Category: Tool
Path: file:_C:\$Recycle.Bin\S-1-5-21-2484808343-1893561251-184537493-1001\$RQSTY7F.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.291.1117.0, AS: 1.291.1117.0, NIS: 1.291.1117.0
Engine Version: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-04 04:14:56.753
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
ID: 2147593794
Severity: High
Category: Tool
Path: file:_C:\Users\noni1\Desktop\Adobe Acrobat DC\Crack\Keygen\Activation_Keygen.exe; file:_C:\Users\noni1\Desktop\Adobe Acrobat DC\Crack\Patch\adobe.snr.patch.v2.0-painter.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\SearchProtocolHost.exe
Signature Version: AV: 1.291.1117.0, AS: 1.291.1117.0, NIS: 1.291.1117.0
Engine Version: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-04 04:14:33.988
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
ID: 2147593794
Severity: High
Category: Tool
Path: file:_C:\Users\noni1\Desktop\Adobe Acrobat DC\Crack\Keygen\Activation_Keygen.exe; file:_C:\Users\noni1\Desktop\Adobe Acrobat DC\Crack\Patch\adobe.snr.patch.v2.0-painter.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\SearchProtocolHost.exe
Signature Version: AV: 1.291.1117.0, AS: 1.291.1117.0, NIS: 1.291.1117.0
Engine Version: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-04 04:14:30.714
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
ID: 2147593794
Severity: High
Category: Tool
Path: file:_C:\Users\noni1\Desktop\Adobe Acrobat DC\Crack\Patch\adobe.snr.patch.v2.0-painter.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\WinRAR\WinRAR.exe
Signature Version: AV: 1.291.1117.0, AS: 1.291.1117.0, NIS: 1.291.1117.0
Engine Version: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-04 04:14:28.204
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
ID: 2147593794
Severity: High
Category: Tool
Path: file:_C:\Users\noni1\Desktop\Adobe Acrobat DC\Crack\Keygen\Activation_Keygen.exe; file:_C:\Users\noni1\Desktop\Adobe Acrobat DC\Crack\Patch\adobe.snr.patch.v2.0-painter.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\WinRAR\WinRAR.exe
Signature Version: AV: 1.291.1117.0, AS: 1.291.1117.0, NIS: 1.291.1117.0
Engine Version: AM: 1.1.15800.1, NIS: 1.1.15800.1
CodeIntegrity:
===================================
Date: 2019-06-05 13:49:15.199
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-05 13:49:15.197
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-05 13:49:02.036
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-05 13:49:02.035
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-05 13:48:55.375
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-05 13:48:55.373
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-05 13:48:48.941
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-05 13:48:48.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. R0250DA 07/19/2016
Motherboard: Sony Corporation VAIO
Processor: Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz
Percentage of memory in use: 59%
Total physical RAM: 8070.8 MB
Available physical RAM: 3276.11 MB
Total Virtual: 16262.8 MB
Available Virtual: 10765.98 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:897.3 GB) (Free:815.59 GB) NTFS
\\?\Volume{017cf3eb-7098-4b25-a044-b17a6f116651}\ (Windows RE tools) (Fixed) (Total:1.44 GB) (Free:0.71 GB) NTFS
\\?\Volume{7d266368-35a3-4d58-940a-35de0cf95756}\ () (Fixed) (Total:0.84 GB) (Free:0.34 GB) NTFS
\\?\Volume{ac1c4dfd-dfee-4368-a349-a91f4bb2d830}\ () (Fixed) (Total:0.96 GB) (Free:0.44 GB) NTFS
\\?\Volume{67298117-88ca-4755-9b18-b730938f3a3f}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
\\?\Volume{a3bc1aad-9e86-4351-84c4-c8d83760a890}\ () (Fixed) (Total:0.44 GB) (Free:0.4 GB) NTFS
\\?\Volume{60c29b13-0ae7-4a54-ab0c-c997b91cd873}\ (Recovery) (Fixed) (Total:29.43 GB) (Free:3.75 GB) NTFS
\\?\Volume{fbe7d8e8-4704-484f-9101-c3cf5cff17bf}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: CA4D1FDE)
Partition: GPT.
==================== End of Addition.txt ============================Hola @BlueLunita
Realiza lo siguiente:
Abre un nuevo archivo Notepad y copia y pega este contenido:
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\...\RunOnce: [ZHPCleaner_File1] => CMD /c DEL "C:\Users\noni1\AppData\Local\Temp\aria-debug-6580.log" /F /Q <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2484808343-1893561251-184537493-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2484808343-1893561251-184537493-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2484808343-1893561251-184537493-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=1122&geo=US&ver=22.17.1.50&locale=en_US&guid=801DBE4C-E7AE-469C-837C-92BE44A15A21&doi=2016-09-01&gct=kwd&qsrc=2869
C:\Users\noni1\AppData\Roaming\Mozilla\Firefox\Profiles\i6emirsr.default\searchplugins\bing-lavasoft-ff59.xml [2019-06-03]
CHR DefaultSearchURL: Default -> hxxps://www.ficlab.com/favicon.ico
CHR DefaultSearchKeyword: Default -> VideoBrowse Search
CHR DefaultSuggestURL: Default -> hxxps://suggest.video-browse.com/suggest/get?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.17.1.50\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [moihledlmchhofenpacbhphnbnpakgmo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.17.1.50\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
1 lovvwiku; \??\C:\WINDOWS\system32\drivers\lovvwiku.sys [X]
2019-06-05 13:45 - 2019-06-05 13:45 - 002417664 _____ (Farbar) C:\Users\noni1\Downloads\Unconfirmed 757301.crdownload
2019-06-03 15:35 - 2019-06-03 15:35 - 000004983 _____ C:\ProgramData\yubhinti.sju
2019-06-03 15:35 - 2019-06-03 15:35 - 000000016 _____ C:\ProgramData\mntemp
2019-06-03 15:35 - 2019-06-03 15:35 - 000000000 ____D C:\ProgramData\movavi
2019-06-02 23:45 - 2019-06-02 23:46 - 000000000 ____D C:\Users\noni1\AppData\Local\F42F90D3-FB43-4B3A-93FC-B49CC053D588.aplzod
2019-06-01 21:56 - 2019-06-01 21:57 - 006953256 _____ (SaveFrom.net ) C:\Users\noni1\Downloads\SFHelper-Setup-[bfd2c51fa3f2b382#300#].exe
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.
Nos comentas como sigue el problema.
Salu2.
Buen día Sandra y feliz Jueves para usted y los demás…Aquí tienes el último reporte solicitado… Gracias por todo… Salu2, Maibel
Fix result of Farbar Recovery Scan Tool (x64) Version: 05-06-2019 01
Ran by noni1 (06-06-2019 06:47:46) Run:2
Running from C:\Users\noni1\Desktop
Loaded Profiles: noni1 & (Available Profiles: noni1)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\...\RunOnce: [ZHPCleaner_File1] => CMD /c DEL "C:\Users\noni1\AppData\Local\Temp\aria-debug-6580.log" /F /Q <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2484808343-1893561251-184537493-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2484808343-1893561251-184537493-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2484808343-1893561251-184537493-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=1122&geo=US&ver=22.17.1.50&locale=en_US&guid=801DBE4C-E7AE-469C-837C-92BE44A15A21&doi=2016-09-01&gct=kwd&qsrc=2869
C:\Users\noni1\AppData\Roaming\Mozilla\Firefox\Profiles\i6emirsr.default\searchplugins\bing-lavasoft-ff59.xml [2019-06-03]
CHR DefaultSearchURL: Default -> hxxps://www.ficlab.com/favicon.ico
CHR DefaultSearchKeyword: Default -> VideoBrowse Search
CHR DefaultSuggestURL: Default -> hxxps://suggest.video-browse.com/suggest/get?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.17.1.50\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [moihledlmchhofenpacbhphnbnpakgmo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.17.1.50\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
1 lovvwiku; \??\C:\WINDOWS\system32\drivers\lovvwiku.sys [X]
2019-06-05 13:45 - 2019-06-05 13:45 - 002417664 _____ (Farbar) C:\Users\noni1\Downloads\Unconfirmed 757301.crdownload
2019-06-03 15:35 - 2019-06-03 15:35 - 000004983 _____ C:\ProgramData\yubhinti.sju
2019-06-03 15:35 - 2019-06-03 15:35 - 000000016 _____ C:\ProgramData\mntemp
2019-06-03 15:35 - 2019-06-03 15:35 - 000000000 ____D C:\ProgramData\movavi
2019-06-02 23:45 - 2019-06-02 23:46 - 000000000 ____D C:\Users\noni1\AppData\Local\F42F90D3-FB43-4B3A-93FC-B49CC053D588.aplzod
2019-06-01 21:56 - 2019-06-01 21:57 - 006953256 _____ (SaveFrom.net ) C:\Users\noni1\Downloads\SFHelper-Setup-[bfd2c51fa3f2b382#300#].exe
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ZHPCleaner_File1" => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => not found
HKLM\Software\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => not found
"C:\Users\noni1\AppData\Roaming\Mozilla\Firefox\Profiles\i6emirsr.default\searchplugins\bing-lavasoft-ff59.xml [2019-06-03]" => not found
"Chrome DefaultSearchURL" => not found
"Chrome DefaultSearchKeyword" => not found
"Chrome DefaultSuggestURL" => not found
HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => not found
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => not found
HKU\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\Google\Chrome\Extensions\moihledlmchhofenpacbhphnbnpakgmo => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => not found
1 lovvwiku; \??\C:\WINDOWS\system32\drivers\lovvwiku.sys [X] => Error: No automatic fix found for this entry.
"C:\Users\noni1\Downloads\Unconfirmed 757301.crdownload" => not found
"C:\ProgramData\yubhinti.sju" => not found
"C:\ProgramData\mntemp" => not found
"C:\ProgramData\movavi" => not found
"C:\Users\noni1\AppData\Local\F42F90D3-FB43-4B3A-93FC-B49CC053D588.aplzod" => not found
"C:\Users\noni1\Downloads\SFHelper-Setup-[bfd2c51fa3f2b382#300#].exe" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
========= ipconfig /renew =========
Windows IP Configuration
No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 1 while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Local Area Connection* 1:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Local Area Connection* 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2601:58a:8700:6490:f8ab:47c9:51db:22a7
Temporary IPv6 Address. . . . . . : 2601:58a:8700:6490:56:eac3:7390:f35a
Link-local IPv6 Address . . . . . : fe80::f8ab:47c9:51db:22a7%10
IPv4 Address. . . . . . . . . . . : 192.168.0.13
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::2a80:88ff:fea9:bfaa%10
192.168.0.1
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to cancel {A023541A-6441-488B-8D42-428EADB78720}.
Unable to cancel {73127221-3DDB-442F-9992-E0834B3162A6}.
Unable to cancel {F7FAD604-DA84-40FA-9B3F-BD806A5703E5}.
0 out of 3 jobs canceled.
========= End of CMD: =========
========= netsh winsock reset =========
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= End of CMD: =========
========= netsh advfirewall reset =========
Ok.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Ok.
========= End of CMD: =========
========= netsh int ipv4 reset =========
Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
========= End of CMD: =========
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2484808343-1893561251-184537493-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2484808343-1893561251-184537493-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06062019064058531\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2484808343-1893561251-184537493-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06062019064058531\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10740095 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 31330 B
Edge => 0 B
Chrome => 342501 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 908 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
noni1 => 253804 B
RecycleBin => 0 B
EmptyTemp: => 21.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 06:49:46 ====Hola @BlueLunita
Si todo esta en orden:
Para eliminar las herramientas utilizadas:
Descargas >> Delfix, a tu escritorio.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Nos comentas para dar por Solucionado el tema.
Salu2.
Sandra, buenas noches y mil gracias por la gran ayuda y paciencia. 
Puedes dar por concluido este asunto…Todos los extras descargados se fueron cuando aplique el Delfix y la computadora me esta trabajando de maravilla. 
Mil gracias nuevamente por toda la ayuda. 
Salu2, Maibel
Hola @BlueLunita
Gracias a ti por confiar en InfoSpyware!!!
Que bueno que hayamos podido resolver tu consulta…
Para otros problemas, ya sabes donde encontrarnos. 
Salu2.