Jump to content
Mayankjot

Trojan gets detected but cannot be removed

Recommended Posts

Hi,

The trojan gets detected but I cannot remove it as when do remove it by Quarantine it and deleting them, they show off again in next scan. So can you please help remove these. I am attaching the results.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/15/19
Scan Time: 7:38 AM
Log File: de01e802-074c-11ea-93f2-6cc217776a8e.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.13333
License: Expired

-System Information-
OS: Windows 10 (Build 17134.1006)
CPU: x64
File System: NTFS
User: hp\November

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 419085
Threats Detected: 8
Threats Quarantined: 0
Time Elapsed: 23 min, 50 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 8
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947, No Action By User, [6821], [436606],1.0.13333
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AD4C5429E10F4FF6C01840C20ABA344D7401209F, No Action By User, [6821], [436604],1.0.13333
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\DB77E5CFEC34459146748B667C97B185619251BA, No Action By User, [6821], [436611],1.0.13333
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF, No Action By User, [6821], [436613],1.0.13333
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947, No Action By User, [6821], [436606],1.0.13333
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AD4C5429E10F4FF6C01840C20ABA344D7401209F, No Action By User, [6821], [436604],1.0.13333
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\DB77E5CFEC34459146748B667C97B185619251BA, No Action By User, [6821], [436611],1.0.13333
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF, No Action By User, [6821], [436613],1.0.13333

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Thanks&Regards

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.

Please post the logs for my review.

Wait for further instructions
====

p.s.
Let me know if the default browser is Synced with other devices.

Share this post


Link to post
Share on other sites

Hey,

I have completed every step and yes my browser in synced with my mobile phones and tablet.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2019
Ran by November (administrator) on HP (Hewlett-Packard HP Pavilion 15 Notebook PC) (15-11-2019 22:45:54)
Running from C:\Users\November\Desktop\New folder (2)
Loaded Profiles: November (Available Profiles: Gurmeet singh & November & mayan)
Platform: Windows 10 Pro Version 1803 17134.1006 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2018-12-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316336 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [657704 2019-05-14] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-48790505-1987507193-3152163807-1002\...\Run: [Opera Browser Assistant] => C:\Users\November\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2771480 2019-11-13] (Opera Software AS -> Opera Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-08] (Google LLC -> Google LLC)
Startup: C:\Users\November\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IQTray.lnk [2018-11-26]
ShortcutTarget: IQTray.lnk -> C:\Program Files (x86)\IQ Option\IQTray.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A6A3001-FD85-4CE3-8A66-856D089F5390} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {10FE90AC-1DAE-46B1-BF57-7A3C4A97D071} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16D48ED6-C709-46CE-B64A-96C1A6453A1E} - System32\Tasks\Opera scheduled Autoupdate 1539190011 => C:\Users\November\AppData\Local\Programs\Opera\launcher.exe [1534488 2019-11-05] (Opera Software AS -> Opera Software)
Task: {16FBCF11-4A62-4FD7-87B4-0414251CDC77} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {187FF086-2A77-43E4-BF0A-E6F32A5F4775} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {1A6D4518-EF85-43EB-B723-52C531753302} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2019-09-18] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {24474649-F42A-437C-98EE-402B01365184} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114720 2019-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {2762DAAB-BC5A-4BCE-B8CB-258BA609C4FB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B8980BE-DB57-433B-909A-947E769AEE77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-10] (Google Inc -> Google Inc.)
Task: {2C8D3A66-F99B-48E7-BE98-1D14E2132231} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {31EC8858-77AB-40B3-8E8F-C635C616267C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {35CE5ADA-BABE-43A2-9FBA-D5C4AFE91F31} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1586296 2019-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {35D95489-581E-4E45-9370-7B7A0EDADF46} - System32\Tasks\update-S-1-5-21-48790505-1987507193-3152163807-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {397D94BA-A4E8-4CAB-B023-3266490F0834} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {413C69C3-6784-476F-BBF0-B7B72F29CF33} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {497D3BF9-8F31-44E5-BFD5-163573F3C679} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {57043304-D34B-49A9-8A12-B92D947628C8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {584052AC-4B6C-45F1-9AD6-999FE03C5E7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [250232 2019-10-08] (HP Inc. -> HP Inc.)
Task: {5A59753C-1771-410E-BA91-7A3E70898C4A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367496 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B608BFF-925A-41CD-9AE3-D375E9CCBD1A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3487440 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80CC9F1D-74B1-46B2-8D65-AF821D97D093} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3981232 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {81B60149-390D-48EA-B185-F5D4EEE6E796} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [58744 2019-06-14] (HP Inc. -> HP Inc.)
Task: {8F568CF7-0FC3-4FF4-8A8B-A0E5BEC762C4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367496 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F6F4359-496A-4300-A59A-EEA7C27CC569} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [696016 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9280D4C0-FDA4-4831-9B45-52495D85BC84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {97DC57E3-7AC5-4DB5-8B0C-0E7DC6D0F1EB} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
Task: {98EE549B-C505-451E-9AF8-04885EE05898} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9D50CDE2-C7BC-4A6F-BE75-DE90982B965E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {A0F38D9F-0DF6-4179-BA31-DDD5F741BC50} - System32\Tasks\Opera scheduled assistant Autoupdate 1547488941 => C:\Users\November\AppData\Local\Programs\Opera\launcher.exe [1534488 2019-11-05] (Opera Software AS -> Opera Software)
Task: {A35B7F6B-7AF2-434B-8FA1-16E261B64B07} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {A7D7432F-E180-4B5B-BFE1-410BBF1909FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-10] (Google Inc -> Google Inc.)
Task: {B253A044-3139-432E-BAB1-F97629D73FE9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B8EFD380-9E1D-4260-8C59-22A06B9613FB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C2629FE6-62EC-48A3-AC63-D8B2E01C08D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {C9EDBD2D-72A2-4C5C-AA6C-FCB2C1FDCE4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {DAFE7699-2F3D-4EEB-BF33-C1EAAABAB371} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E465C76B-58CE-404F-A2E5-69648D2FBF52} - System32\Tasks\HPCeeScheduleForNovember => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {F1B223E2-4A6C-43F8-A6BB-0AD88B30354A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114720 2019-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F724B15E-D13A-4C83-B919-353C43531B48} - System32\Tasks\HPCustParticipation HP DeskJet 4670 series => C:\Program Files\HP\HP DeskJet 4670 series\Bin\HPCustPartic.exe [6105096 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {F8181F8C-958D-4EA9-AA59-AD0B45989A85} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [995024 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC6EAF8B-B9AA-4156-B261-BDFB7148DB2A} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [638536 2019-04-11] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForNovember.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-48790505-1987507193-3152163807-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{43196acf-8cd3-405b-ac63-d00881d821b4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{6f0c1e8d-102e-4a66-af14-d95e106361f1}: [DhcpNameServer] 192.168.30.1
Tcpip\..\Interfaces\{abf7b159-6ccb-4908-b0ee-b8f5166e28fc}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{dde5e2f0-b571-4cc1-9701-fc2597ec2e19}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{fd19e0f9-d2c2-4529-a51b-d46fe0fff336}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKU\S-1-5-21-48790505-1987507193-3152163807-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-48790505-1987507193-3152163807-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-48790505-1987507193-3152163807-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.1\bin\ssv.dll => No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-07-16] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 0dayxmwg.default
FF ProfilePath: C:\Users\November\AppData\Roaming\Mozilla\Firefox\Profiles\0dayxmwg.default [2019-04-25]
FF Extension: (Tecknity Cookies) - C:\Users\November\AppData\Roaming\Mozilla\Firefox\Profiles\0dayxmwg.default\Extensions\{92415ac9-584a-4f96-8042-61af270afb30}.xpi [2019-04-12]
FF Extension: (Cookie-Editor) - C:\Users\November\AppData\Roaming\Mozilla\Firefox\Profiles\0dayxmwg.default\Extensions\{c3c10168-4186-445c-9c5b-63f12b8e2c87}.xpi [2019-04-12]
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-07-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-07-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @axissoft.co.kr/StarPlayer -> C:\Program Files (x86)\Axissoft\StarPlayerEx\npStarPlayer.dll [2017-09-05] (Axissoft) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)

Chrome: 
=======
CHR Notifications: Default -> hxxps://unacademy.com
CHR Profile: C:\Users\November\AppData\Local\Google\Chrome\User Data\Default [2019-11-15]
CHR Extension: (Slides) - C:\Users\November\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-12]
CHR Extension: (Honey) - C:\Users\November\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-11-15]
CHR Extension: (CrackWatch) - C:\Users\November\AppData\Local\Google\Chrome\User Data\Default\Extensions\dechlkibpibjlaidpeniljjejncdhfpj [2019-05-06]
CHR Extension: (VPN - Grab A Proxy - FREE) - C:\Users\November\AppData\Local\Google\Chrome\User Data\Default\Extensions\epiohmjifijenpabfpggbphmjinbhgnn [2019-01-26]
CHR Extension: (Sheets) - C:\Users\November\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-12]
CHR Extension: (EditThisCookie) - C:\Users\November\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-30]
CHR Extension: (Grammarly for Chrome) - C:\Users\November\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-11-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\November\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\November\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29]
CHR Profile: C:\Users\November\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-28]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1233272 2019-05-14] (Autodesk, Inc. -> Autodesk Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [996928 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6133752 2019-11-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110560 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7356680 2018-10-03] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11642744 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-09-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [360312 2019-10-14] (HP Inc. -> HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [359848 2017-07-01] (Intel Corporation - pGFX -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [217040 2019-04-10] (TEFINCOM S.A. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2018-12-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5075696 2019-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-11-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2019-11-15] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37880 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205600 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [275232 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [210328 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [65376 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [43512 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [171640 2019-11-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [111096 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84560 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [848688 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [461216 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [236288 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [317304 2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-14] (Intel(R) Smart Connect software -> )
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-10-18] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_e0efc835034c6f93\nvlddmkm.sys [20371952 2018-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2018-12-02] (Realtek Semiconductor Corp -> Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-11-15] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (Hewlett-Packard Company -> HP Inc.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-05-03] (Zemana Ltd. -> Zemana Ltd.)
S3 EnigmaFileMonDriver; \??\C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [X]
S1 mqyfyyez; \??\C:\WINDOWS\system32\drivers\mqyfyyez.sys [X]
S1 vqohirma; \??\C:\WINDOWS\system32\drivers\vqohirma.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-15 22:44 - 2019-11-15 22:45 - 000000000 ____D C:\Users\November\Desktop\New folder (2)
2019-11-14 20:25 - 2019-10-03 14:36 - 000355760 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-11-05 19:41 - 2019-11-05 19:41 - 000000000 ____D C:\Users\November\AppData\LocalLow\uTorrent
2019-10-27 07:47 - 2019-10-27 07:48 - 000030140 _____ C:\Users\November\Untitled.prproj
2019-10-27 07:30 - 2019-10-27 07:30 - 000001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2019.lnk
2019-10-27 07:30 - 2019-10-27 07:30 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-10-27 00:53 - 2019-10-27 00:53 - 000000000 ____D C:\New folder
2019-10-27 00:44 - 2019-10-27 07:30 - 000000000 ____D C:\Program Files\Adobe
2019-10-27 00:44 - 2019-10-27 00:44 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-10-27 00:38 - 2019-10-27 00:40 - 000000000 ____D C:\e4cff7ef7b729d050bda3811ac
2019-10-27 00:32 - 2019-11-15 07:36 - 000000000 ____D C:\Users\November\AppData\Local\Adobe
2019-10-27 00:32 - 2019-10-27 00:32 - 000000000 ____D C:\ProgramData\Adobe
2019-10-27 00:23 - 2019-10-27 00:23 - 000000000 ____D C:\Users\November\Desktop\video edit
2019-10-26 23:57 - 2019-10-27 00:21 - 1718502070 _____ C:\Users\November\Downloads\Adobe Premiere Pro CC 2019 v13.1.5.47 By SentMailapp.com.zip
2019-10-25 17:56 - 2019-10-25 17:56 - 000329430 _____ C:\Users\November\Documents\Scan2.pdf
2019-10-25 16:59 - 2019-10-25 16:59 - 000367435 _____ C:\Users\November\Documents\Scan1.pdf
2019-10-25 16:56 - 2019-10-25 16:56 - 000546080 _____ C:\Users\November\Documents\Scan.pdf
2019-10-18 14:17 - 2019-10-18 14:17 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-10-16 14:52 - 2019-10-16 14:52 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-10-16 14:52 - 2019-10-16 14:52 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-10-16 14:52 - 2019-10-16 14:52 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-10-16 14:52 - 2019-10-16 14:52 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-10-16 14:52 - 2019-10-16 14:52 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-10-16 14:52 - 2019-10-16 14:52 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-10-16 14:52 - 2019-10-16 14:52 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-10-16 14:52 - 2019-10-16 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-15 22:48 - 2019-05-03 02:14 - 000284423 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-11-15 22:48 - 2019-05-03 02:14 - 000223376 _____ C:\WINDOWS\ZAM.krnl.trace
2019-11-15 22:47 - 2019-06-07 20:18 - 000003886 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1547488941
2019-11-15 22:47 - 2019-05-12 19:03 - 000002850 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForNovember
2019-11-15 22:47 - 2019-05-12 19:03 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForNovember.job
2019-11-15 22:47 - 2019-05-03 02:20 - 000002566 _____ C:\WINDOWS\system32\Tasks\AMHelper
2019-11-15 22:47 - 2019-04-19 17:08 - 000003088 _____ C:\WINDOWS\system32\Tasks\update-S-1-5-21-48790505-1987507193-3152163807-1002
2019-11-15 22:47 - 2019-04-19 17:08 - 000002840 _____ C:\WINDOWS\system32\Tasks\update-sys
2019-11-15 22:47 - 2019-04-19 17:08 - 000000400 _____ C:\WINDOWS\Tasks\update-sys.job
2019-11-15 22:47 - 2019-04-19 17:08 - 000000400 _____ C:\WINDOWS\Tasks\update-S-1-5-21-48790505-1987507193-3152163807-1002.job
2019-11-15 22:47 - 2018-11-12 17:37 - 000003626 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1539190011
2019-11-15 22:47 - 2018-11-12 17:37 - 000003408 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-15 22:47 - 2018-11-12 17:37 - 000003346 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{70821E19-B51A-4F17-931D-11E6C014388C}
2019-11-15 22:47 - 2018-11-12 17:37 - 000003310 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2019-11-15 22:47 - 2018-11-12 17:37 - 000003308 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-11-15 22:47 - 2018-11-12 17:37 - 000003184 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-15 22:47 - 2018-11-12 17:37 - 000002914 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-48790505-1987507193-3152163807-1005
2019-11-15 22:47 - 2018-11-12 17:37 - 000002912 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-48790505-1987507193-3152163807-1001
2019-11-15 22:47 - 2018-11-12 17:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-11-15 22:47 - 2018-04-12 05:08 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-15 22:46 - 2019-06-11 14:12 - 000000000 ____D C:\FRST
2019-11-15 21:50 - 2018-11-12 16:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-15 19:11 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-15 10:22 - 2018-04-12 05:08 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-15 10:10 - 2018-09-21 00:19 - 000000000 ____D C:\Users\November\AppData\Local\Packages
2019-11-15 08:01 - 2018-09-21 16:23 - 000000000 ____D C:\Users\November\AppData\Local\AVAST Software
2019-11-15 07:55 - 2017-06-30 15:37 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-15 07:44 - 2019-01-15 23:33 - 000000000 ____D C:\Users\November\Downloads\opera autoupdate
2019-11-15 07:43 - 2019-05-03 02:20 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2019-11-15 07:42 - 2019-05-03 02:20 - 000000000 ____D C:\Users\November\AppData\Local\AMSDK
2019-11-15 07:39 - 2019-06-10 10:11 - 000000000 ____D C:\ProgramData\AVG
2019-11-15 07:33 - 2018-04-12 05:06 - 000000000 ____D C:\WINDOWS\INF
2019-11-15 07:31 - 2018-11-12 17:21 - 000840376 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-15 07:31 - 2017-11-15 08:58 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-11-15 07:31 - 2016-02-12 10:48 - 000000000 ___RD C:\Users\November\3D Objects
2019-11-15 07:31 - 2015-01-09 18:44 - 000000000 __SHD C:\Users\November\IntelGraphicsProfiles
2019-11-15 07:31 - 2014-10-23 23:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-15 07:30 - 2017-11-15 08:59 - 000000000 ____D C:\ProgramData\NVIDIA
2019-11-15 07:27 - 2019-06-10 10:20 - 000002006 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2019-11-15 07:27 - 2019-06-10 10:20 - 000001994 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2019-11-15 07:27 - 2019-06-10 10:20 - 000001994 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2019-11-15 07:27 - 2018-11-12 16:57 - 000416592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-15 07:26 - 2018-07-18 13:17 - 000000093 _____ C:\HaxLogs.txt
2019-11-15 07:25 - 2018-11-12 17:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-15 07:24 - 2018-11-12 17:06 - 000000000 ____D C:\Users\mayan
2019-11-15 07:24 - 2018-04-12 02:34 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2019-11-15 07:21 - 2018-04-12 14:50 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-11-15 07:21 - 2018-04-12 05:08 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-11-15 07:21 - 2018-04-12 05:08 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-15 07:21 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\TextInput
2019-11-15 07:21 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-11-15 07:21 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-15 07:21 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-15 07:21 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-11-15 07:21 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-15 07:21 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-15 07:21 - 2018-04-12 02:34 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-11-15 07:19 - 2018-09-21 16:18 - 000000000 ____D C:\Users\November\AppData\Roaming\uTorrent
2019-11-14 20:25 - 2018-04-12 05:08 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-11-11 00:31 - 2018-09-21 23:21 - 000000000 ____D C:\Users\November\AppData\Local\PlaceholderTileLogoFolder
2019-11-08 04:05 - 2017-12-10 15:31 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-08 04:05 - 2017-12-10 15:31 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-08 04:05 - 2017-12-10 15:31 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-11-07 22:09 - 2018-10-10 22:16 - 000001415 _____ C:\Users\November\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-11-05 19:41 - 2019-04-25 06:24 - 000000000 ____D C:\Users\November\AppData\Local\BitTorrentHelper
2019-11-05 14:58 - 2017-09-29 15:02 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-03 22:55 - 2017-08-04 20:13 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-11-03 01:00 - 2018-04-12 05:08 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-02 12:00 - 2019-10-03 14:36 - 000171640 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-10-27 07:48 - 2018-11-12 17:06 - 000000000 ____D C:\Users\November
2019-10-27 07:41 - 2017-07-02 12:09 - 000000000 ____D C:\Users\November\AppData\Roaming\Adobe
2019-10-27 07:30 - 2016-12-22 19:27 - 000000000 ____D C:\Users\Public\Documents\Adobe
2019-10-27 07:30 - 2016-12-22 19:27 - 000000000 ____D C:\ProgramData\Documents\Adobe
2019-10-27 00:44 - 2018-11-12 17:46 - 000000000 ____D C:\Users\November\AppData\Local\D3DSCache
2019-10-25 17:55 - 2017-07-02 12:14 - 000000000 ____D C:\Users\November\AppData\Local\CrashDumps
2019-10-18 17:47 - 2019-09-28 18:36 - 000000000 ____D C:\Users\November\Desktop\Harpreet1
2019-10-18 14:17 - 2019-07-06 15:56 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

==================== Files in the root of some directories ========

2018-11-10 17:12 - 2019-03-19 14:10 - 006387208 _____ () C:\Users\November\AppData\Local\dump007.dat
2018-10-08 13:08 - 2018-10-08 13:08 - 000000002 _____ () C:\Users\November\AppData\Local\imw.ini
2018-06-11 18:56 - 2018-06-11 18:56 - 000000017 _____ () C:\Users\November\AppData\Local\resmon.resmoncfg
2019-04-19 17:08 - 2019-04-19 17:08 - 000000003 _____ () C:\Users\November\AppData\Local\updater.log
2019-04-19 17:08 - 2019-04-19 17:08 - 000000425 _____ () C:\Users\November\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Thanks&Regards

Mayankjot Singh

Addition.txt FRST.txt

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Share this post


Link to post
Share on other sites

Hi,

The malware are still showing up in the malwarebyte scan. I have attached fix log.I have also attached the results of the scan. 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/16/19
Scan Time: 11:16 PM
Log File: 06f1e922-0899-11ea-a1aa-6cc217776a8e.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.13359
License: Expired

-System Information-
OS: Windows 10 (Build 17134.1006)
CPU: x64
File System: NTFS
User: hp\November

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 425101
Threats Detected: 8
Threats Quarantined: 0
Time Elapsed: 17 min, 6 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 8
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947, No Action By User, [6818], [436606],1.0.13359
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AD4C5429E10F4FF6C01840C20ABA344D7401209F, No Action By User, [6818], [436604],1.0.13359
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\DB77E5CFEC34459146748B667C97B185619251BA, No Action By User, [6818], [436611],1.0.13359
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF, No Action By User, [6818], [436613],1.0.13359
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947, No Action By User, [6818], [436606],1.0.13359
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AD4C5429E10F4FF6C01840C20ABA344D7401209F, No Action By User, [6818], [436604],1.0.13359
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\DB77E5CFEC34459146748B667C97B185619251BA, No Action By User, [6818], [436611],1.0.13359
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF, No Action By User, [6818], [436613],1.0.13359

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Fixlog.txt

Share this post


Link to post
Share on other sites

Hi,

 

browser in synced with my mobile phones and tablet.

If the problem persists and Chrome is Synced with other Devices check this out.

https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/

Execute the suggested fix.

Restart the computer normally.
===========

p.s.

Read the instructions carefully.
Where it is suggested to RESET THE SYNC DON'T.

Close the page.

Do the suggested fix in post No. 4.

After the restart and is all is well you can reset the Sync.

Let me know if the problem is solved.


 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.