Tweet
I have rerun FRST again just in case you will need the details:
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18.04.2019
Ran by Lenovo (administrator) on LENOVO-PC (20-04-2019 04:26:52)
Running from C:\Users\Lenovo\Downloads\FRST
Loaded Profiles: Lenovo (Available Profiles: Lenovo & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Conexant Systems, Inc. → Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Apple Inc. → Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AnchorFree Inc → AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Intel(R) Driver & Support Assistant → Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Apple Inc. → Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ELAN Microelectronics Corporation → ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() [File not signed] C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
(Plays.tv, LLC → Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(McAfee, Inc. → McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. → McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(McAfee, Inc. → McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper. exe
(Razer Inc. → Razer Inc.) D:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(TeamViewer GmbH → TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes Corporation → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(QIHU 360 SOFTWARE CO. LIMITED → QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(ELAN Microelectronics Corporation → ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation → ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Malwarebytes Corporation → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(IObit Information Technology → IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x6 4__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x6 4__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation → Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.e xe
(Intel Corporation - Intel® Management Engine Firmware → Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc → Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.ex e
(Google Inc → Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64. exe
(Microsoft Windows → Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Opera Software AS → Opera Software) C:\Users\Lenovo\AppData\Local\Programs\Opera\assis tant\browser_assistant.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.114 11.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPMaster.exe
(Malwarebytes Corporation → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
Failed to access process → AvLaunch.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Intel Corporation - Intel® Rapid Storage Technology → Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Windows → Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPUF.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPDU.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Software Asset Manager → Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwa reAssetManagerService.exe
(Opera Software AS → Opera Software) C:\Users\Lenovo\AppData\Local\Programs\Opera\launc her.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Opera Software AS → Opera Software) C:\Users\Lenovo\AppData\Local\Temp\opera autoupdate\installer.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows → Microsoft Corporation)
HKLM...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation → ELAN Microelectronics Corp.)
HKLM...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc → )
HKLM...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe [935104 2014-11-25] (Conexant Systems, Inc. → Conexant Systems, Inc.)
HKLM...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc. → Apple Inc.)
HKLM-x32...\Run: [vProt] => “C:\Program Files (x86)\AVG Web TuneUp\vprot.exe”
HKLM-x32...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
HKLM-x32...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-08-10] (Plays.tv, LLC → Plays.tv, LLC)
HKLM-x32...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-01] (Raptr, Inc → Raptr, Inc)
HKLM-x32...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [669248 2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.)
HKLM-x32...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [135968 2018-03-15] (Intel(R) Driver & Support Assistant → Intel)
HKLM-x32...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-18] (AVAST Software s.r.o. → AVAST Software)
HKU\S-1-5-19...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows → Microsoft Corporation)
HKU\S-1-5-20...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows → Microsoft Corporation)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-07] (Piriform Ltd → Piriform Ltd)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Run: [Opera Browser Assistant] => C:\Users\Lenovo\AppData\Local\Programs\Opera\assis tant\browser_assistant.exe [2480216 2019-02-12] (Opera Software AS → Opera Software)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
HKLM...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-08] ( ) [File not signed]
HKLM...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\system32\ff_vfw.dll [126976 2015-08-25] () [File not signed]
HKLM...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\SysWOW64\huffyuv.dll [39936 2004-05-19] (Disappearing Inc.) [File not signed]
HKLM...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-08] ( ) [File not signed]
HKLM...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-26] (hxxp://www.mp3dev.org/) [File not signed]
HKLM...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\SysWOW64\ff_vfw.dll [112128 2015-08-25] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Inst aller\chrmstp.exe [2019-04-19] (Google LLC → Google Inc.)
HKLM\Software...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] →
HKLM\Software...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] → C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProv ider.dll [2018-11-27] (McAfee, Inc. → McAfee, LLC.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter “C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter” “C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter”
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip..\Interfaces{8d45d7f2-23ec-402e-ba7c-d7e2681ab43c}: [DhcpNameServer] 192.168.0.1
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM → DefaultScope {A485DD13-1799-4E8B-8E0D-87A35529FC3C} URL =
SearchScopes: HKLM-x32 → DefaultScope {A485DD13-1799-4E8B-8E0D-87A35529FC3C} URL =
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. → Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. → Intel Security)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll No File
[HEADING=1]FireFox:[/HEADING]
FF DefaultProfile: 5556b60k.default-1555684723521
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Pr ofiles\5556b60k.default-1555684723521 [2019-04-20]
FF Extension: (Federated Learning Awesome Bar) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Pr ofiles\5556b60k.default-1555684723521\Extensionsfederated-learning-v2@shield.mozilla.org.xpi [2019-04-20]
FF Extension: (AdBlock) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Pr ofiles\5556b60k.default-1555684723521\Extensionsjid1-NIfFY2CA8fy1tg@jetpack.xpi [2019-04-20]
FF HKLM-x32...\Firefox\Extensions: [daplinkchecker@speedbit.com] - D:\Program Files (x86)\DAP\daplinkchecker
FF Extension: (DAP Link Checker) - D:\Program Files (x86)\DAP\daplinkchecker [2017-11-12] [Legacy] [not signed]
FF HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - D:\Program Files (x86)\DAP\DAPFireFox
FF Extension: (Download Accelerator Plus (DAP) extension) - D:\Program Files (x86)\DAP\DAPFireFox [2017-11-12] [Legacy] [not signed]
FF HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer → C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_ 113.dll [2018-03-22] (Adobe Systems Incorporated → )
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 → C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC → DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 → C:\WINDOWS\system32\npDeployJava1.dll [2014-11-25] (Oracle America, Inc. → Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 → C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation → Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDet ect64.dll [2014-04-28] (Adobe Systems Incorporated → Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer → C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_ 113.dll [2018-03-22] (Adobe Systems Incorporated → )
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin → C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\npsitesafety.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 → C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC → DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 → C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-09-02] (DivX, LLC → DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 → C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software → Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater → C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software → Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 → C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1 .dll [2018-03-22] (Oracle America, Inc. → Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 → C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-22] (Oracle America, Inc. → Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 → C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-04-01] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin → C:\Users\Lenovo\AppData\Roaming\raidcall\plugins\n prcplugin.dll [2014-05-27] (Raidcall) [File not signed]
FF Plugin-x32: @softnyxNpruntime → D:\Game\SoftnyxGame\NyxLauncherIS\npSoftnyx.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-19] (Google Inc → Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-19] (Google Inc → Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 → D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN → VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 → D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN → VideoLAN)
FF Plugin HKU\S-1-5-21-1925601759-1010797402-2804155008-1000: @zoom.us/ZoomVideoPlugin → C:\Users\Lenovo\AppData\Roaming\Zoom\bin\npzoomplu gin.dll [2017-11-14] (Zoom Video Communications, Inc. → Zoom Video Communications, Inc.)
[HEADING=1]Chrome:[/HEADING]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2019-04-20]
CHR Extension: (Slides) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2019-04-19]
CHR Extension: (AdLock ad blocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aemffjkmgcepimloclpkecifcn ipnodh [2019-04-19]
CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2019-04-19]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2019-04-19]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2019-04-19]
CHR Extension: (Sheets) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2019-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2019-04-19]
CHR Extension: (AdBlock) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom [2019-04-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2019-04-19]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2019-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2019-04-19]
CHR HKLM...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
[HEADING=1]Opera:[/HEADING]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-04-18]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. → ArcSoft Inc.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
S3 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [287264 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher → AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. → Apple Inc.)
R2 AUEPLauncher; C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe [9216 2018-01-31] () [File not signed]
S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceF orPowerDVD.exe [83240 2011-04-20] (CyberLink → )
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMS MonitorService.exe [70952 2011-03-31] (CyberLink → CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMS Server.exe [312616 2011-03-31] (CyberLink → CyberLink)
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc → Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc → Dropbox, Inc.)
S3 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2018-03-15] (Intel(R) Driver & Support Assistant → Intel)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products → )
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation → ELAN Microelectronics Corp.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [53120 2018-04-10] (AnchorFree Inc → AnchorFree Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology → Intel Corporation)
S3 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373688 2017-06-12] (Intel(R) pGFX → Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service → Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwa reAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager → Intel Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit Information Technology → IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware → Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation → Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation → Microsoft Corporation)
R2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.0\my.ini [9263 2017-02-03] () [File not signed]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7780848 2017-11-29] (INCA Internet Co.,Ltd. → INCA Internet Co., Ltd.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-10] (Plays.tv, LLC → Plays.tv, LLC)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [965184 2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. → Riverbed Technology, Inc.)
R2 RzKLService; D:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc. → Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-15] (Microsoft Windows Publisher → Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation → Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH → TeamViewer GmbH)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [352688 2018-11-27] (McAfee, Inc. → McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [352688 2018-11-27] (McAfee, Inc. → McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper. exe [194168 2018-11-27] (McAfee, Inc. → McAfee, LLC.)
S4 UDisk Monitor; D:\Program Files\Modem AC2726 UI\bin\MonServiceUDisk64.exe [407040 2009-09-23] () [File not signed]
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products → )
S3 VSStandardCollectorService140; D:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.S ervice.exe [108776 2016-09-06] (Microsoft Corporation → Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation → Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation → Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe [105064 2018-07-25] (Wondershare Technology Co.,Ltd → Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [192600 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [340568 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [443992 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R1 360netmon; C:\WINDOWS\System32\DRIVERS\360netmon.sys [96424 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R3 AFTrafMgr1.4; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [56840 2018-04-04] (AnchorFree Inc → AnchorFree Inc.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [26706464 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher → Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [518176 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher → Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc. → Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows → Qualcomm Atheros Communications, Inc.)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [211160 2018-12-21] (Beijing Qihu Technology Co., Ltd. → 360.cn)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher → Qualcomm Atheros)
S3 CYUSB3; C:\WINDOWS\System32\Drivers\CYUSB3.sys [90536 2018-08-12] (Cypress Semiconductor Corporation → Cypress Semiconductor)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-04-19] (Malwarebytes Corporation → Malwarebytes)
S3 GunBod; C:\WINDOWS\system32\gunbod64.sys [84384 2017-02-09] (Beijing Apex Weifeng Technology Co.,Ltd. → )
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sy s [37184 2018-10-16] (IObit Information Technology → IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.s ys [43392 2018-10-16] (IObit Information Technology → IObit)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-31] (Logitech → Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-04-19] (Malwarebytes Corporation → Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher → Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-04-20] (Malwarebytes Corporation → Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-04-20] (Malwarebytes Corporation → Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-20] (Malwarebytes Corporation → Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-04-20] (Malwarebytes Corporation → Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware → Intel Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher → Apple Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. → Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek Semiconductor Corp → Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realtek Semiconductor Corp → Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp → Realtek Semiconductor Corp.)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-14] (Razer Inc. → Razer Inc)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] (Intel(R) Code Signing External → )
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-08-23] (AnchorFree Inc → Anchorfree Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher → Apple, Inc.)
S3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7. sys [41192 2015-11-07] (Vincent Burel → Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows → Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows → Microsoft Corporation)
R2 WtfEngineDrv; C:\WINDOWS\system32\DRIVERS\WtfEngineDrv.sys [37872 2016-05-20] (Initex, OOO → AAA Internet Publishing, Inc.)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-12-21] (Beijing Duodian Online Science and Technology Co.,Ltd → BigNox Corporation)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fc l [148976 2011-04-12] (CyberLink → CyberLink Corp.)
U3 aswbdisk; no ImagePath
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-20 04:30 - 2019-04-20 04:31 - 000000000 ____D C:\Users\Lenovo\Desktop\Comp Tool
2019-04-20 04:30 - 2019-04-20 04:30 - 000012371 _____ C:\Users\Lenovo\Desktop\bookmarks_20_04_2019.html
2019-04-20 04:20 - 2019-04-20 04:20 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-04-20 04:19 - 2019-04-20 04:19 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-04-20 04:19 - 2019-04-20 04:19 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-04-20 04:18 - 2019-04-20 04:18 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-20 04:12 - 2019-04-20 04:26 - 000000000 ____D C:\Users\Lenovo\Downloads\FRST
2019-04-20 00:38 - 2019-04-20 00:38 - 000000000 ____D C:\Users\Lenovo\Desktop\Old Firefox Data
2019-04-20 00:36 - 2019-04-20 00:36 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Mozilla
2019-04-19 14:09 - 2019-04-19 14:09 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbam
2019-04-19 14:08 - 2019-04-19 14:08 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-04-19 14:04 - 2019-04-19 14:04 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbamtray
2019-04-19 14:03 - 2019-04-19 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-19 14:03 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-19 13:03 - 2019-04-19 13:03 - 001214008 _____ (Google LLC) C:\Users\Lenovo\Downloads\ChromeSetup.exe
2019-04-19 13:03 - 2019-04-19 13:03 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-19 13:03 - 2019-04-19 13:03 - 000002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000001222 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-19 12:45 - 2019-04-19 12:45 - 000000000 ____D C:\Users\Lenovo\Downloads\FRST-OlderVersion
2019-04-19 10:06 - 2019-04-19 10:19 - 000003530 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineU A
2019-04-19 10:06 - 2019-04-19 10:19 - 000003406 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineC ore
2019-04-19 09:59 - 2019-04-19 09:59 - 001622528 _____ C:\Users\Lenovo\Downloads\resetbrowser.exe
2019-04-19 09:47 - 2019-04-19 09:49 - 005208384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-19 09:42 - 2019-04-19 09:44 - 000000000 ____D C:\AdwCleaner
2019-04-19 02:14 - 2019-04-19 12:53 - 000084516 _____ C:\Users\Lenovo\Downloads\Addition.txt
2019-04-19 02:10 - 2019-04-20 04:26 - 000000000 ____D C:\FRST
2019-04-19 02:10 - 2019-04-19 12:53 - 000072532 _____ C:\Users\Lenovo\Downloads\FRST.txt
2019-04-19 01:58 - 2019-04-19 01:58 - 037133296 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer (2).exe
2019-04-19 01:24 - 2019-04-19 01:24 - 037133296 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer (1).exe
2019-04-18 13:15 - 2019-04-19 13:03 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-18 13:15 - 2019-04-18 13:16 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Google clean
2019-04-18 12:52 - 2019-04-18 12:52 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2019-04-18 12:50 - 2019-04-20 04:24 - 000000000 ____D C:\ProgramData\ProductData
2019-04-18 12:50 - 2019-04-18 12:51 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\IObit
2019-04-18 12:50 - 2019-04-18 12:50 - 000002950 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Leno vo
2019-04-18 12:49 - 2019-04-18 12:55 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\IObit
2019-04-18 12:49 - 2019-04-18 12:54 - 000000000 ____D C:\ProgramData\IObit
2019-04-18 12:49 - 2019-04-18 12:49 - 000001430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2019-04-18 12:49 - 2019-04-18 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2019-04-18 12:49 - 2019-04-18 12:49 - 000000000 ____D C:\Program Files (x86)\IObit
2019-04-18 12:30 - 2019-04-20 04:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-04-18 12:30 - 2019-04-18 12:30 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-04-13 05:25 - 2019-04-13 05:25 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-10 09:53 - 2019-04-02 14:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 09:53 - 2019-03-15 00:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 09:53 - 2019-03-14 18:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 09:53 - 2019-03-14 18:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.d ll
2019-04-10 09:53 - 2019-03-14 18:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 09:53 - 2019-03-14 18:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-10 09:53 - 2019-03-14 18:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-10 09:53 - 2019-03-14 17:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 09:53 - 2019-03-14 17:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-10 09:53 - 2019-03-14 17:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 09:52 - 2019-04-02 22:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 09:52 - 2019-04-02 22:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 09:52 - 2019-04-02 22:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 09:52 - 2019-04-02 22:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 09:52 - 2019-04-02 22:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 09:52 - 2019-04-02 22:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 09:52 - 2019-04-02 22:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 09:52 - 2019-04-02 22:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 09:52 - 2019-04-02 22:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 09:52 - 2019-04-02 22:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 09:52 - 2019-04-02 22:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 09:52 - 2019-04-02 22:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 09:52 - 2019-04-02 22:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 09:52 - 2019-04-02 19:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 09:52 - 2019-04-02 19:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 09:52 - 2019-04-02 19:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 09:52 - 2019-04-02 19:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 09:52 - 2019-04-02 19:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 09:52 - 2019-04-02 19:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 09:52 - 2019-04-02 19:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 09:52 - 2019-04-02 19:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 09:52 - 2019-04-02 19:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 09:52 - 2019-04-02 18:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 09:52 - 2019-04-02 18:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 09:52 - 2019-04-02 18:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-10 09:52 - 2019-04-02 18:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
2019-04-10 09:52 - 2019-04-02 18:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 09:52 - 2019-04-02 18:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 09:52 - 2019-04-02 18:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 09:52 - 2019-04-02 18:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 09:52 - 2019-04-02 18:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 09:52 - 2019-04-02 18:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 09:52 - 2019-04-02 18:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 09:52 - 2019-04-02 18:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 09:52 - 2019-04-02 18:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 09:52 - 2019-04-02 18:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 09:52 - 2019-04-02 17:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 09:52 - 2019-04-02 17:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 09:52 - 2019-04-02 17:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 09:52 - 2019-04-02 17:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 09:52 - 2019-04-02 17:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 09:52 - 2019-04-02 17:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 09:52 - 2019-04-02 17:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 09:52 - 2019-04-02 17:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
2019-04-10 09:52 - 2019-04-02 17:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 09:52 - 2019-04-02 17:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 09:52 - 2019-04-02 17:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 09:52 - 2019-04-02 17:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 09:52 - 2019-04-02 17:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
2019-04-10 09:52 - 2019-04-02 17:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 09:52 - 2019-04-02 17:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 09:52 - 2019-04-02 17:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 09:52 - 2019-04-02 17:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 09:52 - 2019-04-02 17:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 09:52 - 2019-04-02 16:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-10 09:52 - 2019-04-02 15:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayR eady.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 09:52 - 2019-04-02 14:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 09:52 - 2019-04-02 14:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 09:52 - 2019-04-02 14:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 09:52 - 2019-04-02 14:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 09:52 - 2019-03-16 22:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapt ure.dll
2019-04-10 09:52 - 2019-03-16 19:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapt ure.dll
2019-04-10 09:52 - 2019-03-15 00:55 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 001626928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 09:52 - 2019-03-15 00:52 - 001424696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000954160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-04-10 09:52 - 2019-03-15 00:52 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-04-10 09:52 - 2019-03-15 00:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 09:52 - 2019-03-15 00:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-10 09:52 - 2019-03-15 00:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 09:52 - 2019-03-15 00:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 09:52 - 2019-03-15 00:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 09:52 - 2019-03-15 00:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 09:52 - 2019-03-15 00:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 09:52 - 2019-03-15 00:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 09:52 - 2019-03-15 00:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dl l
2019-04-10 09:52 - 2019-03-15 00:29 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 09:52 - 2019-03-15 00:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 09:52 - 2019-03-15 00:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-10 09:52 - 2019-03-14 23:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 09:52 - 2019-03-14 23:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 09:52 - 2019-03-14 23:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dl l
2019-04-10 09:52 - 2019-03-14 23:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 09:52 - 2019-03-14 23:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 09:52 - 2019-03-14 23:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-10 09:52 - 2019-03-14 18:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 09:52 - 2019-03-14 18:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 09:52 - 2019-03-14 18:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 09:52 - 2019-03-14 18:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 09:52 - 2019-03-14 18:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 09:52 - 2019-03-14 18:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 09:52 - 2019-03-14 18:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 09:52 - 2019-03-14 18:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 09:52 - 2019-03-14 18:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 09:52 - 2019-03-14 18:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 09:52 - 2019-03-14 18:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 09:52 - 2019-03-14 18:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 09:52 - 2019-03-14 18:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 09:52 - 2019-03-14 18:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 09:52 - 2019-03-14 18:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-10 09:52 - 2019-03-14 18:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 09:52 - 2019-03-14 18:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 09:52 - 2019-03-14 18:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 09:52 - 2019-03-14 18:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Work flow.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-10 09:52 - 2019-03-14 18:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-10 09:52 - 2019-03-14 18:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 09:52 - 2019-03-14 18:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 09:52 - 2019-03-14 17:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 09:52 - 2019-03-14 17:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 09:52 - 2019-03-14 17:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 09:52 - 2019-03-14 17:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dl l
2019-04-10 09:52 - 2019-03-14 17:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 09:52 - 2019-03-14 17:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 09:52 - 2019-03-14 17:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 09:52 - 2019-03-14 17:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.d ll
2019-04-10 09:52 - 2019-03-14 17:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 09:52 - 2019-03-14 17:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Work flow.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 09:52 - 2019-03-14 17:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 09:52 - 2019-03-14 17:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 09:52 - 2019-03-14 17:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 09:52 - 2019-03-14 17:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-09 03:02 - 2019-04-09 03:02 - 000000000 ____D C:\ProgramData\Hankuper
2019-04-09 03:02 - 2019-04-09 03:02 - 000000000 ____D C:\Program Files\AdLock
2019-04-09 02:58 - 2019-04-09 02:58 - 036153840 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer.exe
2019-04-09 00:08 - 2019-04-09 00:08 - 003976665 _____ C:\Users\Lenovo\Downloads\Mega Man Battle Network 2 (USA).zip
2019-04-06 18:30 - 2019-04-06 18:30 - 000364952 _____ C:\Users\Lenovo\Downloads\download.pdf
2019-04-05 11:04 - 2019-04-05 11:04 - 000192384 _____ C:\Users\Lenovo\Downloads\9299 (1) (1).pdf
2019-04-05 11:02 - 2019-04-05 11:02 - 000182444 _____ C:\Users\Lenovo\Downloads\9299 (1).pdf
2019-04-05 11:00 - 2019-04-05 11:00 - 000182444 _____ C:\Users\Lenovo\Downloads\929 (1).pdf
2019-04-05 10:00 - 2019-04-05 10:00 - 000338279 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1) (1)[1145].pdf
2019-04-01 15:19 - 2019-04-01 15:19 - 000182444 _____ C:\Users\Lenovo\Downloads\929.pdf
2019-04-01 15:01 - 2019-04-01 15:01 - 000233489 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1) (1).pdf
2019-03-31 01:33 - 2019-03-31 01:33 - 000000000 ____D C:\Users\Lenovo\Downloads\New folder
2019-03-27 12:24 - 2019-03-27 12:24 - 000233489 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1).pdf
2019-03-25 13:27 - 2019-03-25 13:27 - 000063894 _____ C:\Users\Lenovo\Downloads\Albert - Akta lahir.pdf
2019-03-25 13:02 - 2019-03-25 13:02 - 001771175 _____ C:\Users\Lenovo\Downloads\Statement20181231.pdf
2019-03-25 13:01 - 2019-03-25 13:01 - 000116172 _____ C:\Users\Lenovo\Downloads\scoreReport (2).pdf
2019-03-21 23:11 - 2019-03-23 15:36 - 000000000 ____D C:\ProgramData\Stardock
2019-03-21 23:11 - 2019-03-21 23:11 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Stardock
2019-03-21 23:10 - 2019-03-21 23:10 - 000000000 ____D C:\Users\Lenovo\Documents\My Games
2019-03-21 23:10 - 2019-03-21 23:10 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\MohawkGames
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-20 04:30 - 2014-12-30 12:34 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2019-04-20 04:21 - 2018-04-12 09:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-20 04:19 - 2018-04-12 09:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-20 04:18 - 2018-05-26 17:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-20 04:18 - 2018-03-22 23:45 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-04-20 04:18 - 2014-11-25 18:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-20 04:16 - 2018-04-12 07:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-20 04:15 - 2016-12-09 20:20 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Temp
2019-04-20 04:14 - 2009-07-14 13:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-04-20 02:39 - 2018-05-26 17:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-20 00:38 - 2016-12-21 04:23 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2019-04-20 00:36 - 2014-11-25 18:39 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Mozilla
2019-04-19 14:07 - 2018-03-22 23:25 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-19 14:03 - 2018-04-12 09:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-19 12:57 - 2018-03-25 06:00 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-04-19 12:47 - 2018-03-22 21:37 - 000000000 ____D C:\ProgramData\360safe
2019-04-19 12:47 - 2014-11-25 18:39 - 000000000 ____D C:\ProgramData\Mozilla
2019-04-19 10:24 - 2018-03-22 21:37 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\360WD
2019-04-19 10:08 - 2018-03-22 21:37 - 000000000 _RSHD C:\360SANDBOX
2019-04-19 10:01 - 2018-03-22 22:30 - 000000000 __SHD C:$360Section
2019-04-19 10:01 - 2018-03-22 22:05 - 000000000 ____D C:\ProgramData\360Quarant
2019-04-19 09:47 - 2018-03-25 05:46 - 000000000 ____D C:\Program Files (x86)\Driver Support
2019-04-19 04:48 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-19 02:36 - 2017-09-30 14:04 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Albion Online
2019-04-19 02:35 - 2019-02-26 14:27 - 000000000 ____D C:\WINDOWS\Minidump
2019-04-18 15:45 - 2017-12-30 07:35 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2019-04-18 13:26 - 2017-10-16 00:08 - 000000000 ____D C:\ProgramData\Package Cache
2019-04-18 13:26 - 2017-05-27 00:44 - 000000000 ____D C:\ProgramData\Adguard
2019-04-18 13:26 - 2017-05-27 00:43 - 000000000 ____D C:\Program Files (x86)\Adguard
2019-04-18 12:32 - 2015-09-12 20:58 - 000000000 ____D C:\Users\Lenovo\AppData\Local\TeamViewer
2019-04-18 12:30 - 2018-05-26 17:10 - 000000000 ____D C:\Users\DefaultAppPool
2019-04-18 12:30 - 2015-09-12 20:45 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\TeamViewer
2019-04-18 10:28 - 2018-03-22 21:37 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360safe
2019-04-18 10:20 - 2018-05-26 17:10 - 000000000 ____D C:\Users\Lenovo
2019-04-18 10:14 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-18 03:57 - 2018-03-24 19:05 - 000000428 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2019-04-18 03:50 - 2019-02-16 23:48 - 000003752 _____ C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1550324909
2019-04-18 03:50 - 2018-05-26 17:40 - 000003752 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-18 03:50 - 2018-05-26 17:40 - 000003556 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan
2019-04-18 03:50 - 2018-05-26 17:40 - 000002970 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2019-04-18 03:50 - 2018-05-26 17:40 - 000002646 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2019-04-18 03:50 - 2018-05-26 17:40 - 000002604 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2019-04-18 03:50 - 2018-05-26 17:40 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-04-18 03:50 - 2018-05-26 17:40 - 000002202 _____ C:\WINDOWS\System32\Tasks\StartCN
2019-04-18 03:48 - 2019-03-18 21:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-04-18 01:12 - 2017-09-28 20:12 - 000061060 _____ C:\Users\Lenovo\Desktop\Share.xlsx
2019-04-17 19:52 - 2018-04-12 09:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-16 13:23 - 2018-12-26 22:02 - 000019344 _____ C:\Users\Lenovo\Desktop\Mascot-202-RENT.xlsx
2019-04-13 19:26 - 2016-09-22 12:11 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\vlc
2019-04-13 05:25 - 2019-03-18 21:25 - 000476264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1af7b8ca475981fe.tm p
2019-04-12 03:45 - 2018-05-27 10:37 - 000503220 _____ C:\WINDOWS\system32\perfh011.dat
2019-04-12 03:45 - 2018-05-27 10:37 - 000145096 _____ C:\WINDOWS\system32\perfc011.dat
2019-04-12 03:45 - 2018-05-26 17:09 - 001571872 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-12 02:47 - 2018-03-22 21:47 - 000001443 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Opera Browser.lnk
2019-04-11 18:06 - 2018-03-22 21:38 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360TotalSecurity
2019-04-11 17:47 - 2018-04-12 19:20 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-10 10:03 - 2018-04-12 09:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 09:51 - 2015-03-13 02:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 09:44 - 2015-03-13 02:42 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-07 23:23 - 2018-03-22 21:48 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360DrvMgr
2019-04-05 21:35 - 2017-09-29 19:45 - 000000000 ____D C:\Program Files\rempl
2019-04-02 03:51 - 2018-11-18 11:45 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-02 03:51 - 2018-11-18 11:45 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-26 08:20 - 2019-02-19 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2019-03-26 07:28 - 2019-03-18 21:25 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-21 15:57 - 2017-08-11 00:34 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Steam
==================== Files in the root of some directories =======
2017-05-27 00:44 - 2018-06-15 09:49 - 000000267 _____ () C:\ProgramData\fontcacheev1.dat
2018-08-13 21:01 - 2018-06-14 21:01 - 000000032 ____R () C:\ProgramData\hash.dat
2015-10-04 11:58 - 2015-10-04 11:58 - 000000097 _____ () C:\Users\Lenovo\AppData\Roaming\settings.xml
2015-04-25 14:16 - 2015-04-25 14:16 - 000000054 _____ () C:\Users\Lenovo\AppData\Roaming\updater.cfg
2015-11-09 13:55 - 2015-11-30 19:16 - 000002856 _____ () C:\Users\Lenovo\AppData\Roaming\VoiceMeeterDefault .xml
2016-09-23 11:37 - 2017-01-05 11:54 - 000000202 _____ () C:\Users\Lenovo\AppData\Roaming_encryptiondb.grf
2014-11-26 19:09 - 2014-11-26 19:09 - 000000038 ___SH () C:\Users\Lenovo\AppData\Local\1754111884ee9ab5277c a00.95260103
2014-12-26 00:02 - 2016-06-26 16:10 - 000007603 _____ () C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-26 17:01
==================== End of FRST.txt ============================
[HEADING=1]Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.04.2019
Ran by Lenovo (20-04-2019 04:31:36)
Running from C:\Users\Lenovo\Downloads\FRST
Windows 10 Pro Version 1803 17134.706 (X64) (2018-05-26 07:41:06)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================
Administrator (S-1-5-21-1925601759-1010797402-2804155008-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1925601759-1010797402-2804155008-503 - Limited - Disabled)
Guest (S-1-5-21-1925601759-1010797402-2804155008-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1925601759-1010797402-2804155008-1002 - Limited - Enabled)
Lenovo (S-1-5-21-1925601759-1010797402-2804155008-1000 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-1925601759-1010797402-2804155008-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: 360 Total Security (Disabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Disabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM...{3D383E25-72E7-4F09-AA1C-9ADE6A2EF42F}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32...{0C9A6167-6560-4085-9C35-EDB1AE105328}) (Version: 3.2.0.9 - Intel) Hidden
360 Total Security (HKLM-x32...\360TotalSecurity) (Version: 10.2.0.1180 - 360 Security Center)
3DP Chip Lite v17.11.1 (HKLM-x32...\3DP Chip Lite) (Version: v17.11.1 - 3DP)
ACDSee Pro 3 (HKLM-x32...{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.355 - ACD Systems International Inc.)
Active Directory Authentication Library for SQL Server (HKLM...{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32...{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
AdLock (HKLM...{26D2159D-4BE2-43A4-9E68-F0594DF0295C}) (Version: 1.0.2.2 - Hankuper) Hidden
Adobe Flash Player 29 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32...\Adobe Flash Player PPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
AMD Settings (HKLM...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
AMD Software (HKLM...\AMD Catalyst Install Manager) (Version: 18.2.1 - Advanced Micro Devices, Inc.)
Anathena (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\242cfcc8731b6ee3) (Version: 3.3.8.0 - Anathena)
Any Video Converter 6.2.5 (HKLM-x32...\Any Video Converter) (Version: 6.2.5 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32...{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM...{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Application Support (HKLM-x32...{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM...{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32...{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Apple Software Update (HKLM-x32...{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM-x32...{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.189 - ArcSoft)
AVG 2015 (HKLM...{6E4BAAF0-7F23-41E5-B16B-4727B6FC0C6F}) (Version: 15.0.6081 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
Battle.net (HKLM-x32...\Battle.net) (Version: - Blizzard Entertainment)
BattlePing (HKLM-x32...{DB480AC3-1578-B8DC-3F8F-786A2A4E3BC7}) (Version: 1.3.7.1 - BattlePing)
Bonjour (HKLM...{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM...{15EEB07A-3FB9-FA4C-8EFF-697728CB1E5C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM...{A63E3031-0522-18C6-F18F-7EE80973315F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM...{A2966D0F-43BB-116D-C9C7-49612FBFD0AE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM...{4C608ED2-535B-2119-3661-9E6F7DDB600F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM...{9005C809-497A-FD45-CB96-76A3338E35B9}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM...{D84300A6-72F1-5771-B3B1-8FC71184AB38}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM...{56D13277-FA9F-2842-682D-DD7298973585}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM...{8D0C7788-D519-7B65-36F6-D0D21296F173}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM...{930FD2C7-D026-197D-94E4-CB5917CE7420}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM...{086D11E3-9CA4-DBEF-2B48-5A2EFFD53145}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM...{D0C1EAB6-92F1-EE91-04C2-5947EE150593}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM...{57EAA61A-CD02-DF34-0839-2549F57A334C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM...{AA477FD2-347B-1732-5D8C-AF35AF1B9703}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM...{BBFC5953-2CB9-5932-1D47-52E4AA99737B}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM...{01E7D692-D785-743F-5A55-F00162D26A1C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM...{5D8BA452-1264-7D13-E4EC-8236EC5B83FE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM...{F49BA906-83DA-3F5A-5B24-03C8DE2A3936}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM...{5A466CAA-F071-D9EF-A799-EF63552DBE70}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM...{D7DC4DDB-3E0D-6F79-4258-4A461654B689}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM...{ACDFF800-6015-BEEC-8A27-7B1A80915273}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM...{A28B1FC5-3947-9D39-7FE5-A3CB18E16358}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM...\CCleaner) (Version: 5.41 - Piriform)
Cheat Engine 6.6 (HKLM-x32...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32...{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32...{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32...{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PowerDVD 11 (HKLM-x32...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1620.51 - CyberLink Corp.)
D3DX10 (HKLM-x32...{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX H.264 decoder 8.2.0.26 (HKLM-x32...\divxh264_is1) (Version: 8.2.0.26 - )
DivX Setup (HKLM-x32...\DivX Setup) (Version: 2.7.0.93 - DivX, LLC)
Dolby Digital Plus Advanced Audio (HKLM...{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dolby Digital Plus Home Theater (HKLM...{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Driver Easy 5.6.1 (HKLM...\DriverEasy_is1) (Version: 5.6.1 - Easeware)
Dropbox (HKLM-x32...\Dropbox) (Version: 45.4.92 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32...{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Energy Management (HKLM-x32...{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo) Hidden
Energy Management (HKLM-x32...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
eNexia version 749.0 (HKLM-x32...{8C3EC8A8-70A1-4298-BD7D-3CD7DAE20D64}_is1) (Version: 749.0 - eNexiaTK)
Free Download Manager (HKLM...{43781dff-e0df-49ce-a6d2-47da96a485e7}}is1) (Version: - FreeDownloadManager.ORG)
Google Chrome (HKLM-x32...{8CAF1821-50A9-3971-88C2-371AACE003E1}) (Version: 73.0.3683.103 - Google LLC)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GRF Editor version 1.7.9 (HKLM-x32...\GRF Editor_is1) (Version: 1.7.9 - )
Hearthstone (HKLM-x32...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\HearthstoneDeckTracker) (Version: 1.7.6 - HearthSim)
Hotspot Shield 7.6.4 (HKLM-x32...{AF599C42-A2E5-4251-B7EE-4925C187EDD1}) (Version: 7.6.4.10926 - AnchorFree Inc.) Hidden
Hotspot Shield 7.6.4 (HKLM-x32...{f0473374-de13-4075-b4ef-5847e91e1d6a}) (Version: 7.6.4.10926 - AnchorFree Inc.)
Hotspot Shield 7.6.4 (HKLM-x32...\HotspotShield) (Version: 7.6.4 - AnchorFree Inc.) Hidden
HxD Hex Editor version 1.7.7.0 (HKLM-x32...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
IIS 10.0 Express (HKLM...{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
Intel(R) Chipset Device Software (HKLM-x32...{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM...{699E6891-25C3-443A-9B8E-80C74F0172C8}) (Version: 2.1.03413 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32...{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM...{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32...{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32...{4d839fe1-a8d3-4edc-b0ca-844394309856}) (Version: 3.2.0.9 - Intel)
IObit Uninstaller 8 (HKLM-x32...\IObitUninstall) (Version: 8.4.0.8 - IObit)
iTunes (HKLM...{1D7D1271-5258-4F5A-B8C1-7176BF398782}) (Version: 12.7.3.46 - Apple Inc.)
Java 8 Update 161 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
K-Lite Mega Codec Pack 14.0.5 (HKLM-x32...\KLiteCodecPack_is1) (Version: 14.0.5 - KLCP)
Lenovo EasyCamera (HKLM-x32...{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Logitech Gaming Software 8.57 (HKLM...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Magic Bullet Suite 64-bit (HKLM...{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32...\InstallShield{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Malwarebytes version 3.7.1.2839 (HKLM...{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee True Key (HKLM...\TrueKey) (Version: 5.2.167.1 - McAfee, LLC)
mHotspot version 7.8.8.0 (HKLM-x32...{beeb7906-9268-4520-8850-8d8af9b1c7c8}is1) (Version: 7.8.8.0 - 1BN Software & IT Solutions Pvt. Ltd.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32...{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32...{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32...{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32...{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (日本語) (HKLM-x32...{9A330858-0CD6-4FB3-8C57-0F1BB58012B0}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32...{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32...{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (日本語) (HKLM-x32...{903C5477-BA28-4CFC-8BE4-62E3C328D4DD}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32...{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32...{90120000-0030-0000-0000-0000000FF1CE}ENTERPRISE{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32...{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM...{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32...{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32...{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM...{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM...{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM...{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM...{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32...{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM...{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM...{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32...{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM...{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32...{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM...{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32...{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM...{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32...{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM...{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM...{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32...{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM...{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU (HKLM-x32...{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Database Providers (x86) ENU (HKLM-x32...{296E293F-C481-4DDE-9ED2-3F79FCF38731}) (Version: 3.1.1648.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM...{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32...{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM...{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32...{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32...{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM...{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32...{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32...{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32...{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM...{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM...{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Modem AC2726 UI (HKLM...\ZTEWireless-101_is1) (Version: - )
MornaTK Installer (HKLM-x32...{BCD1C4AD-EB1A-40DF-A838-2AF8C45B5942}) (Version: 1.0 - MornaTales)
Movavi Video Converter 18 Premium (HKLM-x32...\Movavi Video Converter 18 Premium) (Version: 18.3.0 - Movavi)
Movie Maker (HKLM-x32...{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32...{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 66.0.3 (x86 en-US) (HKLM-x32...\Mozilla Firefox 66.0.3 (x86 en-US)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
Mumble 1.2.19 (HKLM-x32...{F62A874F-2354-49B1-87BE-CAAD7C8FA084}) (Version: 1.2.19 - Thorvald Natvig)
MYOB AccountRight Plus v19.12.0 ED (HKLM-x32...{27D4F4A7-5A34-4657-9E78-D6B1E87C8A90}) (Version: 19.12.0 - MYOB Technology Pty Ltd) Hidden
MYOB AccountRight Plus v19.12.0 ED (HKLM-x32...\InstallShield{27D4F4A7-5A34-4657-9E78-D6B1E87C8A90}) (Version: 19.12.0 - MYOB Technology Pty Ltd)
MYOB ODBC Direct v10 AUS (HKLM-x32...{55D5A77E-FAAA-4358-B3E5-6565E024F78B}) (Version: 10.1.0 - MYOB Technology Pty Ltd) Hidden
MYOB ODBC Direct v10 AUS (HKLM-x32...\InstallShield{55D5A77E-FAAA-4358-B3E5-6565E024F78B}) (Version: 10.1.0 - MYOB Technology Pty Ltd)
MySQL Installer - Community (HKLM-x32...{4553E209-560C-451E-9DE9-E6B812D32B8C}) (Version: 1.4.8.0 - Oracle Corporation)
MySQL Server 5.0 (HKLM-x32...{2FEB25F8-C3CB-49A2-AE79-DE17FFAFB5D9}) (Version: 5.0.45 - MySQL AB)
MySQL Tools for 5.0 (HKLM-x32...{EC561602-C0B9-4FAA-A175-1B3273639AC3}) (Version: 5.0.12 - MySQL AB)
Notepad++ (32-bit x86) (HKLM-x32...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NovaRO (HKLM-x32...\NovaRO_is1) (Version: 6.0.0 - NovaRO)
Nox APP Player (HKLM-x32...\Nox) (Version: 6.0.1.1 - Duodian Technology Co. Ltd.)
OBS Studio (HKLM-x32...\OBS Studio) (Version: 21.1.2 - OBS Project)
OEM Application Profile (HKLM-x32...{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Opera Stable 58.0.3135.127 (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
Pingzapper version 2.1.2 (HKLM-x32...{7FD61982-5436-439B-B5D0-36F0536FF8BF}_is1) (Version: 2.1.2 - Pingzapper)
PlayNexia II (HKLM-x32...\PlayNexia II) (Version: - )
PlaysTV (HKLM-x32...\PlaysTV) (Version: 1.13.1-r115223-release - Plays.tv, LLC)
Pokémon World Online Uninstaller (HKLM-x32...{6B67E1A1-1D62-4BDC-8C60-07FDF25CA975}_is1) (Version: 1.97 - PWO Team)
Prerequisites for SSDT (HKLM-x32...{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32...{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
PX Profile Update (HKLM-x32...{230C6C56-D930-2D7A-CF62-9BE26FAEE260}) (Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32...{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Ragnarok Online (HKLM-x32...{181579B5-0028-4E01-AC27-97ED80352279}) (Version: 14.2.5 - Gravity Interactive, Inc.)
Raptr (HKLM-x32...\Raptr) (Version: 5.1.1-r111306-release - Raptr, Inc)
Razer Game Booster (HKLM-x32...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
Realtek Card Reader (HKLM-x32...{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32...{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32...{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.30.0239 - REALTEK Semiconductor Corp.)
Roslyn Language Services - x86 (HKLM-x32...{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Safari (HKLM-x32...{A08BAD08-9AA3-410F-98F3-C92C8EE37218}) (Version: 5.34.54.16 - Apple Inc.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skype™ 7.26 (HKLM-x32...{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Speccy (HKLM...\Speccy) (Version: 1.31 - Piriform)
Spotify (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
Sql Server Customer Experience Improvement Program (HKLM...{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32...{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32...{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32...{90120000-0030-0000-0000-0000000FF1CE}ENTERPRISE{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM...{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32...{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM...{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM-x32...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
Visual Studio 2012 x64 Redistributables (HKLM...{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32...{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32...\VLC media player) (Version: 3.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (64-bit) (HKLM...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.0) (HKLM...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32...{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare PDFelement 6 Pro(Build 6.8.6) (HKLM-x32...{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.8.6.4121 - Wondershare Software Co.,Ltd.)
Wondershare Video Converter Ultimate(Build 10.3.0.178) (HKLM-x32...\Video Converter Ultimate_is1) (Version: 10.3.0.178 - Wondershare Software)
World of Warcraft (HKLM-x32...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32...\xampp) (Version: 7.1.1-0 - Bitnami)
Zoom (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID{00020420-0000-0000-C000-000000000046}\InprocServer32 → C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows → Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID{00020424-0000-0000-C000-000000000046}\InprocServer32 → C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows → Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID{E31EA727-12ED-4702-820C-4B6445F28E1A} → [Dropbox] => C:\Users\Lenovo\Dropbox [2015-07-07 16:17]
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID{f1d8036a-7f48-43e4-8045-dbcb4e742507}\InprocServer32 → C:\WINDOWS\system32\dfshim.dll (Microsoft Windows → Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation → Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] → {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] → {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] → {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] → {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] → {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] → {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] → {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] → {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] → {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] → {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] → {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] → {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] → {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] → {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] → {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] → {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] → {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] → {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] → {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] → {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] → {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ → )
ContextMenuHandlers1: [DropboxExt] → {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ContextMenuHandlers1: [IObitUnstaler] → {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology → IObit)
ContextMenuHandlers1: [SD360] → {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED → )
ContextMenuHandlers1: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-02-25] (win.rar GmbH → Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-02-25] (win.rar GmbH → Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation → Malwarebytes)
ContextMenuHandlers4: [DropboxExt] → {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ContextMenuHandlers4: [IObitUnstaler] → {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology → IObit)
ContextMenuHandlers4: [SD360] → {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED → )
ContextMenuHandlers5: [ACE] → {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-06-28] (Advanced Micro Devices, Inc. → Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] → {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] → {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher → Intel Corporation)
ContextMenuHandlers6: [IObitUnstaler] → {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology → IObit)
ContextMenuHandlers6: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation → Malwarebytes)
ContextMenuHandlers6: [SD360] → {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED → )
ContextMenuHandlers6: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-02-25] (win.rar GmbH → Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-02-25] (win.rar GmbH → Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {012A6F59-87D6-44E0-A91E-4191C44105EE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {02E9EE88-8B2A-45A8-B237-293AF930C0D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd → Piriform Ltd)
Task: {06B7B6A5-89CC-4D81-B982-3F531F29F6A9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. → AVAST Software)
Task: {07375CF8-C1FF-492B-8278-0396D0245D6F} - System32\Tasks\DropboxUpdateTaskMachineCore1d1719f 65cee02e => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc → Dropbox, Inc.)
Task: {0F9B47A5-A3A5-4CC4-9CF4-6FCF47A1FB9F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {115F90B7-1231-4FF1-AB5B-92FEF3694B20} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited → Easeware)
Task: {159448A5-F558-4572-8A16-6E303989186A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19946D02-33AE-4E60-81DF-5092DEB8F277} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {1AE784A5-A8C1-469D-ACDC-69A2BD7FEE8A} - System32\Tasks\DropboxUpdateTaskMachineUA1d1719f66 008e5b => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc → Dropbox, Inc.)
Task: {1DA9B645-13DA-4059-A3CB-D56C3971092C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {21BE9597-704B-4669-B98E-367AC00D234B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24672617-0A93-4BB5-8559-4012CEDFDF08} - System32\Tasks{61E32EBD-8E77-4D1B-9D4E-DFB440A9AB05} => C:\Windows\system32\pcalua.exe -a “D:\game\Gravity\openkore\Ragnarok Online\Setup.exe” -d “D:\game\Gravity\openkore\Ragnarok Online”
Task: {25C72C5E-A5A2-4F4B-BD37-3E4477093B5A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {297450E0-6ABB-427D-BB1C-BB2872268E11} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {31709D69-4FCE-4D4D-821C-94E1E6D6B831} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {36512371-A906-4CBA-8D6E-CCCA8F25E12E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwa reAssetManagerService.exe (Intel(R) Software Asset Manager → Intel Corporation)
Task: {3BB917BA-28B7-4433-B3E7-7EFBADC9BF05} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. → AVAST Software)
Task: {3BB99F43-80C7-4010-9269-058CFC43E873} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3C199C18-45CD-429D-B193-E25CBD0D0253} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D4F0449-FE30-4BDD-871D-BC436EDB0421} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {508A340E-5F91-492E-ABB0-B98532F80480} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => “C:\WINDOWS\System32\Wscript.exe” //B //NoLogo “C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs”
Task: {522525D9-3E35-4CED-9B07-86DCF48846B4} - System32\Tasks\S-1-5-21-1925601759-1010797402-2804155008-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows → Microsoft Corporation)
Task: {547C6C01-5708-4D14-AA13-ACA0C447A4A6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. → Advanced Micro Devices, Inc.)
Task: {57DFC5D9-A460-4BFF-B8E3-7B32AFB8CF85} - System32\Tasks\CommView for WiFi Update => C:\Program Files (x86)\CommViewWiFi\Updater.exe
Task: {5A1FB4EE-EE0E-4270-9E75-684F0AF09C07} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {621144B0-DE22-4BA5-8091-E7C4827BEF4F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {67DA1BE8-90A4-4CF2-A274-8747F431E302} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {789B54F6-B496-4419-97FF-B9199F07696D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. → Apple Inc.)
Task: {807DE444-D371-423B-899D-8236EA7A416B} - System32\Tasks\Uninstaller_SkipUac_Lenovo => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe (IObit Information Technology → IObit)
Task: {909165E7-58B7-40A8-BAD4-06369AE44715} - System32\Tasks\Microsoft\Windows\Flighting\Feature Config\ReconcileFeatures
Task: {9C7FF83C-4028-4C31-9DA7-4814BF4DD82A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9EA7EA19-87D5-4A05-90A2-77FAC5CAFED8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd → Piriform Ltd)
Task: {A1E768A1-C621-44E3-9D8D-0B31A7AA6480} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe (Intel(R) Software → Intel Corporation)
Task: {A2BC51F7-A5A5-4583-BCFC-07D102EFC8B5} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. → McAfee, Inc.)
Task: {A3F7EA55-63E8-472B-BD18-E4C82C33D682} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe (Adobe Systems Incorporated → Adobe Systems Incorporated)
Task: {A65C2727-BF46-4882-A619-716BB2E10EE3} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A9744BF1-B3BE-485E-8CED-C8A112DB42C9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B170E593-7A4A-42ED-8E5E-FE91C524223A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_ 0_0_113_pepper.exe (Adobe Systems Incorporated → Adobe Systems Incorporated)
Task: {B79C1E15-BBAE-4901-8144-CA6499E7F7BD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BAB0F865-1900-4889-B5E2-E00F083B9AC6} - System32\Tasks\Opera scheduled assistant Autoupdate 1550324909 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launc her.exe (Opera Software AS → Opera Software)
Task: {C35EAC49-C654-4AD2-A8E0-13BB4B538500} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB120083-D139-490E-ABC1-9711116BDE86} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_ 0_0_113_Plugin.exe (Adobe Systems Incorporated → Adobe Systems Incorporated)
Task: {CC790BC5-5E2E-431D-96D7-38992A378467} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc → Google Inc.)
Task: {D841F08B-9CC5-4DE4-8780-B48A4D247CC3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DA3CD105-1C40-4F31-B596-534277F311B7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {DC97CD24-99CA-4409-AA44-E0B8E9790D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc → Google Inc.)
Task: {DEBAD4D3-2F39-4C63-9561-762021145015} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe
Task: {ECF63DBD-0D24-4258-861D-7F5BDFA4C73D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F73979B7-3B5E-4FBF-AF56-473DC86B90CE} - System32\Tasks\Opera scheduled Autoupdate 1521719234 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launc her.exe (Opera Software AS → Opera Software)
Task: {F8A429FB-D075-49EE-91B6-D247866AD4A6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwa reAssetManagerService.exe (Intel(R) Software Asset Manager → Intel Corporation)
Task: {FEB657CD-087C-4664-B5E8-D03BBC23E1CF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d171 9f65cee02e.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d1719f 66008e5b.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Googl e Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) → --profile-directory=“Profile 1”
==================== Loaded Modules (Whitelisted) ==============
2018-12-18 14:31 - 2017-10-19 09:17 - 000271360 _____ (Wondershare Software) [File not signed] C:\WINDOWS\System32\WSPDFelementMonitor.dll
2013-08-27 17:32 - 2013-08-27 17:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2007-07-06 12:14 - 2007-07-06 12:14 - 005730304 _____ () [File not signed] C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
2016-06-28 21:38 - 2016-06-28 21:38 - 000138752 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000009216 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000077312 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPMaster.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000011264 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPUF.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000060928 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPDU.exe
2015-11-25 06:49 - 2015-11-25 06:49 - 002257408 _____ (ActiveState Software Inc) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\python26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000028160 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-25 06:46 - 2015-11-25 06:46 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000041472 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000096256 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000356864 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV_hashlib.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000017920 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000019968 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000036352 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000043008 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV_socket.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000805376 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV_ssl.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000087040 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV_ctypes.pyd
2015-11-25 06:46 - 2015-11-25 06:46 - 000354304 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000167936 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 001980928 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-11-25 07:02 - 2015-11-25 07:02 - 004604416 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Gui.dll
2015-11-25 07:01 - 2015-11-25 07:01 - 004088320 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Core.dll
2015-11-25 07:01 - 2015-11-25 07:01 - 001961472 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icuin53.dll
2015-11-25 07:02 - 2015-11-25 07:02 - 001316352 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icuuc53.dll
2015-11-25 07:01 - 2015-11-25 07:01 - 021529088 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icudt53.dll
2015-12-08 06:57 - 2015-12-08 06:57 - 000077824 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 001862144 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 000516608 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-25 07:02 - 2015-11-25 07:02 - 000839680 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Network.dll
2015-11-25 06:47 - 2015-11-25 06:47 - 004060160 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-25 07:01 - 2015-11-25 07:01 - 004468736 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Widgets.dll
2015-11-25 06:43 - 2015-11-25 06:43 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2018-03-22 23:24 - 2019-04-19 14:07 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-19 14:03 - 2019-04-19 14:07 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-19 14:03 - 2019-04-19 14:07 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2013-11-21 11:31 - 2013-11-21 11:31 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-11-21 11:31 - 2013-11-21 11:31 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => “”=“Service”
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-11-15 03:41 - 2019-04-20 04:14 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2016-11-07 03:29 - 2016-11-07 03:29 - 000000499 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.70 iPhone.mshome.net # 2016 11 0 13 17 29 46 813
192.168.137.1 Lenovo-PC.mshome.net # 2021 11 5 5 17 29 46 813
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;%SystemRoot%\system32;%SystemRoot%;%SystemR oot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPo werShell\v1.0;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;D:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Skype\Phone;C:\Program Files\Microsoft SQL Server\130\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files\Microsoft SQL Server\100\Tools\Binn;C:\Program Files\Microsoft SQL Server\100\DTS\Binn;%SYSTEMROOT%\System32\OpenSSH
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\Control Panel\Desktop\Wallpaper → C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Tel ephony\Providers => ProviderFileName2 → ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: CLHNServiceForPowerDVD => 2
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Service => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: hmevpnsvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: PingzapperSvc => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: UDisk Monitor => 2
MSCONFIG\Services: WtuSystemSupport => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lenovo^AppData^Roaming^Microsoft^Windows^ Start Menu^Programs^Startup^MYOB Add-On Connector.lnk => C:\Windows\pss\MYOB Add-On Connector.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => “C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe”
MSCONFIG\startupreg: APSDaemon => “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
MSCONFIG\startupreg: AVG-Secure-Search-Update_0715tb => “C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe” /PROMPT /CMPID=0715tb
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => “C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe”
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe
MSCONFIG\startupreg: cFosSpeed => C:\Program Files\cFosSpeed\cFosSpeed.exe
MSCONFIG\startupreg: Dropbox => “C:\Program Files (x86)\Dropbox\Client\Dropbox.exe” /systemstartup
MSCONFIG\startupreg: Energy Management => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
MSCONFIG\startupreg: EnergyUtility => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
MSCONFIG\startupreg: ForteConfig => C:\Program Files\Conexant\ForteConfig\fmapp.exe
MSCONFIG\startupreg: Google Update => “C:\Users\Lenovo\AppData\Local\Google\Update\Googl eUpdate.exe” /c
MSCONFIG\startupreg: GrooveMonitor => “C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe”
MSCONFIG\startupreg: HotKeysCmds => “C:\Windows\system32\hkcmd.exe”
MSCONFIG\startupreg: IAStorIcon => “C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe” “C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe” 60
MSCONFIG\startupreg: IgfxTray => “C:\Windows\system32\igfxtray.exe”
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Persistence => “C:\Windows\system32\igfxpers.exe”
MSCONFIG\startupreg: QuickTime Task => “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
MSCONFIG\startupreg: Raptr => C:\Program Files (x86)\Raptr\RAPTRS~1.EXE --startup
MSCONFIG\startupreg: Razer Synapse => “C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe”
MSCONFIG\startupreg: RemoteControl11 => “C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe”
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SACpl.exe /t
MSCONFIG\startupreg: Spotify => “C:\Users\Lenovo\AppData\Roaming\Spotify\Spotify.e xe” -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => “C:\Users\Lenovo\AppData\Roaming\Spotify\SpotifyWe bHelper.exe”
MSCONFIG\startupreg: StartCCC => “C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe” MSRun
MSCONFIG\startupreg: Steam => “C:\Program Files (x86)\Steam\steam.exe” -silent
MSCONFIG\startupreg: SynLenovoGestureMgr => %ProgramFiles%\Synaptics\SynTP\SynLenovoGestureMgr .exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: USB3MON => “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
MSCONFIG\startupreg: vProt => “C:\Program Files (x86)\AVG Web TuneUp\vprot.exe”
MSCONFIG\startupreg: WTFast Tray => “D:\Program Files (x86)\WTFast\WTFast.exe” trayonly
HKLM...\StartupApproved\Run: => “cAudioFilterAgent”
HKLM...\StartupApproved\Run: => “ForteConfig”
HKLM...\StartupApproved\Run: => “iTunesHelper”
HKLM...\StartupApproved\Run: => “StartCN”
HKLM...\StartupApproved\Run32: => “DivXUpdate”
HKLM...\StartupApproved\Run32: => “DivXMediaServer”
HKLM...\StartupApproved\Run32: => “Dropbox”
HKLM...\StartupApproved\Run32: => “AVG_UI”
HKLM...\StartupApproved\Run32: => “QuickTime Task”
HKLM...\StartupApproved\Run32: => “Raptr”
HKLM...\StartupApproved\Run32: => “vProt”
HKLM...\StartupApproved\Run32: => “PlaysTV”
HKLM...\StartupApproved\Run32: => “Wondershare Helper Compact.exe”
HKLM...\StartupApproved\Run32: => “SunJavaUpdateSched”
HKLM...\StartupApproved\Run32: => “SecurityHealth”
HKLM...\StartupApproved\Run32: => “SmartAudio”
HKLM...\StartupApproved\Run32: => “ETDCtrl”
HKLM...\StartupApproved\Run32: => “DSATray”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\StartupFolder: => “hide.me VPN.lnk”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\StartupFolder: => “Bitcoin.lnk”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “Discord”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “OneDrive”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “Spotify Web Helper”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “WTFast Tray”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “CCleaner Monitoring”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “Free Download Manager”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “Adguard”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “DownloadAccelerator”
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D90D21C3-BAD6-4B80-BC6B-95BBD9A82F27}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{46A1B855-A108-4B9E-81E1-D3A6228F8047}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.)
==================== Restore Points =========================
19-04-2019 04:42:40 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (04/20/2019 04:22:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AvLaunch.exe, version: 19.3.4241.0, time stamp: 0x5c82677e
Faulting module name: ucrtbase.dll, version: 10.0.17134.677, time stamp: 0x9f346d3f
Exception code: 0xc0000409
Fault offset: 0x000000000006e14e
Faulting process id: 0x930
Faulting application start time: 0x01d4f6dcbd9cb91e
Faulting application path: C:\Program Files\AVAST Software\Avast\AvLaunch.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 73a46981-8edb-48cd-b2a9-936390caca89
Faulting package full name:
Faulting package-relative application ID:
Error: (04/20/2019 04:18:41 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 8317) (User: )
Description: Cannot query value ‘First Counter’ associated with registry key ‘HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$SQLE XPRESS\Performance’. SQL Server performance counters are disabled.
Error: (04/20/2019 04:14:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (04/20/2019 04:13:01 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {08499028-1e60-4eea-aa56-62f230a4f5d9}
Error: (04/20/2019 04:09:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.17134.677, time stamp: 0xb4a88dff
Faulting module name: ntdll.dll, version: 10.0.17134.556, time stamp: 0x74bed8b0
Exception code: 0xc0000005
Fault offset: 0x0000000000024989
Faulting process id: 0x193c
Faulting application start time: 0x01d4f644479a143e
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: a08641ea-208c-470a-a576-2291f1e782fe
Faulting package full name:
Faulting package-relative application ID:
Error: (04/19/2019 10:24:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.17134.1, time stamp: 0x5ace103a
Faulting module name: ntdll.dll, version: 10.0.17134.556, time stamp: 0x74bed8b0
Exception code: 0xc0000374
Fault offset: 0x00000000000f479b
Faulting process id: 0x720
Faulting application start time: 0x01d4f644758852d1
Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\ShellExperienceHost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 8b43e3fc-5c5f-477a-8ae8-c9f4b9215bdc
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.17134.1 12_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (04/19/2019 01:00:47 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, “iehistory://{S-1-5-21-1925601759-1010797402-2804155008-1000}/”>.
Error: (04/19/2019 10:14:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AvLaunch.exe, version: 19.3.4241.0, time stamp: 0x5c82677e
Faulting module name: ucrtbase.dll, version: 10.0.17134.677, time stamp: 0x9f346d3f
Exception code: 0xc0000409
Fault offset: 0x000000000006e14e
Faulting process id: 0x176c
Faulting application start time: 0x01d4f6449fe30c0a
Faulting application path: C:\Program Files\AVAST Software\Avast\AvLaunch.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 63396444-9bfc-471f-a29d-aab87208a1ba
Faulting package full name:
Faulting package-relative application ID:
[HEADING=1]System errors:[/HEADING]
Error: (04/20/2019 04:27:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/20/2019 04:26:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.
Error: (04/20/2019 04:26:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Update Orchestrator Service service hung on starting.
Error: (04/20/2019 04:23:56 AM) (Source: DCOM) (EventID: 10016) (User: Lenovo-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Lenovo-PC\Lenovo SID (S-1-5-21-1925601759-1010797402-2804155008-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/20/2019 04:19:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/20/2019 04:19:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The RasMan service depends on the SstpSvc service which failed to start because of the following error:
The operation completed successfully.
Error: (04/20/2019 04:18:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAService service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/20/2019 04:18:31 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL “C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter” failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notifica tion Packages, refers to a correct and absolute path (:<path><filename>.) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at Microsoft Learn: Build skills that open doors in your career .
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2019-04-20 02:59:53.375
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:29.316
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:28.526
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:27.687
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:26.977
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:26.211
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:25.474
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:24.604
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core™ i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 44%
Total physical RAM: 8088.36 MB
Available physical RAM: 4470.66 MB
Total Virtual: 20220.36 MB
Available Virtual: 16473.34 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:151.27 GB) (Free:19.19 GB) NTFS
Drive d: (Data) (Fixed) (Total:584.83 GB) (Free:275.81 GB) NTFS
Drive f: (Bandicam) (Fixed) (Total:195.31 GB) (Free:179.55 GB) NTFS
\?\Volume{c05dd144-747f-11e4-9d1a-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
==================== MBR & Partition Table ==================
================================================== ======
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=584.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=0F Extended)
==================== End of Addition.txt ============================
Note: you can delete this post if it is unnecessary
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18.04.2019
Ran by Lenovo (administrator) on LENOVO-PC (20-04-2019 04:26:52)
Running from C:\Users\Lenovo\Downloads\FRST
Loaded Profiles: Lenovo (Available Profiles: Lenovo & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Conexant Systems, Inc. → Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Apple Inc. → Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AnchorFree Inc → AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Intel(R) Driver & Support Assistant → Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Apple Inc. → Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ELAN Microelectronics Corporation → ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() [File not signed] C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
(Plays.tv, LLC → Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(McAfee, Inc. → McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. → McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(McAfee, Inc. → McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper. exe
(Razer Inc. → Razer Inc.) D:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(TeamViewer GmbH → TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes Corporation → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(QIHU 360 SOFTWARE CO. LIMITED → QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(ELAN Microelectronics Corporation → ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation → ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Malwarebytes Corporation → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(IObit Information Technology → IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x6 4__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x6 4__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation → Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.e xe
(Intel Corporation - Intel® Management Engine Firmware → Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc → Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.ex e
(Google Inc → Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64. exe
(Microsoft Windows → Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Opera Software AS → Opera Software) C:\Users\Lenovo\AppData\Local\Programs\Opera\assis tant\browser_assistant.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.114 11.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPMaster.exe
(Malwarebytes Corporation → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
Failed to access process → AvLaunch.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Intel Corporation - Intel® Rapid Storage Technology → Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Windows → Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPUF.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPDU.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Software Asset Manager → Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwa reAssetManagerService.exe
(Opera Software AS → Opera Software) C:\Users\Lenovo\AppData\Local\Programs\Opera\launc her.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC → Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Opera Software AS → Opera Software) C:\Users\Lenovo\AppData\Local\Temp\opera autoupdate\installer.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows → Microsoft Corporation)
HKLM...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation → ELAN Microelectronics Corp.)
HKLM...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc → )
HKLM...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe [935104 2014-11-25] (Conexant Systems, Inc. → Conexant Systems, Inc.)
HKLM...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc. → Apple Inc.)
HKLM-x32...\Run: [vProt] => “C:\Program Files (x86)\AVG Web TuneUp\vprot.exe”
HKLM-x32...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
HKLM-x32...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-08-10] (Plays.tv, LLC → Plays.tv, LLC)
HKLM-x32...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-01] (Raptr, Inc → Raptr, Inc)
HKLM-x32...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [669248 2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.)
HKLM-x32...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [135968 2018-03-15] (Intel(R) Driver & Support Assistant → Intel)
HKLM-x32...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-18] (AVAST Software s.r.o. → AVAST Software)
HKU\S-1-5-19...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows → Microsoft Corporation)
HKU\S-1-5-20...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows → Microsoft Corporation)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-07] (Piriform Ltd → Piriform Ltd)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Run: [Opera Browser Assistant] => C:\Users\Lenovo\AppData\Local\Programs\Opera\assis tant\browser_assistant.exe [2480216 2019-02-12] (Opera Software AS → Opera Software)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
HKLM...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-08] ( ) [File not signed]
HKLM...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\system32\ff_vfw.dll [126976 2015-08-25] () [File not signed]
HKLM...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\SysWOW64\huffyuv.dll [39936 2004-05-19] (Disappearing Inc.) [File not signed]
HKLM...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-08] ( ) [File not signed]
HKLM...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-26] (hxxp://www.mp3dev.org/) [File not signed]
HKLM...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\SysWOW64\ff_vfw.dll [112128 2015-08-25] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Inst aller\chrmstp.exe [2019-04-19] (Google LLC → Google Inc.)
HKLM\Software...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] →
HKLM\Software...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] → C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProv ider.dll [2018-11-27] (McAfee, Inc. → McAfee, LLC.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter “C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter” “C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter”
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip..\Interfaces{8d45d7f2-23ec-402e-ba7c-d7e2681ab43c}: [DhcpNameServer] 192.168.0.1
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM → DefaultScope {A485DD13-1799-4E8B-8E0D-87A35529FC3C} URL =
SearchScopes: HKLM-x32 → DefaultScope {A485DD13-1799-4E8B-8E0D-87A35529FC3C} URL =
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. → Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. → Intel Security)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll No File
[HEADING=1]FireFox:[/HEADING]
FF DefaultProfile: 5556b60k.default-1555684723521
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Pr ofiles\5556b60k.default-1555684723521 [2019-04-20]
FF Extension: (Federated Learning Awesome Bar) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Pr ofiles\5556b60k.default-1555684723521\Extensionsfederated-learning-v2@shield.mozilla.org.xpi [2019-04-20]
FF Extension: (AdBlock) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Pr ofiles\5556b60k.default-1555684723521\Extensionsjid1-NIfFY2CA8fy1tg@jetpack.xpi [2019-04-20]
FF HKLM-x32...\Firefox\Extensions: [daplinkchecker@speedbit.com] - D:\Program Files (x86)\DAP\daplinkchecker
FF Extension: (DAP Link Checker) - D:\Program Files (x86)\DAP\daplinkchecker [2017-11-12] [Legacy] [not signed]
FF HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - D:\Program Files (x86)\DAP\DAPFireFox
FF Extension: (Download Accelerator Plus (DAP) extension) - D:\Program Files (x86)\DAP\DAPFireFox [2017-11-12] [Legacy] [not signed]
FF HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer → C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_ 113.dll [2018-03-22] (Adobe Systems Incorporated → )
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 → C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC → DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 → C:\WINDOWS\system32\npDeployJava1.dll [2014-11-25] (Oracle America, Inc. → Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 → C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation → Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDet ect64.dll [2014-04-28] (Adobe Systems Incorporated → Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer → C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_ 113.dll [2018-03-22] (Adobe Systems Incorporated → )
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin → C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\npsitesafety.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 → C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC → DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 → C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-09-02] (DivX, LLC → DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 → C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software → Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater → C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software → Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 → C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1 .dll [2018-03-22] (Oracle America, Inc. → Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 → C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-22] (Oracle America, Inc. → Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 → C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-04-01] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin → C:\Users\Lenovo\AppData\Roaming\raidcall\plugins\n prcplugin.dll [2014-05-27] (Raidcall) [File not signed]
FF Plugin-x32: @softnyxNpruntime → D:\Game\SoftnyxGame\NyxLauncherIS\npSoftnyx.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-19] (Google Inc → Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-19] (Google Inc → Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 → D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN → VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 → D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN → VideoLAN)
FF Plugin HKU\S-1-5-21-1925601759-1010797402-2804155008-1000: @zoom.us/ZoomVideoPlugin → C:\Users\Lenovo\AppData\Roaming\Zoom\bin\npzoomplu gin.dll [2017-11-14] (Zoom Video Communications, Inc. → Zoom Video Communications, Inc.)
[HEADING=1]Chrome:[/HEADING]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2019-04-20]
CHR Extension: (Slides) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2019-04-19]
CHR Extension: (AdLock ad blocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aemffjkmgcepimloclpkecifcn ipnodh [2019-04-19]
CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2019-04-19]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2019-04-19]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2019-04-19]
CHR Extension: (Sheets) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2019-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2019-04-19]
CHR Extension: (AdBlock) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom [2019-04-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2019-04-19]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2019-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2019-04-19]
CHR HKLM...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
[HEADING=1]Opera:[/HEADING]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-04-18]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. → ArcSoft Inc.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
S3 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [287264 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher → AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. → Apple Inc.)
R2 AUEPLauncher; C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe [9216 2018-01-31] () [File not signed]
S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceF orPowerDVD.exe [83240 2011-04-20] (CyberLink → )
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMS MonitorService.exe [70952 2011-03-31] (CyberLink → CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMS Server.exe [312616 2011-03-31] (CyberLink → CyberLink)
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc → Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc → Dropbox, Inc.)
S3 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2018-03-15] (Intel(R) Driver & Support Assistant → Intel)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products → )
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation → ELAN Microelectronics Corp.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [53120 2018-04-10] (AnchorFree Inc → AnchorFree Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology → Intel Corporation)
S3 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373688 2017-06-12] (Intel(R) pGFX → Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service → Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwa reAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager → Intel Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit Information Technology → IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware → Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation → Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation → Microsoft Corporation)
R2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.0\my.ini [9263 2017-02-03] () [File not signed]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7780848 2017-11-29] (INCA Internet Co.,Ltd. → INCA Internet Co., Ltd.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-10] (Plays.tv, LLC → Plays.tv, LLC)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [965184 2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. → Riverbed Technology, Inc.)
R2 RzKLService; D:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc. → Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-15] (Microsoft Windows Publisher → Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation → Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH → TeamViewer GmbH)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [352688 2018-11-27] (McAfee, Inc. → McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [352688 2018-11-27] (McAfee, Inc. → McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper. exe [194168 2018-11-27] (McAfee, Inc. → McAfee, LLC.)
S4 UDisk Monitor; D:\Program Files\Modem AC2726 UI\bin\MonServiceUDisk64.exe [407040 2009-09-23] () [File not signed]
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products → )
S3 VSStandardCollectorService140; D:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.S ervice.exe [108776 2016-09-06] (Microsoft Corporation → Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation → Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation → Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe [105064 2018-07-25] (Wondershare Technology Co.,Ltd → Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [192600 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [340568 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [443992 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R1 360netmon; C:\WINDOWS\System32\DRIVERS\360netmon.sys [96424 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited → 360.cn)
R3 AFTrafMgr1.4; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [56840 2018-04-04] (AnchorFree Inc → AnchorFree Inc.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [26706464 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher → Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [518176 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher → Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc. → Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows → Qualcomm Atheros Communications, Inc.)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [211160 2018-12-21] (Beijing Qihu Technology Co., Ltd. → 360.cn)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher → Qualcomm Atheros)
S3 CYUSB3; C:\WINDOWS\System32\Drivers\CYUSB3.sys [90536 2018-08-12] (Cypress Semiconductor Corporation → Cypress Semiconductor)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-04-19] (Malwarebytes Corporation → Malwarebytes)
S3 GunBod; C:\WINDOWS\system32\gunbod64.sys [84384 2017-02-09] (Beijing Apex Weifeng Technology Co.,Ltd. → )
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sy s [37184 2018-10-16] (IObit Information Technology → IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.s ys [43392 2018-10-16] (IObit Information Technology → IObit)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-31] (Logitech → Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-04-19] (Malwarebytes Corporation → Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher → Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-04-20] (Malwarebytes Corporation → Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-04-20] (Malwarebytes Corporation → Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-20] (Malwarebytes Corporation → Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-04-20] (Malwarebytes Corporation → Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware → Intel Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher → Apple Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. → Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek Semiconductor Corp → Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realtek Semiconductor Corp → Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp → Realtek Semiconductor Corp.)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-14] (Razer Inc. → Razer Inc)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] (Intel(R) Code Signing External → )
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-08-23] (AnchorFree Inc → Anchorfree Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher → Apple, Inc.)
S3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7. sys [41192 2015-11-07] (Vincent Burel → Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows → Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows → Microsoft Corporation)
R2 WtfEngineDrv; C:\WINDOWS\system32\DRIVERS\WtfEngineDrv.sys [37872 2016-05-20] (Initex, OOO → AAA Internet Publishing, Inc.)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-12-21] (Beijing Duodian Online Science and Technology Co.,Ltd → BigNox Corporation)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fc l [148976 2011-04-12] (CyberLink → CyberLink Corp.)
U3 aswbdisk; no ImagePath
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-20 04:30 - 2019-04-20 04:31 - 000000000 ____D C:\Users\Lenovo\Desktop\Comp Tool
2019-04-20 04:30 - 2019-04-20 04:30 - 000012371 _____ C:\Users\Lenovo\Desktop\bookmarks_20_04_2019.html
2019-04-20 04:20 - 2019-04-20 04:20 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-04-20 04:19 - 2019-04-20 04:19 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-04-20 04:19 - 2019-04-20 04:19 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-04-20 04:18 - 2019-04-20 04:18 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-20 04:12 - 2019-04-20 04:26 - 000000000 ____D C:\Users\Lenovo\Downloads\FRST
2019-04-20 00:38 - 2019-04-20 00:38 - 000000000 ____D C:\Users\Lenovo\Desktop\Old Firefox Data
2019-04-20 00:36 - 2019-04-20 00:36 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Mozilla
2019-04-19 14:09 - 2019-04-19 14:09 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbam
2019-04-19 14:08 - 2019-04-19 14:08 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-04-19 14:04 - 2019-04-19 14:04 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbamtray
2019-04-19 14:03 - 2019-04-19 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-19 14:03 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-19 13:03 - 2019-04-19 13:03 - 001214008 _____ (Google LLC) C:\Users\Lenovo\Downloads\ChromeSetup.exe
2019-04-19 13:03 - 2019-04-19 13:03 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-19 13:03 - 2019-04-19 13:03 - 000002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000001222 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-19 12:45 - 2019-04-19 12:45 - 000000000 ____D C:\Users\Lenovo\Downloads\FRST-OlderVersion
2019-04-19 10:06 - 2019-04-19 10:19 - 000003530 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineU A
2019-04-19 10:06 - 2019-04-19 10:19 - 000003406 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineC ore
2019-04-19 09:59 - 2019-04-19 09:59 - 001622528 _____ C:\Users\Lenovo\Downloads\resetbrowser.exe
2019-04-19 09:47 - 2019-04-19 09:49 - 005208384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-19 09:42 - 2019-04-19 09:44 - 000000000 ____D C:\AdwCleaner
2019-04-19 02:14 - 2019-04-19 12:53 - 000084516 _____ C:\Users\Lenovo\Downloads\Addition.txt
2019-04-19 02:10 - 2019-04-20 04:26 - 000000000 ____D C:\FRST
2019-04-19 02:10 - 2019-04-19 12:53 - 000072532 _____ C:\Users\Lenovo\Downloads\FRST.txt
2019-04-19 01:58 - 2019-04-19 01:58 - 037133296 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer (2).exe
2019-04-19 01:24 - 2019-04-19 01:24 - 037133296 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer (1).exe
2019-04-18 13:15 - 2019-04-19 13:03 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-18 13:15 - 2019-04-18 13:16 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Google clean
2019-04-18 12:52 - 2019-04-18 12:52 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2019-04-18 12:50 - 2019-04-20 04:24 - 000000000 ____D C:\ProgramData\ProductData
2019-04-18 12:50 - 2019-04-18 12:51 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\IObit
2019-04-18 12:50 - 2019-04-18 12:50 - 000002950 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Leno vo
2019-04-18 12:49 - 2019-04-18 12:55 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\IObit
2019-04-18 12:49 - 2019-04-18 12:54 - 000000000 ____D C:\ProgramData\IObit
2019-04-18 12:49 - 2019-04-18 12:49 - 000001430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2019-04-18 12:49 - 2019-04-18 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2019-04-18 12:49 - 2019-04-18 12:49 - 000000000 ____D C:\Program Files (x86)\IObit
2019-04-18 12:30 - 2019-04-20 04:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-04-18 12:30 - 2019-04-18 12:30 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-04-13 05:25 - 2019-04-13 05:25 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-10 09:53 - 2019-04-02 14:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 09:53 - 2019-03-15 00:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 09:53 - 2019-03-14 18:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 09:53 - 2019-03-14 18:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.d ll
2019-04-10 09:53 - 2019-03-14 18:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 09:53 - 2019-03-14 18:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-10 09:53 - 2019-03-14 18:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-10 09:53 - 2019-03-14 17:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 09:53 - 2019-03-14 17:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-10 09:53 - 2019-03-14 17:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 09:52 - 2019-04-02 22:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 09:52 - 2019-04-02 22:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 09:52 - 2019-04-02 22:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 09:52 - 2019-04-02 22:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 09:52 - 2019-04-02 22:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 09:52 - 2019-04-02 22:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 09:52 - 2019-04-02 22:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 09:52 - 2019-04-02 22:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 09:52 - 2019-04-02 22:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 09:52 - 2019-04-02 22:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 09:52 - 2019-04-02 22:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 09:52 - 2019-04-02 22:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 09:52 - 2019-04-02 22:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 09:52 - 2019-04-02 19:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 09:52 - 2019-04-02 19:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 09:52 - 2019-04-02 19:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 09:52 - 2019-04-02 19:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 09:52 - 2019-04-02 19:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 09:52 - 2019-04-02 19:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 09:52 - 2019-04-02 19:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 09:52 - 2019-04-02 19:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 09:52 - 2019-04-02 19:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 09:52 - 2019-04-02 18:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 09:52 - 2019-04-02 18:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 09:52 - 2019-04-02 18:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-10 09:52 - 2019-04-02 18:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
2019-04-10 09:52 - 2019-04-02 18:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 09:52 - 2019-04-02 18:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 09:52 - 2019-04-02 18:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 09:52 - 2019-04-02 18:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 09:52 - 2019-04-02 18:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 09:52 - 2019-04-02 18:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 09:52 - 2019-04-02 18:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 09:52 - 2019-04-02 18:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 09:52 - 2019-04-02 18:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 09:52 - 2019-04-02 18:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 09:52 - 2019-04-02 17:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 09:52 - 2019-04-02 17:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 09:52 - 2019-04-02 17:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 09:52 - 2019-04-02 17:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 09:52 - 2019-04-02 17:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 09:52 - 2019-04-02 17:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 09:52 - 2019-04-02 17:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 09:52 - 2019-04-02 17:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
2019-04-10 09:52 - 2019-04-02 17:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 09:52 - 2019-04-02 17:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 09:52 - 2019-04-02 17:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 09:52 - 2019-04-02 17:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 09:52 - 2019-04-02 17:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
2019-04-10 09:52 - 2019-04-02 17:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 09:52 - 2019-04-02 17:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 09:52 - 2019-04-02 17:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 09:52 - 2019-04-02 17:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 09:52 - 2019-04-02 17:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 09:52 - 2019-04-02 16:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-10 09:52 - 2019-04-02 15:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayR eady.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 09:52 - 2019-04-02 14:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 09:52 - 2019-04-02 14:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 09:52 - 2019-04-02 14:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 09:52 - 2019-04-02 14:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 09:52 - 2019-03-16 22:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapt ure.dll
2019-04-10 09:52 - 2019-03-16 19:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapt ure.dll
2019-04-10 09:52 - 2019-03-15 00:55 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 001626928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 09:52 - 2019-03-15 00:52 - 001424696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000954160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-04-10 09:52 - 2019-03-15 00:52 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-04-10 09:52 - 2019-03-15 00:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 09:52 - 2019-03-15 00:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-10 09:52 - 2019-03-15 00:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 09:52 - 2019-03-15 00:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 09:52 - 2019-03-15 00:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 09:52 - 2019-03-15 00:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 09:52 - 2019-03-15 00:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 09:52 - 2019-03-15 00:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 09:52 - 2019-03-15 00:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dl l
2019-04-10 09:52 - 2019-03-15 00:29 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 09:52 - 2019-03-15 00:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 09:52 - 2019-03-15 00:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-10 09:52 - 2019-03-14 23:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 09:52 - 2019-03-14 23:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 09:52 - 2019-03-14 23:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dl l
2019-04-10 09:52 - 2019-03-14 23:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 09:52 - 2019-03-14 23:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 09:52 - 2019-03-14 23:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-10 09:52 - 2019-03-14 18:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 09:52 - 2019-03-14 18:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 09:52 - 2019-03-14 18:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 09:52 - 2019-03-14 18:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 09:52 - 2019-03-14 18:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 09:52 - 2019-03-14 18:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 09:52 - 2019-03-14 18:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 09:52 - 2019-03-14 18:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 09:52 - 2019-03-14 18:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 09:52 - 2019-03-14 18:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 09:52 - 2019-03-14 18:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 09:52 - 2019-03-14 18:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 09:52 - 2019-03-14 18:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 09:52 - 2019-03-14 18:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 09:52 - 2019-03-14 18:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-10 09:52 - 2019-03-14 18:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 09:52 - 2019-03-14 18:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 09:52 - 2019-03-14 18:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 09:52 - 2019-03-14 18:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Work flow.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-10 09:52 - 2019-03-14 18:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-10 09:52 - 2019-03-14 18:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 09:52 - 2019-03-14 18:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 09:52 - 2019-03-14 17:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 09:52 - 2019-03-14 17:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 09:52 - 2019-03-14 17:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 09:52 - 2019-03-14 17:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dl l
2019-04-10 09:52 - 2019-03-14 17:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 09:52 - 2019-03-14 17:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 09:52 - 2019-03-14 17:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 09:52 - 2019-03-14 17:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.d ll
2019-04-10 09:52 - 2019-03-14 17:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 09:52 - 2019-03-14 17:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Work flow.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 09:52 - 2019-03-14 17:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 09:52 - 2019-03-14 17:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 09:52 - 2019-03-14 17:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 09:52 - 2019-03-14 17:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-09 03:02 - 2019-04-09 03:02 - 000000000 ____D C:\ProgramData\Hankuper
2019-04-09 03:02 - 2019-04-09 03:02 - 000000000 ____D C:\Program Files\AdLock
2019-04-09 02:58 - 2019-04-09 02:58 - 036153840 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer.exe
2019-04-09 00:08 - 2019-04-09 00:08 - 003976665 _____ C:\Users\Lenovo\Downloads\Mega Man Battle Network 2 (USA).zip
2019-04-06 18:30 - 2019-04-06 18:30 - 000364952 _____ C:\Users\Lenovo\Downloads\download.pdf
2019-04-05 11:04 - 2019-04-05 11:04 - 000192384 _____ C:\Users\Lenovo\Downloads\9299 (1) (1).pdf
2019-04-05 11:02 - 2019-04-05 11:02 - 000182444 _____ C:\Users\Lenovo\Downloads\9299 (1).pdf
2019-04-05 11:00 - 2019-04-05 11:00 - 000182444 _____ C:\Users\Lenovo\Downloads\929 (1).pdf
2019-04-05 10:00 - 2019-04-05 10:00 - 000338279 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1) (1)[1145].pdf
2019-04-01 15:19 - 2019-04-01 15:19 - 000182444 _____ C:\Users\Lenovo\Downloads\929.pdf
2019-04-01 15:01 - 2019-04-01 15:01 - 000233489 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1) (1).pdf
2019-03-31 01:33 - 2019-03-31 01:33 - 000000000 ____D C:\Users\Lenovo\Downloads\New folder
2019-03-27 12:24 - 2019-03-27 12:24 - 000233489 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1).pdf
2019-03-25 13:27 - 2019-03-25 13:27 - 000063894 _____ C:\Users\Lenovo\Downloads\Albert - Akta lahir.pdf
2019-03-25 13:02 - 2019-03-25 13:02 - 001771175 _____ C:\Users\Lenovo\Downloads\Statement20181231.pdf
2019-03-25 13:01 - 2019-03-25 13:01 - 000116172 _____ C:\Users\Lenovo\Downloads\scoreReport (2).pdf
2019-03-21 23:11 - 2019-03-23 15:36 - 000000000 ____D C:\ProgramData\Stardock
2019-03-21 23:11 - 2019-03-21 23:11 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Stardock
2019-03-21 23:10 - 2019-03-21 23:10 - 000000000 ____D C:\Users\Lenovo\Documents\My Games
2019-03-21 23:10 - 2019-03-21 23:10 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\MohawkGames
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-20 04:30 - 2014-12-30 12:34 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2019-04-20 04:21 - 2018-04-12 09:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-20 04:19 - 2018-04-12 09:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-20 04:18 - 2018-05-26 17:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-20 04:18 - 2018-03-22 23:45 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-04-20 04:18 - 2014-11-25 18:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-20 04:16 - 2018-04-12 07:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-20 04:15 - 2016-12-09 20:20 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Temp
2019-04-20 04:14 - 2009-07-14 13:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-04-20 02:39 - 2018-05-26 17:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-20 00:38 - 2016-12-21 04:23 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2019-04-20 00:36 - 2014-11-25 18:39 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Mozilla
2019-04-19 14:07 - 2018-03-22 23:25 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-19 14:03 - 2018-04-12 09:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-19 12:57 - 2018-03-25 06:00 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-04-19 12:47 - 2018-03-22 21:37 - 000000000 ____D C:\ProgramData\360safe
2019-04-19 12:47 - 2014-11-25 18:39 - 000000000 ____D C:\ProgramData\Mozilla
2019-04-19 10:24 - 2018-03-22 21:37 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\360WD
2019-04-19 10:08 - 2018-03-22 21:37 - 000000000 _RSHD C:\360SANDBOX
2019-04-19 10:01 - 2018-03-22 22:30 - 000000000 __SHD C:$360Section
2019-04-19 10:01 - 2018-03-22 22:05 - 000000000 ____D C:\ProgramData\360Quarant
2019-04-19 09:47 - 2018-03-25 05:46 - 000000000 ____D C:\Program Files (x86)\Driver Support
2019-04-19 04:48 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-19 02:36 - 2017-09-30 14:04 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Albion Online
2019-04-19 02:35 - 2019-02-26 14:27 - 000000000 ____D C:\WINDOWS\Minidump
2019-04-18 15:45 - 2017-12-30 07:35 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2019-04-18 13:26 - 2017-10-16 00:08 - 000000000 ____D C:\ProgramData\Package Cache
2019-04-18 13:26 - 2017-05-27 00:44 - 000000000 ____D C:\ProgramData\Adguard
2019-04-18 13:26 - 2017-05-27 00:43 - 000000000 ____D C:\Program Files (x86)\Adguard
2019-04-18 12:32 - 2015-09-12 20:58 - 000000000 ____D C:\Users\Lenovo\AppData\Local\TeamViewer
2019-04-18 12:30 - 2018-05-26 17:10 - 000000000 ____D C:\Users\DefaultAppPool
2019-04-18 12:30 - 2015-09-12 20:45 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\TeamViewer
2019-04-18 10:28 - 2018-03-22 21:37 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360safe
2019-04-18 10:20 - 2018-05-26 17:10 - 000000000 ____D C:\Users\Lenovo
2019-04-18 10:14 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-18 03:57 - 2018-03-24 19:05 - 000000428 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2019-04-18 03:50 - 2019-02-16 23:48 - 000003752 _____ C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1550324909
2019-04-18 03:50 - 2018-05-26 17:40 - 000003752 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-18 03:50 - 2018-05-26 17:40 - 000003556 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan
2019-04-18 03:50 - 2018-05-26 17:40 - 000002970 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2019-04-18 03:50 - 2018-05-26 17:40 - 000002646 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2019-04-18 03:50 - 2018-05-26 17:40 - 000002604 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2019-04-18 03:50 - 2018-05-26 17:40 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-04-18 03:50 - 2018-05-26 17:40 - 000002202 _____ C:\WINDOWS\System32\Tasks\StartCN
2019-04-18 03:48 - 2019-03-18 21:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-04-18 01:12 - 2017-09-28 20:12 - 000061060 _____ C:\Users\Lenovo\Desktop\Share.xlsx
2019-04-17 19:52 - 2018-04-12 09:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-16 13:23 - 2018-12-26 22:02 - 000019344 _____ C:\Users\Lenovo\Desktop\Mascot-202-RENT.xlsx
2019-04-13 19:26 - 2016-09-22 12:11 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\vlc
2019-04-13 05:25 - 2019-03-18 21:25 - 000476264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1af7b8ca475981fe.tm p
2019-04-12 03:45 - 2018-05-27 10:37 - 000503220 _____ C:\WINDOWS\system32\perfh011.dat
2019-04-12 03:45 - 2018-05-27 10:37 - 000145096 _____ C:\WINDOWS\system32\perfc011.dat
2019-04-12 03:45 - 2018-05-26 17:09 - 001571872 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-12 02:47 - 2018-03-22 21:47 - 000001443 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Opera Browser.lnk
2019-04-11 18:06 - 2018-03-22 21:38 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360TotalSecurity
2019-04-11 17:47 - 2018-04-12 19:20 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-10 10:03 - 2018-04-12 09:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 09:51 - 2015-03-13 02:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 09:44 - 2015-03-13 02:42 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-07 23:23 - 2018-03-22 21:48 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360DrvMgr
2019-04-05 21:35 - 2017-09-29 19:45 - 000000000 ____D C:\Program Files\rempl
2019-04-02 03:51 - 2018-11-18 11:45 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-02 03:51 - 2018-11-18 11:45 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-26 08:20 - 2019-02-19 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2019-03-26 07:28 - 2019-03-18 21:25 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-21 15:57 - 2017-08-11 00:34 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Steam
==================== Files in the root of some directories =======
2017-05-27 00:44 - 2018-06-15 09:49 - 000000267 _____ () C:\ProgramData\fontcacheev1.dat
2018-08-13 21:01 - 2018-06-14 21:01 - 000000032 ____R () C:\ProgramData\hash.dat
2015-10-04 11:58 - 2015-10-04 11:58 - 000000097 _____ () C:\Users\Lenovo\AppData\Roaming\settings.xml
2015-04-25 14:16 - 2015-04-25 14:16 - 000000054 _____ () C:\Users\Lenovo\AppData\Roaming\updater.cfg
2015-11-09 13:55 - 2015-11-30 19:16 - 000002856 _____ () C:\Users\Lenovo\AppData\Roaming\VoiceMeeterDefault .xml
2016-09-23 11:37 - 2017-01-05 11:54 - 000000202 _____ () C:\Users\Lenovo\AppData\Roaming_encryptiondb.grf
2014-11-26 19:09 - 2014-11-26 19:09 - 000000038 ___SH () C:\Users\Lenovo\AppData\Local\1754111884ee9ab5277c a00.95260103
2014-12-26 00:02 - 2016-06-26 16:10 - 000007603 _____ () C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-26 17:01
==================== End of FRST.txt ============================
[HEADING=1]Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.04.2019
Ran by Lenovo (20-04-2019 04:31:36)
Running from C:\Users\Lenovo\Downloads\FRST
Windows 10 Pro Version 1803 17134.706 (X64) (2018-05-26 07:41:06)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================
Administrator (S-1-5-21-1925601759-1010797402-2804155008-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1925601759-1010797402-2804155008-503 - Limited - Disabled)
Guest (S-1-5-21-1925601759-1010797402-2804155008-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1925601759-1010797402-2804155008-1002 - Limited - Enabled)
Lenovo (S-1-5-21-1925601759-1010797402-2804155008-1000 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-1925601759-1010797402-2804155008-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: 360 Total Security (Disabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Disabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM...{3D383E25-72E7-4F09-AA1C-9ADE6A2EF42F}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32...{0C9A6167-6560-4085-9C35-EDB1AE105328}) (Version: 3.2.0.9 - Intel) Hidden
360 Total Security (HKLM-x32...\360TotalSecurity) (Version: 10.2.0.1180 - 360 Security Center)
3DP Chip Lite v17.11.1 (HKLM-x32...\3DP Chip Lite) (Version: v17.11.1 - 3DP)
ACDSee Pro 3 (HKLM-x32...{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.355 - ACD Systems International Inc.)
Active Directory Authentication Library for SQL Server (HKLM...{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32...{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
AdLock (HKLM...{26D2159D-4BE2-43A4-9E68-F0594DF0295C}) (Version: 1.0.2.2 - Hankuper) Hidden
Adobe Flash Player 29 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32...\Adobe Flash Player PPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
AMD Settings (HKLM...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
AMD Software (HKLM...\AMD Catalyst Install Manager) (Version: 18.2.1 - Advanced Micro Devices, Inc.)
Anathena (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\242cfcc8731b6ee3) (Version: 3.3.8.0 - Anathena)
Any Video Converter 6.2.5 (HKLM-x32...\Any Video Converter) (Version: 6.2.5 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32...{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM...{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Application Support (HKLM-x32...{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM...{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32...{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Apple Software Update (HKLM-x32...{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM-x32...{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.189 - ArcSoft)
AVG 2015 (HKLM...{6E4BAAF0-7F23-41E5-B16B-4727B6FC0C6F}) (Version: 15.0.6081 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
Battle.net (HKLM-x32...\Battle.net) (Version: - Blizzard Entertainment)
BattlePing (HKLM-x32...{DB480AC3-1578-B8DC-3F8F-786A2A4E3BC7}) (Version: 1.3.7.1 - BattlePing)
Bonjour (HKLM...{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM...{15EEB07A-3FB9-FA4C-8EFF-697728CB1E5C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM...{A63E3031-0522-18C6-F18F-7EE80973315F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM...{A2966D0F-43BB-116D-C9C7-49612FBFD0AE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM...{4C608ED2-535B-2119-3661-9E6F7DDB600F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM...{9005C809-497A-FD45-CB96-76A3338E35B9}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM...{D84300A6-72F1-5771-B3B1-8FC71184AB38}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM...{56D13277-FA9F-2842-682D-DD7298973585}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM...{8D0C7788-D519-7B65-36F6-D0D21296F173}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM...{930FD2C7-D026-197D-94E4-CB5917CE7420}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM...{086D11E3-9CA4-DBEF-2B48-5A2EFFD53145}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM...{D0C1EAB6-92F1-EE91-04C2-5947EE150593}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM...{57EAA61A-CD02-DF34-0839-2549F57A334C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM...{AA477FD2-347B-1732-5D8C-AF35AF1B9703}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM...{BBFC5953-2CB9-5932-1D47-52E4AA99737B}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM...{01E7D692-D785-743F-5A55-F00162D26A1C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM...{5D8BA452-1264-7D13-E4EC-8236EC5B83FE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM...{F49BA906-83DA-3F5A-5B24-03C8DE2A3936}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM...{5A466CAA-F071-D9EF-A799-EF63552DBE70}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM...{D7DC4DDB-3E0D-6F79-4258-4A461654B689}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM...{ACDFF800-6015-BEEC-8A27-7B1A80915273}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM...{A28B1FC5-3947-9D39-7FE5-A3CB18E16358}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM...\CCleaner) (Version: 5.41 - Piriform)
Cheat Engine 6.6 (HKLM-x32...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32...{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32...{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32...{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PowerDVD 11 (HKLM-x32...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1620.51 - CyberLink Corp.)
D3DX10 (HKLM-x32...{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX H.264 decoder 8.2.0.26 (HKLM-x32...\divxh264_is1) (Version: 8.2.0.26 - )
DivX Setup (HKLM-x32...\DivX Setup) (Version: 2.7.0.93 - DivX, LLC)
Dolby Digital Plus Advanced Audio (HKLM...{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dolby Digital Plus Home Theater (HKLM...{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Driver Easy 5.6.1 (HKLM...\DriverEasy_is1) (Version: 5.6.1 - Easeware)
Dropbox (HKLM-x32...\Dropbox) (Version: 45.4.92 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32...{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Energy Management (HKLM-x32...{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo) Hidden
Energy Management (HKLM-x32...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
eNexia version 749.0 (HKLM-x32...{8C3EC8A8-70A1-4298-BD7D-3CD7DAE20D64}_is1) (Version: 749.0 - eNexiaTK)
Free Download Manager (HKLM...{43781dff-e0df-49ce-a6d2-47da96a485e7}}is1) (Version: - FreeDownloadManager.ORG)
Google Chrome (HKLM-x32...{8CAF1821-50A9-3971-88C2-371AACE003E1}) (Version: 73.0.3683.103 - Google LLC)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GRF Editor version 1.7.9 (HKLM-x32...\GRF Editor_is1) (Version: 1.7.9 - )
Hearthstone (HKLM-x32...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\HearthstoneDeckTracker) (Version: 1.7.6 - HearthSim)
Hotspot Shield 7.6.4 (HKLM-x32...{AF599C42-A2E5-4251-B7EE-4925C187EDD1}) (Version: 7.6.4.10926 - AnchorFree Inc.) Hidden
Hotspot Shield 7.6.4 (HKLM-x32...{f0473374-de13-4075-b4ef-5847e91e1d6a}) (Version: 7.6.4.10926 - AnchorFree Inc.)
Hotspot Shield 7.6.4 (HKLM-x32...\HotspotShield) (Version: 7.6.4 - AnchorFree Inc.) Hidden
HxD Hex Editor version 1.7.7.0 (HKLM-x32...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
IIS 10.0 Express (HKLM...{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
Intel(R) Chipset Device Software (HKLM-x32...{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM...{699E6891-25C3-443A-9B8E-80C74F0172C8}) (Version: 2.1.03413 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32...{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM...{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32...{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32...{4d839fe1-a8d3-4edc-b0ca-844394309856}) (Version: 3.2.0.9 - Intel)
IObit Uninstaller 8 (HKLM-x32...\IObitUninstall) (Version: 8.4.0.8 - IObit)
iTunes (HKLM...{1D7D1271-5258-4F5A-B8C1-7176BF398782}) (Version: 12.7.3.46 - Apple Inc.)
Java 8 Update 161 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
K-Lite Mega Codec Pack 14.0.5 (HKLM-x32...\KLiteCodecPack_is1) (Version: 14.0.5 - KLCP)
Lenovo EasyCamera (HKLM-x32...{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Logitech Gaming Software 8.57 (HKLM...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Magic Bullet Suite 64-bit (HKLM...{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32...\InstallShield{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Malwarebytes version 3.7.1.2839 (HKLM...{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee True Key (HKLM...\TrueKey) (Version: 5.2.167.1 - McAfee, LLC)
mHotspot version 7.8.8.0 (HKLM-x32...{beeb7906-9268-4520-8850-8d8af9b1c7c8}is1) (Version: 7.8.8.0 - 1BN Software & IT Solutions Pvt. Ltd.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32...{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32...{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32...{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32...{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (日本語) (HKLM-x32...{9A330858-0CD6-4FB3-8C57-0F1BB58012B0}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32...{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32...{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (日本語) (HKLM-x32...{903C5477-BA28-4CFC-8BE4-62E3C328D4DD}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32...{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32...{90120000-0030-0000-0000-0000000FF1CE}ENTERPRISE{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32...{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM...{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32...{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32...{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM...{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM...{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM...{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM...{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32...{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM...{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM...{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32...{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM...{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32...{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM...{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32...{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM...{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32...{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM...{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM...{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32...{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM...{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU (HKLM-x32...{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Database Providers (x86) ENU (HKLM-x32...{296E293F-C481-4DDE-9ED2-3F79FCF38731}) (Version: 3.1.1648.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM...{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32...{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM...{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32...{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32...{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM...{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32...{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32...{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32...{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM...{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM...{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Modem AC2726 UI (HKLM...\ZTEWireless-101_is1) (Version: - )
MornaTK Installer (HKLM-x32...{BCD1C4AD-EB1A-40DF-A838-2AF8C45B5942}) (Version: 1.0 - MornaTales)
Movavi Video Converter 18 Premium (HKLM-x32...\Movavi Video Converter 18 Premium) (Version: 18.3.0 - Movavi)
Movie Maker (HKLM-x32...{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32...{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 66.0.3 (x86 en-US) (HKLM-x32...\Mozilla Firefox 66.0.3 (x86 en-US)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
Mumble 1.2.19 (HKLM-x32...{F62A874F-2354-49B1-87BE-CAAD7C8FA084}) (Version: 1.2.19 - Thorvald Natvig)
MYOB AccountRight Plus v19.12.0 ED (HKLM-x32...{27D4F4A7-5A34-4657-9E78-D6B1E87C8A90}) (Version: 19.12.0 - MYOB Technology Pty Ltd) Hidden
MYOB AccountRight Plus v19.12.0 ED (HKLM-x32...\InstallShield{27D4F4A7-5A34-4657-9E78-D6B1E87C8A90}) (Version: 19.12.0 - MYOB Technology Pty Ltd)
MYOB ODBC Direct v10 AUS (HKLM-x32...{55D5A77E-FAAA-4358-B3E5-6565E024F78B}) (Version: 10.1.0 - MYOB Technology Pty Ltd) Hidden
MYOB ODBC Direct v10 AUS (HKLM-x32...\InstallShield{55D5A77E-FAAA-4358-B3E5-6565E024F78B}) (Version: 10.1.0 - MYOB Technology Pty Ltd)
MySQL Installer - Community (HKLM-x32...{4553E209-560C-451E-9DE9-E6B812D32B8C}) (Version: 1.4.8.0 - Oracle Corporation)
MySQL Server 5.0 (HKLM-x32...{2FEB25F8-C3CB-49A2-AE79-DE17FFAFB5D9}) (Version: 5.0.45 - MySQL AB)
MySQL Tools for 5.0 (HKLM-x32...{EC561602-C0B9-4FAA-A175-1B3273639AC3}) (Version: 5.0.12 - MySQL AB)
Notepad++ (32-bit x86) (HKLM-x32...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NovaRO (HKLM-x32...\NovaRO_is1) (Version: 6.0.0 - NovaRO)
Nox APP Player (HKLM-x32...\Nox) (Version: 6.0.1.1 - Duodian Technology Co. Ltd.)
OBS Studio (HKLM-x32...\OBS Studio) (Version: 21.1.2 - OBS Project)
OEM Application Profile (HKLM-x32...{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Opera Stable 58.0.3135.127 (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
Pingzapper version 2.1.2 (HKLM-x32...{7FD61982-5436-439B-B5D0-36F0536FF8BF}_is1) (Version: 2.1.2 - Pingzapper)
PlayNexia II (HKLM-x32...\PlayNexia II) (Version: - )
PlaysTV (HKLM-x32...\PlaysTV) (Version: 1.13.1-r115223-release - Plays.tv, LLC)
Pokémon World Online Uninstaller (HKLM-x32...{6B67E1A1-1D62-4BDC-8C60-07FDF25CA975}_is1) (Version: 1.97 - PWO Team)
Prerequisites for SSDT (HKLM-x32...{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32...{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
PX Profile Update (HKLM-x32...{230C6C56-D930-2D7A-CF62-9BE26FAEE260}) (Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32...{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Ragnarok Online (HKLM-x32...{181579B5-0028-4E01-AC27-97ED80352279}) (Version: 14.2.5 - Gravity Interactive, Inc.)
Raptr (HKLM-x32...\Raptr) (Version: 5.1.1-r111306-release - Raptr, Inc)
Razer Game Booster (HKLM-x32...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
Realtek Card Reader (HKLM-x32...{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32...{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32...{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.30.0239 - REALTEK Semiconductor Corp.)
Roslyn Language Services - x86 (HKLM-x32...{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Safari (HKLM-x32...{A08BAD08-9AA3-410F-98F3-C92C8EE37218}) (Version: 5.34.54.16 - Apple Inc.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skype™ 7.26 (HKLM-x32...{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Speccy (HKLM...\Speccy) (Version: 1.31 - Piriform)
Spotify (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
Sql Server Customer Experience Improvement Program (HKLM...{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32...{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32...{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32...{90120000-0030-0000-0000-0000000FF1CE}ENTERPRISE{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM...{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32...{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM...{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM-x32...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
Visual Studio 2012 x64 Redistributables (HKLM...{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32...{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32...\VLC media player) (Version: 3.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (64-bit) (HKLM...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.0) (HKLM...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32...{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare PDFelement 6 Pro(Build 6.8.6) (HKLM-x32...{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.8.6.4121 - Wondershare Software Co.,Ltd.)
Wondershare Video Converter Ultimate(Build 10.3.0.178) (HKLM-x32...\Video Converter Ultimate_is1) (Version: 10.3.0.178 - Wondershare Software)
World of Warcraft (HKLM-x32...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32...\xampp) (Version: 7.1.1-0 - Bitnami)
Zoom (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID{00020420-0000-0000-C000-000000000046}\InprocServer32 → C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows → Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID{00020424-0000-0000-C000-000000000046}\InprocServer32 → C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows → Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID{E31EA727-12ED-4702-820C-4B6445F28E1A} → [Dropbox] => C:\Users\Lenovo\Dropbox [2015-07-07 16:17]
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID{f1d8036a-7f48-43e4-8045-dbcb4e742507}\InprocServer32 → C:\WINDOWS\system32\dfshim.dll (Microsoft Windows → Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation → Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] → {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] → {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] → {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] → {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] → {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] → {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] → {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] → {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] → {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] → {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] → {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] → {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] → {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] → {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] → {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] → {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] → {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] → {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] → {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] → {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] → {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ → )
ContextMenuHandlers1: [DropboxExt] → {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ContextMenuHandlers1: [IObitUnstaler] → {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology → IObit)
ContextMenuHandlers1: [SD360] → {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED → )
ContextMenuHandlers1: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-02-25] (win.rar GmbH → Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-02-25] (win.rar GmbH → Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation → Malwarebytes)
ContextMenuHandlers4: [DropboxExt] → {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ContextMenuHandlers4: [IObitUnstaler] → {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology → IObit)
ContextMenuHandlers4: [SD360] → {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED → )
ContextMenuHandlers5: [ACE] → {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-06-28] (Advanced Micro Devices, Inc. → Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] → {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc → Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] → {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher → Intel Corporation)
ContextMenuHandlers6: [IObitUnstaler] → {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology → IObit)
ContextMenuHandlers6: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation → Malwarebytes)
ContextMenuHandlers6: [SD360] → {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED → )
ContextMenuHandlers6: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-02-25] (win.rar GmbH → Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-02-25] (win.rar GmbH → Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {012A6F59-87D6-44E0-A91E-4191C44105EE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {02E9EE88-8B2A-45A8-B237-293AF930C0D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd → Piriform Ltd)
Task: {06B7B6A5-89CC-4D81-B982-3F531F29F6A9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. → AVAST Software)
Task: {07375CF8-C1FF-492B-8278-0396D0245D6F} - System32\Tasks\DropboxUpdateTaskMachineCore1d1719f 65cee02e => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc → Dropbox, Inc.)
Task: {0F9B47A5-A3A5-4CC4-9CF4-6FCF47A1FB9F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {115F90B7-1231-4FF1-AB5B-92FEF3694B20} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited → Easeware)
Task: {159448A5-F558-4572-8A16-6E303989186A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19946D02-33AE-4E60-81DF-5092DEB8F277} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {1AE784A5-A8C1-469D-ACDC-69A2BD7FEE8A} - System32\Tasks\DropboxUpdateTaskMachineUA1d1719f66 008e5b => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc → Dropbox, Inc.)
Task: {1DA9B645-13DA-4059-A3CB-D56C3971092C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {21BE9597-704B-4669-B98E-367AC00D234B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24672617-0A93-4BB5-8559-4012CEDFDF08} - System32\Tasks{61E32EBD-8E77-4D1B-9D4E-DFB440A9AB05} => C:\Windows\system32\pcalua.exe -a “D:\game\Gravity\openkore\Ragnarok Online\Setup.exe” -d “D:\game\Gravity\openkore\Ragnarok Online”
Task: {25C72C5E-A5A2-4F4B-BD37-3E4477093B5A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {297450E0-6ABB-427D-BB1C-BB2872268E11} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {31709D69-4FCE-4D4D-821C-94E1E6D6B831} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {36512371-A906-4CBA-8D6E-CCCA8F25E12E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwa reAssetManagerService.exe (Intel(R) Software Asset Manager → Intel Corporation)
Task: {3BB917BA-28B7-4433-B3E7-7EFBADC9BF05} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. → AVAST Software)
Task: {3BB99F43-80C7-4010-9269-058CFC43E873} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3C199C18-45CD-429D-B193-E25CBD0D0253} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D4F0449-FE30-4BDD-871D-BC436EDB0421} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {508A340E-5F91-492E-ABB0-B98532F80480} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => “C:\WINDOWS\System32\Wscript.exe” //B //NoLogo “C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs”
Task: {522525D9-3E35-4CED-9B07-86DCF48846B4} - System32\Tasks\S-1-5-21-1925601759-1010797402-2804155008-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows → Microsoft Corporation)
Task: {547C6C01-5708-4D14-AA13-ACA0C447A4A6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. → Advanced Micro Devices, Inc.)
Task: {57DFC5D9-A460-4BFF-B8E3-7B32AFB8CF85} - System32\Tasks\CommView for WiFi Update => C:\Program Files (x86)\CommViewWiFi\Updater.exe
Task: {5A1FB4EE-EE0E-4270-9E75-684F0AF09C07} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {621144B0-DE22-4BA5-8091-E7C4827BEF4F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {67DA1BE8-90A4-4CF2-A274-8747F431E302} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {789B54F6-B496-4419-97FF-B9199F07696D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. → Apple Inc.)
Task: {807DE444-D371-423B-899D-8236EA7A416B} - System32\Tasks\Uninstaller_SkipUac_Lenovo => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe (IObit Information Technology → IObit)
Task: {909165E7-58B7-40A8-BAD4-06369AE44715} - System32\Tasks\Microsoft\Windows\Flighting\Feature Config\ReconcileFeatures
Task: {9C7FF83C-4028-4C31-9DA7-4814BF4DD82A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9EA7EA19-87D5-4A05-90A2-77FAC5CAFED8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd → Piriform Ltd)
Task: {A1E768A1-C621-44E3-9D8D-0B31A7AA6480} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe (Intel(R) Software → Intel Corporation)
Task: {A2BC51F7-A5A5-4583-BCFC-07D102EFC8B5} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. → McAfee, Inc.)
Task: {A3F7EA55-63E8-472B-BD18-E4C82C33D682} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe (Adobe Systems Incorporated → Adobe Systems Incorporated)
Task: {A65C2727-BF46-4882-A619-716BB2E10EE3} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A9744BF1-B3BE-485E-8CED-C8A112DB42C9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B170E593-7A4A-42ED-8E5E-FE91C524223A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_ 0_0_113_pepper.exe (Adobe Systems Incorporated → Adobe Systems Incorporated)
Task: {B79C1E15-BBAE-4901-8144-CA6499E7F7BD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BAB0F865-1900-4889-B5E2-E00F083B9AC6} - System32\Tasks\Opera scheduled assistant Autoupdate 1550324909 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launc her.exe (Opera Software AS → Opera Software)
Task: {C35EAC49-C654-4AD2-A8E0-13BB4B538500} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB120083-D139-490E-ABC1-9711116BDE86} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_ 0_0_113_Plugin.exe (Adobe Systems Incorporated → Adobe Systems Incorporated)
Task: {CC790BC5-5E2E-431D-96D7-38992A378467} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc → Google Inc.)
Task: {D841F08B-9CC5-4DE4-8780-B48A4D247CC3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DA3CD105-1C40-4F31-B596-534277F311B7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {DC97CD24-99CA-4409-AA44-E0B8E9790D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc → Google Inc.)
Task: {DEBAD4D3-2F39-4C63-9561-762021145015} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe
Task: {ECF63DBD-0D24-4258-861D-7F5BDFA4C73D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F73979B7-3B5E-4FBF-AF56-473DC86B90CE} - System32\Tasks\Opera scheduled Autoupdate 1521719234 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launc her.exe (Opera Software AS → Opera Software)
Task: {F8A429FB-D075-49EE-91B6-D247866AD4A6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwa reAssetManagerService.exe (Intel(R) Software Asset Manager → Intel Corporation)
Task: {FEB657CD-087C-4664-B5E8-D03BBC23E1CF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d171 9f65cee02e.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d1719f 66008e5b.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Googl e Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) → --profile-directory=“Profile 1”
==================== Loaded Modules (Whitelisted) ==============
2018-12-18 14:31 - 2017-10-19 09:17 - 000271360 _____ (Wondershare Software) [File not signed] C:\WINDOWS\System32\WSPDFelementMonitor.dll
2013-08-27 17:32 - 2013-08-27 17:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2007-07-06 12:14 - 2007-07-06 12:14 - 005730304 _____ () [File not signed] C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
2016-06-28 21:38 - 2016-06-28 21:38 - 000138752 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000009216 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000077312 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPMaster.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000011264 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPUF.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000060928 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPDU.exe
2015-11-25 06:49 - 2015-11-25 06:49 - 002257408 _____ (ActiveState Software Inc) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\python26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000028160 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-25 06:46 - 2015-11-25 06:46 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000041472 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000096256 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000356864 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV_hashlib.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000017920 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000019968 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000036352 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000043008 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV_socket.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000805376 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV_ssl.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000087040 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV_ctypes.pyd
2015-11-25 06:46 - 2015-11-25 06:46 - 000354304 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000167936 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 001980928 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-11-25 07:02 - 2015-11-25 07:02 - 004604416 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Gui.dll
2015-11-25 07:01 - 2015-11-25 07:01 - 004088320 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Core.dll
2015-11-25 07:01 - 2015-11-25 07:01 - 001961472 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icuin53.dll
2015-11-25 07:02 - 2015-11-25 07:02 - 001316352 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icuuc53.dll
2015-11-25 07:01 - 2015-11-25 07:01 - 021529088 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icudt53.dll
2015-12-08 06:57 - 2015-12-08 06:57 - 000077824 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 001862144 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 000516608 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-25 07:02 - 2015-11-25 07:02 - 000839680 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Network.dll
2015-11-25 06:47 - 2015-11-25 06:47 - 004060160 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-25 07:01 - 2015-11-25 07:01 - 004468736 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Widgets.dll
2015-11-25 06:43 - 2015-11-25 06:43 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2018-03-22 23:24 - 2019-04-19 14:07 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-19 14:03 - 2019-04-19 14:07 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-19 14:03 - 2019-04-19 14:07 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2013-11-21 11:31 - 2013-11-21 11:31 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-11-21 11:31 - 2013-11-21 11:31 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => “”=“Service”
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-11-15 03:41 - 2019-04-20 04:14 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2016-11-07 03:29 - 2016-11-07 03:29 - 000000499 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.70 iPhone.mshome.net # 2016 11 0 13 17 29 46 813
192.168.137.1 Lenovo-PC.mshome.net # 2021 11 5 5 17 29 46 813
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;%SystemRoot%\system32;%SystemRoot%;%SystemR oot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPo werShell\v1.0;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;D:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Skype\Phone;C:\Program Files\Microsoft SQL Server\130\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files\Microsoft SQL Server\100\Tools\Binn;C:\Program Files\Microsoft SQL Server\100\DTS\Binn;%SYSTEMROOT%\System32\OpenSSH
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\Control Panel\Desktop\Wallpaper → C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Tel ephony\Providers => ProviderFileName2 → ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: CLHNServiceForPowerDVD => 2
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Service => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: hmevpnsvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: PingzapperSvc => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: UDisk Monitor => 2
MSCONFIG\Services: WtuSystemSupport => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lenovo^AppData^Roaming^Microsoft^Windows^ Start Menu^Programs^Startup^MYOB Add-On Connector.lnk => C:\Windows\pss\MYOB Add-On Connector.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => “C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe”
MSCONFIG\startupreg: APSDaemon => “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
MSCONFIG\startupreg: AVG-Secure-Search-Update_0715tb => “C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe” /PROMPT /CMPID=0715tb
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => “C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe”
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe
MSCONFIG\startupreg: cFosSpeed => C:\Program Files\cFosSpeed\cFosSpeed.exe
MSCONFIG\startupreg: Dropbox => “C:\Program Files (x86)\Dropbox\Client\Dropbox.exe” /systemstartup
MSCONFIG\startupreg: Energy Management => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
MSCONFIG\startupreg: EnergyUtility => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
MSCONFIG\startupreg: ForteConfig => C:\Program Files\Conexant\ForteConfig\fmapp.exe
MSCONFIG\startupreg: Google Update => “C:\Users\Lenovo\AppData\Local\Google\Update\Googl eUpdate.exe” /c
MSCONFIG\startupreg: GrooveMonitor => “C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe”
MSCONFIG\startupreg: HotKeysCmds => “C:\Windows\system32\hkcmd.exe”
MSCONFIG\startupreg: IAStorIcon => “C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe” “C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe” 60
MSCONFIG\startupreg: IgfxTray => “C:\Windows\system32\igfxtray.exe”
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Persistence => “C:\Windows\system32\igfxpers.exe”
MSCONFIG\startupreg: QuickTime Task => “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
MSCONFIG\startupreg: Raptr => C:\Program Files (x86)\Raptr\RAPTRS~1.EXE --startup
MSCONFIG\startupreg: Razer Synapse => “C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe”
MSCONFIG\startupreg: RemoteControl11 => “C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe”
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SACpl.exe /t
MSCONFIG\startupreg: Spotify => “C:\Users\Lenovo\AppData\Roaming\Spotify\Spotify.e xe” -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => “C:\Users\Lenovo\AppData\Roaming\Spotify\SpotifyWe bHelper.exe”
MSCONFIG\startupreg: StartCCC => “C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe” MSRun
MSCONFIG\startupreg: Steam => “C:\Program Files (x86)\Steam\steam.exe” -silent
MSCONFIG\startupreg: SynLenovoGestureMgr => %ProgramFiles%\Synaptics\SynTP\SynLenovoGestureMgr .exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: USB3MON => “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
MSCONFIG\startupreg: vProt => “C:\Program Files (x86)\AVG Web TuneUp\vprot.exe”
MSCONFIG\startupreg: WTFast Tray => “D:\Program Files (x86)\WTFast\WTFast.exe” trayonly
HKLM...\StartupApproved\Run: => “cAudioFilterAgent”
HKLM...\StartupApproved\Run: => “ForteConfig”
HKLM...\StartupApproved\Run: => “iTunesHelper”
HKLM...\StartupApproved\Run: => “StartCN”
HKLM...\StartupApproved\Run32: => “DivXUpdate”
HKLM...\StartupApproved\Run32: => “DivXMediaServer”
HKLM...\StartupApproved\Run32: => “Dropbox”
HKLM...\StartupApproved\Run32: => “AVG_UI”
HKLM...\StartupApproved\Run32: => “QuickTime Task”
HKLM...\StartupApproved\Run32: => “Raptr”
HKLM...\StartupApproved\Run32: => “vProt”
HKLM...\StartupApproved\Run32: => “PlaysTV”
HKLM...\StartupApproved\Run32: => “Wondershare Helper Compact.exe”
HKLM...\StartupApproved\Run32: => “SunJavaUpdateSched”
HKLM...\StartupApproved\Run32: => “SecurityHealth”
HKLM...\StartupApproved\Run32: => “SmartAudio”
HKLM...\StartupApproved\Run32: => “ETDCtrl”
HKLM...\StartupApproved\Run32: => “DSATray”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\StartupFolder: => “hide.me VPN.lnk”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\StartupFolder: => “Bitcoin.lnk”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “Discord”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “OneDrive”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “Spotify Web Helper”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “WTFast Tray”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “CCleaner Monitoring”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “Free Download Manager”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “Adguard”
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000...\StartupApproved\Run: => “DownloadAccelerator”
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D90D21C3-BAD6-4B80-BC6B-95BBD9A82F27}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{46A1B855-A108-4B9E-81E1-D3A6228F8047}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (QIHU 360 SOFTWARE CO. LIMITED → Qihoo 360 Technology Co. Ltd.)
==================== Restore Points =========================
19-04-2019 04:42:40 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (04/20/2019 04:22:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AvLaunch.exe, version: 19.3.4241.0, time stamp: 0x5c82677e
Faulting module name: ucrtbase.dll, version: 10.0.17134.677, time stamp: 0x9f346d3f
Exception code: 0xc0000409
Fault offset: 0x000000000006e14e
Faulting process id: 0x930
Faulting application start time: 0x01d4f6dcbd9cb91e
Faulting application path: C:\Program Files\AVAST Software\Avast\AvLaunch.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 73a46981-8edb-48cd-b2a9-936390caca89
Faulting package full name:
Faulting package-relative application ID:
Error: (04/20/2019 04:18:41 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 8317) (User: )
Description: Cannot query value ‘First Counter’ associated with registry key ‘HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$SQLE XPRESS\Performance’. SQL Server performance counters are disabled.
Error: (04/20/2019 04:14:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (04/20/2019 04:13:01 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {08499028-1e60-4eea-aa56-62f230a4f5d9}
Error: (04/20/2019 04:09:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.17134.677, time stamp: 0xb4a88dff
Faulting module name: ntdll.dll, version: 10.0.17134.556, time stamp: 0x74bed8b0
Exception code: 0xc0000005
Fault offset: 0x0000000000024989
Faulting process id: 0x193c
Faulting application start time: 0x01d4f644479a143e
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: a08641ea-208c-470a-a576-2291f1e782fe
Faulting package full name:
Faulting package-relative application ID:
Error: (04/19/2019 10:24:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.17134.1, time stamp: 0x5ace103a
Faulting module name: ntdll.dll, version: 10.0.17134.556, time stamp: 0x74bed8b0
Exception code: 0xc0000374
Fault offset: 0x00000000000f479b
Faulting process id: 0x720
Faulting application start time: 0x01d4f644758852d1
Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\ShellExperienceHost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 8b43e3fc-5c5f-477a-8ae8-c9f4b9215bdc
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.17134.1 12_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (04/19/2019 01:00:47 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, “iehistory://{S-1-5-21-1925601759-1010797402-2804155008-1000}/”>.
Error: (04/19/2019 10:14:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AvLaunch.exe, version: 19.3.4241.0, time stamp: 0x5c82677e
Faulting module name: ucrtbase.dll, version: 10.0.17134.677, time stamp: 0x9f346d3f
Exception code: 0xc0000409
Fault offset: 0x000000000006e14e
Faulting process id: 0x176c
Faulting application start time: 0x01d4f6449fe30c0a
Faulting application path: C:\Program Files\AVAST Software\Avast\AvLaunch.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 63396444-9bfc-471f-a29d-aab87208a1ba
Faulting package full name:
Faulting package-relative application ID:
[HEADING=1]System errors:[/HEADING]
Error: (04/20/2019 04:27:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/20/2019 04:26:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.
Error: (04/20/2019 04:26:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Update Orchestrator Service service hung on starting.
Error: (04/20/2019 04:23:56 AM) (Source: DCOM) (EventID: 10016) (User: Lenovo-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Lenovo-PC\Lenovo SID (S-1-5-21-1925601759-1010797402-2804155008-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/20/2019 04:19:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/20/2019 04:19:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The RasMan service depends on the SstpSvc service which failed to start because of the following error:
The operation completed successfully.
Error: (04/20/2019 04:18:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAService service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/20/2019 04:18:31 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL “C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter” failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notifica tion Packages, refers to a correct and absolute path (:<path><filename>.) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at Microsoft Learn: Build skills that open doors in your career .
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2019-04-20 02:59:53.375
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:29.316
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:28.526
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:27.687
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:26.977
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:26.211
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:25.474
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-20 02:55:24.604
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core™ i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 44%
Total physical RAM: 8088.36 MB
Available physical RAM: 4470.66 MB
Total Virtual: 20220.36 MB
Available Virtual: 16473.34 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:151.27 GB) (Free:19.19 GB) NTFS
Drive d: (Data) (Fixed) (Total:584.83 GB) (Free:275.81 GB) NTFS
Drive f: (Bandicam) (Fixed) (Total:195.31 GB) (Free:179.55 GB) NTFS
\?\Volume{c05dd144-747f-11e4-9d1a-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
==================== MBR & Partition Table ==================
================================================== ======
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=584.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=0F Extended)
==================== End of Addition.txt ============================
Note: you can delete this post if it is unnecessary
Comment