Hola, ya apliqué las acciones que me recomendaste. Dejo los reportes de Farbar.
1 de 2
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.04.2019 01
Ran by Owner (administrator) on SONYVAIO (Sony Corporation VGN-NS190J) (22-04-2019 01:35:04)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd -> Digital Wave Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intervideo, Inc. -> InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio64.exe
(Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Sony Electronics, Inc.) [File not signed] C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
(Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AimerSoft) [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(Visicom Media Inc. -> Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_131\bin\javaw.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
() [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
(Sony Electronics, Inc.) [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Byte Technologies LLC -> Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Byte Technologies LLC -> Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6453760 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1220392 2008-05-20] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [317280 2008-04-03] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe [77824 2008-06-27] (Sony Electronics Corporation) [File not signed]
HKLM-x32\...\Run: [VAIORegistration] => C:\Program Files\Sony\First Experience\WelcomeLauncher.exe [16384 2008-06-26] (Sony Electronics, Inc.) [File not signed]
HKLM-x32\...\Run: [VWLASU] => C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe [24576 2008-05-20] (Sony Electronics, Inc.) [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2014720 2014-07-09] (AimerSoft) [File not signed]
HKLM-x32\...\Run: [Panda Security URL Filtering] => C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe [254448 2016-11-22] (Visicom Media Inc. -> Visicom Media Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe [752424 2019-03-27] (Google Inc -> Google LLC)
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\RunOnce: [Adobe Speed Launcher] => 1555865479
HKU\S-1-5-18\...\RunOnce: [{90120000-0030-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90120000-0051-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90120000-006E-0C0A-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKLM\...\Drivers32: [VIDC.dvsd] => C:\Program Files (x86)\Common Files\Sony Shared\VideoLib\sonydv.dll [81920 2006-05-24] (Sony Corporation) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2018-05-20]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server) [File not signed]
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-08-11]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts-x32: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01C40DB2-BAC6-4CC9-A0D6-E0775EB06DBA} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe (Byte Technologies LLC -> Byte Technologies LLC) <==== ATTENTION
Task: {043D3E0B-4F53-4A67-BFE5-E9356196EA50} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Inc. -> Adobe) [File not signed]
Task: {15FBFAA5-DFF4-4E59-9D14-C6AA96E9C899} - \{93E30113-6C0F-45FA-844D-C90EE05D1038} -> No File <==== ATTENTION
Task: {2C27DAC2-E84E-495F-997B-FB4AFC1FCC0B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe (Adobe Inc. -> Adobe) [File not signed]
Task: {3B02C961-213C-48DB-8BD3-6FDCBDC8D5A3} - \{7CAA9987-B25B-4543-9481-034760B048D7} -> No File <==== ATTENTION
Task: {40C89153-9321-423C-A3C4-406B57946E0E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core1d07019b67c8cd9 => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {4380D364-21BB-4BC6-9943-C5590E634F0C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {547C19A2-8446-4483-9DD1-A878C35FD408} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation -> Sony Corporation)
Task: {550E5440-C894-4A42-840F-2F75FFD352B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6936C6F5-576E-4D23-931B-8D96166304EF} - \{157F64FD-D1D3-4FFC-B7DF-96E1194C72C5} -> No File <==== ATTENTION
Task: {694FCD52-3D55-4E8A-9E92-E9F750E784F3} - \{CC03BC11-1B49-4EEE-88C2-16FB34614442} -> No File <==== ATTENTION
Task: {756F3253-B083-4C41-A8A2-F70917870F3A} - \{C26F3111-C188-4A53-A67B-6453D7BE0F96} -> No File <==== ATTENTION
Task: {7A25D299-5642-4F06-9F0E-96190A7A5B8B} - System32\Tasks\{05CE49D3-D370-02AD-4546-1460AAE14A1F} => C:\Users\Owner\AppData\Local\Gomutolaso\Bapek.exe () [File not signed]
Task: {7AD3F419-B9A6-4C5F-A963-5D0C4E0B186B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {7F138393-4E57-4317-ABEA-95797F0F7D86} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe
Task: {943E77A0-59FB-4B8F-8DC0-9C0DD801F50D} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4124524400-2168589064-4251907036-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe (Mega Limited -> Mega Limited)
Task: {956FC04C-3848-4CC7-8497-9522BB971204} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA1d07019b6cd7b99 => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {A24D421D-536C-47D2-A7B3-66FDBD9D0ADA} - \VAIO Care -> No File <==== ATTENTION
Task: {A2D5ADE7-5675-47C1-8BDA-02F3108E8242} - \{EB7C85B7-71F4-42F7-A626-CD67EC78849E} -> No File <==== ATTENTION
Task: {B18E3255-B1A9-4441-A607-3E5A495DEB07} - \{726D0428-DB0E-4546-8A4E-C4C4799E9273} -> No File <==== ATTENTION
Task: {B47FC636-EC9E-4DF2-9B6A-C9BECB55259B} - \User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949} -> No File <==== ATTENTION
Task: {B63281A3-D60D-45C4-943D-54150CF211BB} - \PC Cleaner Pro Update Job -> No File <==== ATTENTION
Task: {C2720C18-780A-481E-9B38-E2C427912E52} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {EDBE3029-8491-4F32-8672-59C88DC2772D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F9B36462-B6F5-413B-A515-D62C8693581E} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe (Sony Corporation -> Sony Corporation)
Task: {F9DCFE55-088E-4702-A8B8-DE4AA69C381E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949}.job => C:\Windows\system32\msfeedssync.exe
Task: C:\Windows\Tasks\{05CE49D3-D370-02AD-4546-1460AAE14A1F}.job => C:\Users\Owner\AppData\Local\GOMUTO~1\Bapek.exe <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{800319FD-DB0B-4984-B4E4-1DB828347ECF}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mx.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fptpeylhk2y2aegikmoqzd_19_17¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dmx%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FtBtCtDtCyB0FyCyDyEyB0CyCtN0D0Tzu0StByCyCzztN1L2XzuyEtFyDtCtFtDtFzztCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyEzzzyyDyBzz0EtGyCtDzz0DtG0FyByDtAtGtBtB0F0BtGtB0F0EtDtAyCzy0B0BtCyCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC1TyBtA1Qzz1QtGyCtBzzyEtGyE1PzyzytG1S1RtAtDtGyCyD1QtAzyyE1Q1O1OyDyByC2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtCyCtBzytN1Q2Z1B1P1RzutCyDyDyDzytCyEtAtCzz%26cr%3D944756385%26a%3Dwbf_fptpeylhk2y2aegikmoqzd_19_17%26os_ver%3D6.0%26os%3DWindows%2B(TM)%2BVista%2BHome%2BPremium
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://mx.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fptpeylhk2y2aegikmoqzd_19_17¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dmx%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FtBtCtDtCyB0FyCyDyEyB0CyCtN0D0Tzu0StByCyCzztN1L2XzuyEtFyDtCtFtDtFzztCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyEzzzyyDyBzz0EtGyCtDzz0DtG0FyByDtAtGtBtB0F0BtGtB0F0EtDtAyCzy0B0BtCyCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC1TyBtA1Qzz1QtGyCtBzzyEtGyE1PzyzytG1S1RtAtDtGyCyD1QtAzyyE1Q1O1OyDyByC2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtCyCtBzytN1Q2Z1B1P1RzutCyDyDyDzytCyEtAtCzz%26cr%3D944756385%26a%3Dwbf_fptpeylhk2y2aegikmoqzd_19_17%26os_ver%3D6.0%26os%3DWindows%2B(TM)%2BVista%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://mx.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fptpeylhk2y2aegikmoqzd_19_17¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dmx%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FtBtCtDtCyB0FyCyDyEyB0CyCtN0D0Tzu0StByCyCzztN1L2XzuyEtFyDtCtFtDtFzztCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyEzzzyyDyBzz0EtGyCtDzz0DtG0FyByDtAtGtBtB0F0BtGtB0F0EtDtAyCzy0B0BtCyCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC1TyBtA1Qzz1QtGyCtBzzyEtGyE1PzyzytG1S1RtAtDtGyCyD1QtAzyyE1Q1O1OyDyByC2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtCyCtBzytN1Q2Z1B1P1RzutCyDyDyDzytCyEtAtCzz%26cr%3D944756385%26a%3Dwbf_fptpeylhk2y2aegikmoqzd_19_17%26os_ver%3D6.0%26os%3DWindows%2B(TM)%2BVista%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> {6E8EC60F-4C59-433B-BEA5-949EB61225DB} URL = hxxp://www.google.com.mx/search?hl=es&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> {9E5FE3C3-6B64-4C63-9C9F-F2F31E988800} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B015US911D20140907&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> {EA50D82A-9D69-4ED7-801F-2322610FD8AA} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US0D20140907&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> No Name - {5B291E6C-9A74-4034-971B-A4B007A0B315} - No File
Handler: WSAMVCUchrome - No CLSID Value
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-04-20]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> ) [File not signed]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> ) [File not signed]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] (Apple Inc. -> )
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4124524400-2168589064-4251907036-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-4124524400-2168589064-4251907036-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com.mx/
CHR StartupUrls: Default -> "hxxp://www.google.com.mx/","","hxxps://www.google.com/","hxxp://www.google.com/"
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2019-04-22]
CHR Extension: (Kaspersky Protection) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2019-04-20]
CHR Extension: (Link All) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbplhdcnpcenkdciibplnkgmiffjfnni [2018-11-03]
CHR Extension: (2112) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohiccbldidfaianakiighjonjckahib [2014-01-06]
CHR Extension: (Panda Safe Web) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok [2018-01-21]
CHR Extension: (Funky Karts) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbgibbcljlbkkeaogjofolcbakcokmie [2019-01-15]
CHR Extension: (Botón +1 de Google) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp [2017-08-06]
CHR Extension: (Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2019-01-15]
CHR Extension: (Search Manager) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2019-04-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-19]
CHR Extension: (Secured Search Extension) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdpcpceofkopegffcdnffeenbfdldock [2019-04-22]
CHR Extension: (Search Manager) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2019-04-22]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.HC73AWHMEOVPFIYS4H77JTLMFE - C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-14] (Adobe Inc. -> Adobe) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc. -> Apple Inc.)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 ByteFenceService; c:\program files\bytefence\ByteFenceService.exe [156488 2019-03-27] (Byte Technologies LLC -> Byte Technologies LLC)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.) [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [1371136 2008-04-30] (Intel(R) Corporation) [File not signed]
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
S2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S3 lxcj_device; C:\Windows\system32\lxcjcoms.exe [452608 2006-05-11] ( ) [File not signed]
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-02-24] (McAfee, Inc. -> McAfee, Inc.)
S3 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [826368 2008-04-30] (Intel(R) Corporation) [File not signed]
R2 RtkAudioService; C:\Windows\RtkAudioService.exe [139808 2008-07-15] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 rtop; c:\program files\bytefence\rtop\bin\rtop_svc.exe [297288 2019-04-22] (Byte Technologies LLC -> Byte Technologies LLC.)
S3 SOHCImp; C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation -> Sony Corporation)
S3 SOHDms; C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation -> Sony Corporation)
S3 SOHDs; C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation -> Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [File not signed]
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [File not signed]
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation) [File not signed]
R3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation -> Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Windows -> Microsoft Corporation)
R2 XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe [410624 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [36328 2010-12-21] (MCCI Internal Testing Software -> Google Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S1 Beep; no ImagePath
R3 CAXHWAZL; C:\Windows\System32\DRIVERS\CAXHWAZL.sys [300032 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [102368 2013-01-31] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S1 DMICall; C:\Windows\SysWOW64\DRIVERS\DMICall.sys [10216 2008-07-11] (Sony Corporation -> Sony Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
S3 HSFHWAZL; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [286720 2008-01-20] (Microsoft Windows -> Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\CAX_DPV.sys [1511936 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [7907872 2008-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [72016 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [122496 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [86656 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [217432 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1214752 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1123664 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [56144 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [56656 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [57464 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [49280 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R1 kltdf; C:\Windows\System32\DRIVERS\kltdf.sys [105184 2017-11-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [201552 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [17024 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R3 NETw5v64; C:\Windows\System32\DRIVERS\NETw5v64.sys [4730368 2008-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [25600 2008-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 rimsptsk; C:\Windows\System32\DRIVERS\rimssn64.sys [85504 2008-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 risdptsk; C:\Windows\System32\DRIVERS\risdsn64.sys [64512 2008-07-17] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [108296 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [19720 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [144648 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [126216 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [31496 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [123656 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [130824 2007-04-03] (MCCI Corporation -> MCCI Corporation)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [11392 2008-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [203104 2013-01-31] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2008-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 winachsf; C:\Windows\System32\DRIVERS\CAX_CNXT.sys [731648 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R2 XAudio; C:\Windows\System32\DRIVERS\xaudio64.sys [9728 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 yukonx64; C:\Windows\System32\DRIVERS\yk60x64.sys [391680 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Marvell)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-22 01:38 - 2019-04-22 01:38 - 000000000 ____D C:\ProgramData\ByteFence
2019-04-22 01:35 - 2019-04-22 01:41 - 000039802 _____ C:\Users\Owner\Desktop\FRST.txt
2019-04-22 01:34 - 2019-04-22 01:34 - 000000000 ____D C:\Users\Owner\Desktop\FRST-OlderVersion
2019-04-22 01:27 - 2019-04-22 01:28 - 000000000 ____D C:\Users\Owner\AppData\Local\{F312C54E-D7BA-A9F6-BA22-8C1E9E4A7086}
2019-04-22 01:27 - 2019-04-22 01:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2019-04-22 01:26 - 2019-04-22 01:26 - 000003344 _____ C:\Windows\System32\Tasks\ByteFence
2019-04-22 01:26 - 2019-04-22 01:26 - 000003210 _____ C:\Windows\System32\Tasks\{05CE49D3-D370-02AD-4546-1460AAE14A1F}
2019-04-22 01:26 - 2019-04-22 01:26 - 000000270 _____ C:\Windows\Tasks\{05CE49D3-D370-02AD-4546-1460AAE14A1F}.job
2019-04-22 01:26 - 2019-04-22 01:26 - 000000000 ____D C:\Users\Owner\AppData\Local\Gomutolaso
2019-04-22 01:26 - 2019-04-22 01:26 - 000000000 ____D C:\Users\Owner\AppData\Local\chromium
2019-04-22 01:25 - 2019-04-22 01:38 - 000000000 ____D C:\Program Files\ByteFence
2019-04-22 01:25 - 2019-04-22 01:26 - 000000000 ____D C:\Users\Owner\AppData\Local\{196C2F30-3DC4-4388-505C-666074349AF8}
2019-04-22 01:25 - 2019-04-22 01:25 - 000001107 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2019-04-22 00:56 - 2019-04-22 00:56 - 000000978 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-04-22 00:56 - 2019-04-22 00:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-04-22 00:56 - 2019-04-22 00:56 - 000000000 ____D C:\Program Files\VS Revo Group
2019-04-22 00:54 - 2019-04-22 00:55 - 007127416 _____ (VS Revo Group ) C:\Users\Owner\Desktop\revosetup.exe
2019-04-21 00:28 - 2019-04-21 00:28 - 000001760 _____ C:\Users\Owner\Desktop\Kapersky.txt
2019-04-20 20:45 - 2019-04-20 20:45 - 000001097 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2019-04-20 20:45 - 2019-04-20 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-04-20 20:41 - 2019-04-20 20:41 - 000001952 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2019-04-20 20:41 - 2019-04-20 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
2019-04-20 20:39 - 2019-04-22 01:33 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-04-20 20:39 - 2019-04-20 20:43 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2019-04-20 20:35 - 2019-04-20 21:46 - 001123664 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2019-04-20 20:35 - 2019-04-20 21:45 - 000217432 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2019-04-20 20:35 - 2019-04-20 20:35 - 001214752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2019-04-20 20:35 - 2019-04-20 20:35 - 000152960 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2019-04-20 20:10 - 2019-04-20 20:11 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-04-19 23:23 - 2019-04-19 23:23 - 724604335 _____ C:\Windows\MEMORY.DMP
2019-04-19 23:23 - 2019-04-19 23:23 - 000273592 _____ C:\Windows\Minidump\Mini041919-01.dmp
2019-04-19 09:03 - 2019-04-19 09:05 - 000018382 _____ C:\Users\Owner\Desktop\Fixlog.txt
2019-04-19 03:13 - 2019-04-19 02:48 - 000005605 _____ C:\Users\Owner\Desktop\AdwCleaner[C00].txt
2019-04-19 03:04 - 2019-04-22 01:35 - 000000000 ____D C:\FRST
2019-04-19 03:03 - 2019-04-19 03:03 - 000004446 _____ C:\Users\Owner\Desktop\JRT.txt
2019-04-19 02:46 - 2019-04-19 02:48 - 000000000 ____D C:\AdwCleaner
2019-04-19 02:20 - 2019-04-19 02:20 - 000001499 _____ C:\Users\Owner\Desktop\Mwb1.txt
2019-04-19 01:37 - 2019-04-19 01:37 - 076534856 _____ (Malwarebytes ) C:\Users\Owner\Desktop\mb3-setup-legacywos-3.5.1.2522-1.0.365-1.0.5292.exe
2019-04-19 01:26 - 2019-04-19 01:26 - 000260022 _____ C:\Users\Owner\Documents\cc_20190419_012601.reg
2019-04-19 01:18 - 2019-04-19 02:42 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-19 01:18 - 2019-04-19 01:18 - 000002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-04-19 01:18 - 2019-04-19 01:18 - 000000770 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-19 01:18 - 2019-04-19 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-19 01:18 - 2019-04-19 01:18 - 000000000 ____D C:\Program Files\CCleaner
2019-04-19 01:15 - 2019-04-22 01:34 - 002435072 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2019-04-19 01:14 - 2019-04-19 01:14 - 007025360 _____ (Malwarebytes) C:\Users\Owner\Desktop\adwcleaner_7.3.exe
2019-04-19 01:12 - 2019-04-19 01:12 - 001790024 _____ (Malwarebytes) C:\Users\Owner\Desktop\JRT.exe
2019-04-19 01:10 - 2019-04-19 01:11 - 021254208 _____ (Piriform Software Ltd) C:\Users\Owner\Desktop\ccsetup556.exe
2019-04-06 18:51 - 2019-04-06 18:51 - 000000000 ____D C:\Program Files\Common Files\avast software
2019-04-06 18:48 - 2019-04-20 05:13 - 000000000 ____D C:\ProgramData\AVAST Software
2019-04-06 13:30 - 2019-04-06 13:30 - 000040116 _____ C:\Users\Owner\Desktop\Acuse transferencia consulta Rebeca dermatólogo.pdf
2019-04-05 21:38 - 2019-04-05 21:38 - 000000000 __SHD C:\found.002
2019-04-02 23:10 - 2019-04-06 13:04 - 000000000 ____D C:\Users\Owner\AppData\Local\SmartView2
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-22 01:26 - 2014-09-28 21:58 - 000000000 ____D C:\Users\Owner\Documents\Descargas
2019-04-22 01:26 - 2008-12-14 12:27 - 000000000 ____D C:\Users\Owner
2019-04-21 23:47 - 2006-11-02 10:22 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-21 23:47 - 2006-11-02 10:22 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-21 19:15 - 2008-12-20 18:12 - 000000424 ____H C:\Windows\Tasks\User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949}.job
2019-04-21 18:33 - 2011-12-28 17:02 - 000001046 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA.job
2019-04-21 11:52 - 2018-05-20 01:35 - 000000000 ____D C:\ProgramData\UMS
2019-04-21 11:47 - 2006-11-02 10:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-21 01:24 - 2014-01-05 13:31 - 000000000 ____D C:\Users\Owner\Documents\Movies
2019-04-21 01:13 - 2014-03-09 11:37 - 000000000 ____D C:\Program Files (x86)\FreeTime
2019-04-21 00:12 - 2018-02-24 05:17 - 000201552 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2019-04-21 00:12 - 2018-02-12 04:17 - 000056144 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2019-04-21 00:12 - 2018-01-15 05:16 - 000056656 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klkbdflt.sys
2019-04-21 00:12 - 2017-12-11 11:49 - 000057464 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klmouflt.sys
2019-04-21 00:12 - 2017-05-30 18:51 - 000049280 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2019-04-21 00:11 - 2019-02-14 22:09 - 000122496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupflt.sys
2019-04-20 22:33 - 2011-12-28 17:02 - 000000994 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core.job
2019-04-20 21:44 - 2019-02-14 22:09 - 000086656 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2019-04-20 21:42 - 2019-02-14 22:09 - 000072016 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupdisk.sys
2019-04-20 20:44 - 2006-11-02 08:33 - 000000000 ____D C:\Windows\inf
2019-04-20 20:25 - 2015-10-25 23:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-20 20:25 - 2006-11-02 10:42 - 000032614 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-20 20:10 - 2017-03-15 12:09 - 000000000 ____D C:\Users\Owner\Documents\Programas
2019-04-19 23:23 - 2013-04-11 21:47 - 000000000 ____D C:\Windows\Minidump
2019-04-19 12:16 - 2008-11-24 09:24 - 000000000 ____D C:\Users\Best Buy
2019-04-19 12:16 - 2006-11-02 07:33 - 110624768 _____ C:\Windows\system32\config\software_previous
2019-04-19 12:16 - 2006-11-02 07:33 - 031719424 _____ C:\Windows\system32\config\system_previous
2019-04-19 12:15 - 2018-11-03 11:22 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2019-04-19 12:15 - 2018-05-20 01:33 - 000000000 ____D C:\Program Files (x86)\Universal Media Server
2019-04-19 12:15 - 2017-09-17 01:18 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
2019-04-19 12:15 - 2017-08-11 23:52 - 000000000 ___RD C:\Users\Owner\Documents\MEGA
2019-04-19 12:15 - 2017-05-09 22:06 - 000000000 ____D C:\Users\Owner\AppData\Roaming\DVDVideoSoft
2019-04-19 12:15 - 2017-03-15 12:07 - 000000000 ____D C:\Users\Owner\AppData\Roaming\vlc
2019-04-19 12:15 - 2017-03-14 22:40 - 000000000 ____D C:\Users\Owner\AppData\Local\Tempdivx0e6e
2019-04-19 12:15 - 2017-03-14 00:26 - 000000000 ____D C:\Users\Owner\AppData\Local\Tempdivx9984
2019-04-19 12:15 - 2016-11-02 11:45 - 000000000 ____D C:\Users\Owner\AppData\Local\Tempdivxfe27
2019-04-19 12:15 - 2016-09-21 06:08 - 000000000 ____D C:\Users\Owner\AppData\Local\Tempdivx0e71
2019-04-19 12:15 - 2014-09-07 21:48 - 000000000 ____D C:\ProgramData\McAfee
2019-04-19 12:15 - 2012-08-04 13:29 - 000000000 ____D C:\Users\Owner\AppData\Roaming\FreeAudioPack
2019-04-19 12:15 - 2010-08-22 11:57 - 000000000 ____D C:\Users\Owner\AppData\Local\PokerStars.NET
2019-04-19 12:15 - 2009-10-13 17:18 - 000000000 ___SD C:\Users\Owner\Documents\Mis formas
2019-04-19 12:15 - 2009-06-06 11:53 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Azureus
2019-04-19 12:15 - 2009-01-15 00:12 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-19 12:15 - 2009-01-14 22:18 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2019-04-19 12:15 - 2009-01-07 16:14 - 000000000 ____D C:\Users\Owner\AppData\Local\Microsoft Help
2019-04-19 12:15 - 2006-11-02 08:34 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-04-19 12:15 - 2006-11-02 08:34 - 000000000 ____D C:\Windows\system32\spool
2019-04-19 12:15 - 2006-11-02 08:34 - 000000000 ____D C:\Windows\system32\Msdtc
2019-04-19 12:15 - 2006-11-02 08:34 - 000000000 ____D C:\Windows\system32\GroupPolicy
2019-04-19 12:15 - 2006-11-02 08:33 - 000000000 ____D C:\Windows\registration
2019-04-19 12:13 - 2018-07-08 19:11 - 000000000 ____D C:\Program Files\Common Files\AV
2019-04-19 12:13 - 2014-09-07 21:48 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-04-19 12:08 - 2006-11-02 07:33 - 078118912 _____ C:\Windows\system32\config\components_previous
2019-04-19 12:08 - 2006-11-02 07:33 - 000262144 _____ C:\Windows\system32\config\sam_previous
2019-04-19 09:05 - 2006-11-02 07:33 - 000524288 _____ C:\Windows\system32\config\default_previous
2019-04-19 09:05 - 2006-11-02 07:33 - 000262144 _____ C:\Windows\system32\config\security_previous
2019-04-19 08:56 - 2014-08-28 21:54 - 000000270 _____ C:\DelFix.txt
2019-04-14 21:59 - 2018-03-13 15:59 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-14 21:59 - 2013-02-08 08:37 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-14 21:59 - 2013-02-08 08:37 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-04-14 21:59 - 2011-11-13 17:14 - 000000000 ____D C:\Windows\system32\Macromed
2019-04-14 21:59 - 2011-05-16 06:58 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-14 21:59 - 2008-08-12 16:01 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-04-08 22:26 - 2014-09-16 21:28 - 000000732 _____ C:\Users\Owner\AppData\Local\d3d9caps64.dat
2019-04-08 20:34 - 2006-11-02 07:46 - 000006580 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-06 19:05 - 2014-09-12 10:39 - 000000000 ____D C:\Program Files\WinRAR
2019-04-06 19:05 - 2009-01-15 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-06 18:36 - 2014-11-17 08:38 - 000118216 _____ C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-06 18:34 - 2009-06-08 19:52 - 000001356 _____ C:\Users\Owner\AppData\Local\d3d9caps.dat
2019-04-06 18:10 - 2014-11-17 08:36 - 000453640 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-06 16:53 - 2015-10-10 13:20 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-04-06 16:53 - 2015-10-10 13:16 - 000000000 ____D C:\ProgramData\Panda Security
2019-04-06 16:52 - 2015-10-10 13:21 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Panda Security
2019-03-27 15:51 - 2015-04-05 22:28 - 000003560 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA1d07019b6cd7b99
2019-03-27 15:51 - 2015-04-05 22:28 - 000003288 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core1d07019b67c8cd9
==================== Files in the root of some directories =======
2015-11-03 22:31 - 2015-11-03 23:17 - 000003072 _____ () C:\Users\Owner\AppData\Roaming\FOTOsmile 2 Prefsv3
2017-09-14 06:57 - 2017-09-14 22:06 - 000099384 _____ () C:\Users\Owner\AppData\Roaming\inst.exe
2017-09-14 06:57 - 2017-09-14 22:06 - 000007859 _____ () C:\Users\Owner\AppData\Roaming\pcouffin.cat
2017-09-14 06:57 - 2017-09-14 22:06 - 000001167 _____ () C:\Users\Owner\AppData\Roaming\pcouffin.inf
2017-09-14 06:58 - 2017-09-14 22:06 - 000000033 _____ () C:\Users\Owner\AppData\Roaming\pcouffin.log
2017-09-14 06:57 - 2017-09-14 22:06 - 000082816 _____ (VSO Software) C:\Users\Owner\AppData\Roaming\pcouffin.sys
2009-10-12 13:49 - 2009-10-12 13:49 - 000025773 _____ () C:\Users\Owner\AppData\Roaming\UserTile.png
2009-06-08 19:52 - 2019-04-06 18:34 - 000001356 _____ () C:\Users\Owner\AppData\Local\d3d9caps.dat
2014-09-16 21:28 - 2019-04-08 22:26 - 000000732 _____ () C:\Users\Owner\AppData\Local\d3d9caps64.dat
2009-02-15 11:44 - 2017-09-18 06:11 - 000054784 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-04-22 00:04
==================== End of FRST.txt ============================