Solved Connection issue regarding certificate

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Welcome to our Community
Wanting to join the rest of our members? Feel free to sign up today.
Sign up
Status
Not open for further replies.

jmarket

PCHF's Almighty Ruler
PCHF Owner
Support Team
Security Team
Jan 10, 2015
2,121
494
PCHF Bunker
pchelpforum.net
Please download Geek Uninstaller and uninstall the following programs:

AVG 2015
AVG Web TuneUp
Free Download Manager
Driver Easy 5.6.1
Go ahead and rerun AdwCleaner and post the logs. If you need reference, please refer to the below quote:

We will need a log from AdwCleaner for further information.

Please go HERE and download AdwCleaner to your Desktop. Once downloaded right click the new icon and select Run as Administrator from the context menu to open the program. It will open at the Dashboard tab and no further changes to the program are necessary at this stage.

Click the Scan Now button.



Allow AdwCleaner to start scanning and depending on the amount of data on your PC it may take some time. At the conclusion of the scan any content considered unnecessary will be displayed in the Scan Results box. Ensure all items are selected for removal and click "Clean & Repair"



After selecting "Clean & Repair" another dialogue box may appear asking to restart now or later. If so choose "Clean & Restart Now"


Once the PC has restarted if AdwCleaner does not restart then open it again and click "Log Files" tab on the left. All log files will be listed. If you have used the program previously you may have several logs to select from so double click the most recent "Clean" log and it will open a notepad file on your Desktop.

Please COPY and PASTE the contents of that file in your next post :)
 

Baroona

PCHF Member
PCHF Member
Apr 18, 2019
21
1
23
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-18.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-20-2019
# Duration: 00:00:08
# OS: Windows 10 Pro
# Cleaned: 45
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\DriverUpdate
Deleted C:\Program Files\SlimWare Utilities
Deleted C:\Users\Lenovo\AppData\Local\slimware utilities inc
Deleted C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\SlimWare Utilities Inc
Deleted HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Deleted HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|DriverSupport.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING|DriverSupport.exe
Deleted HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\50D2BAFD096C90345A82B25A790BDF69
Deleted HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Deleted HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Deleted HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Deleted HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Deleted HKLM\Software\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Deleted HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Deleted HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\services\WtuSystemSupport
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|WebDiscoverBrowser
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\50D2BAFD096C90345A82B25A790BDF69
Deleted HKLM\Software\SlimWare Utilities Inc
Deleted HKLM\Software\Wow6432Node\AVG Tuneup
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted HKLM\Software\Wow6432Node\SpeedBit
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\ViProtocol.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Wow6432Node\\Classes\protocols\handler\viprotocol
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9761 octets] - [19/04/2019 09:43:24]
AdwCleaner[S01].txt - [5168 octets] - [20/04/2019 04:38:55]
AdwCleaner[S02].txt - [5968 octets] - [20/04/2019 20:00:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########


I cant seems to find AVG 2015, i guess it was never installed properly
 

jmarket

PCHF's Almighty Ruler
PCHF Owner
Support Team
Security Team
Jan 10, 2015
2,121
494
PCHF Bunker
pchelpforum.net
A lot of crap was cleaned up. Go ahead and re-run FRST for me. We're going to clean your machine. We'll end up getting Chrome fixed, it's just a matter of cleaning first
 

Baroona

PCHF Member
PCHF Member
Apr 18, 2019
21
1
23
FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.04.2019 01
Ran by Lenovo (administrator) on LENOVO-PC (LENOVO 20369) (21-04-2019 00:52:07)
Running from C:\Users\Lenovo\Desktop\Comp Tool\FRST
Loaded Profiles: Lenovo (Available Profiles: Lenovo & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() [File not signed] C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
(Plays.tv, LLC -> Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Razer Inc. -> Razer Inc.) D:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(QIHU 360 SOFTWARE CO. LIMITED -> QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Opera Software AS -> Opera Software) C:\Users\Lenovo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPMaster.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPUF.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPDU.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\QHSafeMain.exe
(QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\PromoUtil.exe
(QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\Utils\cef\cefutil.exe
(QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\Utils\cef\cefutil.exe
(QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\Utils\cef\cefutil.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PING.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-08-10] (Plays.tv, LLC -> Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-01] (Raptr, Inc -> Raptr, Inc)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [669248 2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [135968 2018-03-15] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-07] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Run: [Opera Browser Assistant] => C:\Users\Lenovo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2480216 2019-02-12] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-08] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\system32\ff_vfw.dll [126976 2015-08-25] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\SysWOW64\huffyuv.dll [39936 2004-05-19] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-08] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-26] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\SysWOW64\ff_vfw.dll [112128 2015-08-25] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-19] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {012A6F59-87D6-44E0-A91E-4191C44105EE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {02E9EE88-8B2A-45A8-B237-293AF930C0D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {06B7B6A5-89CC-4D81-B982-3F531F29F6A9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {07375CF8-C1FF-492B-8278-0396D0245D6F} - System32\Tasks\DropboxUpdateTaskMachineCore1d1719f65cee02e => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {0F9B47A5-A3A5-4CC4-9CF4-6FCF47A1FB9F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {159448A5-F558-4572-8A16-6E303989186A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19946D02-33AE-4E60-81DF-5092DEB8F277} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {1AE784A5-A8C1-469D-ACDC-69A2BD7FEE8A} - System32\Tasks\DropboxUpdateTaskMachineUA1d1719f66008e5b => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {1DA9B645-13DA-4059-A3CB-D56C3971092C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {21BE9597-704B-4669-B98E-367AC00D234B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24672617-0A93-4BB5-8559-4012CEDFDF08} - System32\Tasks\{61E32EBD-8E77-4D1B-9D4E-DFB440A9AB05} => C:\Windows\system32\pcalua.exe -a "D:\game\Gravity\openkore\Ragnarok Online\Setup.exe" -d "D:\game\Gravity\openkore\Ragnarok Online"
Task: {25C72C5E-A5A2-4F4B-BD37-3E4477093B5A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {297450E0-6ABB-427D-BB1C-BB2872268E11} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {31709D69-4FCE-4D4D-821C-94E1E6D6B831} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {36512371-A906-4CBA-8D6E-CCCA8F25E12E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {3BB917BA-28B7-4433-B3E7-7EFBADC9BF05} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {3BB99F43-80C7-4010-9269-058CFC43E873} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3C199C18-45CD-429D-B193-E25CBD0D0253} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D4F0449-FE30-4BDD-871D-BC436EDB0421} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {508A340E-5F91-492E-ABB0-B98532F80480} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {522525D9-3E35-4CED-9B07-86DCF48846B4} - System32\Tasks\S-1-5-21-1925601759-1010797402-2804155008-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {547C6C01-5708-4D14-AA13-ACA0C447A4A6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {57DFC5D9-A460-4BFF-B8E3-7B32AFB8CF85} - System32\Tasks\CommView for WiFi Update => C:\Program Files (x86)\CommViewWiFi\Updater.exe
Task: {5A1FB4EE-EE0E-4270-9E75-684F0AF09C07} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {621144B0-DE22-4BA5-8091-E7C4827BEF4F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {67DA1BE8-90A4-4CF2-A274-8747F431E302} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {789B54F6-B496-4419-97FF-B9199F07696D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {807DE444-D371-423B-899D-8236EA7A416B} - System32\Tasks\Uninstaller_SkipUac_Lenovo => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe (IObit Information Technology -> IObit)
Task: {909165E7-58B7-40A8-BAD4-06369AE44715} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {9C7FF83C-4028-4C31-9DA7-4814BF4DD82A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9EA7EA19-87D5-4A05-90A2-77FAC5CAFED8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
Task: {A1E768A1-C621-44E3-9D8D-0B31A7AA6480} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe (Intel(R) Software -> Intel Corporation)
Task: {A2BC51F7-A5A5-4583-BCFC-07D102EFC8B5} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {A3F7EA55-63E8-472B-BD18-E4C82C33D682} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Inc. -> Adobe)
Task: {A65C2727-BF46-4882-A619-716BB2E10EE3} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A9744BF1-B3BE-485E-8CED-C8A112DB42C9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B170E593-7A4A-42ED-8E5E-FE91C524223A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe (Adobe Inc. -> Adobe)
Task: {B79C1E15-BBAE-4901-8144-CA6499E7F7BD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BAB0F865-1900-4889-B5E2-E00F083B9AC6} - System32\Tasks\Opera scheduled assistant Autoupdate 1550324909 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {C35EAC49-C654-4AD2-A8E0-13BB4B538500} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {C97EB93D-C73A-445D-9AD3-43A1702373F0} - System32\Tasks\opera scheduled autoupdate 1521719234 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {CB120083-D139-490E-ABC1-9711116BDE86} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe (Adobe Inc. -> Adobe)
Task: {CC790BC5-5E2E-431D-96D7-38992A378467} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {D841F08B-9CC5-4DE4-8780-B48A4D247CC3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DA3CD105-1C40-4F31-B596-534277F311B7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {DC97CD24-99CA-4409-AA44-E0B8E9790D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DEBAD4D3-2F39-4C63-9561-762021145015} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe
Task: {ECF63DBD-0D24-4258-861D-7F5BDFA4C73D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F8A429FB-D075-49EE-91B6-D247866AD4A6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {FEB657CD-087C-4664-B5E8-D03BBC23E1CF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d1719f65cee02e.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d1719f66008e5b.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8d45d7f2-23ec-402e-ba7c-d7e2681ab43c}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {A485DD13-1799-4E8B-8E0D-87A35529FC3C} URL =
SearchScopes: HKLM-x32 -> DefaultScope {A485DD13-1799-4E8B-8E0D-87A35529FC3C} URL =
BHO-x32: No Name -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-04-20] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File
Toolbar: HKLM-x32 - No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File

FireFox:
========
FF DefaultProfile: 5556b60k.default-1555684723521
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5556b60k.default-1555684723521 [2019-04-21]
FF Extension: (Federated Learning Awesome Bar) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5556b60k.default-1555684723521\Extensions\[email protected] [2019-04-20]
FF Extension: (AdBlock) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5556b60k.default-1555684723521\Extensions\[email protected] [2019-04-20]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - D:\Program Files (x86)\DAP\daplinkchecker
FF Extension: (DAP Link Checker) - D:\Program Files (x86)\DAP\daplinkchecker [2017-11-12] [Legacy] [not signed]
FF HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - D:\Program Files (x86)\DAP\DAPFireFox
FF Extension: (Download Accelerator Plus (DAP) extension) - D:\Program Files (x86)\DAP\DAPFireFox [2017-11-12] [Legacy] [not signed]
FF HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-20] (Adobe Inc. -> )
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC -> DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2014-11-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-20] (Adobe Inc. -> )
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC -> DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-09-02] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-04-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Lenovo\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall) [File not signed]
FF Plugin-x32: @softnyxNpruntime -> D:\Game\SoftnyxGame\NyxLauncherIS\npSoftnyx.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-19] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-19] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1925601759-1010797402-2804155008-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Lenovo\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-11-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2019-04-21]
CHR Extension: (Slides) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-19]
CHR Extension: (AdLock ad blocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aemffjkmgcepimloclpkecifcnipnodh [2019-04-19]
CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-19]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-19]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-19]
CHR Extension: (Sheets) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-19]
CHR Extension: (AdBlock) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-19]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-19]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>

Opera:
=======
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-04-18]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
S3 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [287264 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. -> Apple Inc.)
R2 AUEPLauncher; C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe [9216 2018-01-31] () [File not signed]
S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-20] (CyberLink -> )
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink -> CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink -> CyberLink)
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2018-03-15] (Intel(R) Driver & Support Assistant -> Intel)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products -> )
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
S3 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373688 2017-06-12] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit Information Technology -> IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.0\my.ini [9263 2017-02-03] () [File not signed]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7780848 2017-11-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-10] (Plays.tv, LLC -> Plays.tv, LLC)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [965184 2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 RzKLService; D:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
S4 UDisk Monitor; D:\Program Files\Modem AC2726 UI\bin\MonServiceUDisk64.exe [407040 2009-09-23] () [File not signed]
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products -> )
S3 VSStandardCollectorService140; D:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe [105064 2018-07-25] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 SlimWareServices; "C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe" [X]
S2 TrueKey; "C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe" [X]
S2 TrueKeyScheduler; "C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe" [X]
S2 TrueKeyServiceHelper; "C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [192600 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [340568 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [443992 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360netmon; C:\WINDOWS\System32\DRIVERS\360netmon.sys [96424 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [26706464 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [518176 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [211160 2018-12-21] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
S3 CYUSB3; C:\WINDOWS\System32\Drivers\CYUSB3.sys [90536 2018-08-12] (Cypress Semiconductor Corporation -> Cypress Semiconductor)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-04-19] (Malwarebytes Corporation -> Malwarebytes)
S3 GunBod; C:\WINDOWS\system32\gunbod64.sys [84384 2017-02-09] (Beijing Apex Weifeng Technology Co.,Ltd. -> )
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37184 2018-10-16] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [43392 2018-10-16] (IObit Information Technology -> IObit)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-31] (Logitech -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-04-20] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-04-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-04-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-04-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek Semiconductor Corp -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-14] (Razer Inc. -> Razer Inc)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] (Intel(R) Code Signing External -> )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2015-11-07] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R2 WtfEngineDrv; C:\WINDOWS\system32\DRIVERS\WtfEngineDrv.sys [37872 2016-05-20] (Initex, OOO -> AAA Internet Publishing, Inc.)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-12-21] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-04-12] (CyberLink -> CyberLink Corp.)
U3 aswbdisk; no ImagePath
U3 idsvc; no ImagePath
S3 taphss6; \SystemRoot\System32\drivers\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-20 20:03 - 2019-04-20 20:03 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-20 20:03 - 2019-04-20 20:03 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-04-20 20:03 - 2019-04-20 20:03 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-04-20 20:03 - 2019-04-20 20:03 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-04-20 20:03 - 2019-04-20 20:03 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-04-20 19:47 - 2019-04-20 19:59 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Geek Uninstaller
2019-04-20 05:47 - 2019-04-20 05:47 - 000689864 _____ (PC Drivers HeadQuarters LP) C:\Users\Lenovo\Downloads\DriverSupport.exe
2019-04-20 05:27 - 2019-04-20 05:27 - 000001443 _____ C:\Users\Lenovo\Desktop\Opera Browser.lnk
2019-04-20 05:22 - 2019-04-20 05:22 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2019-04-20 05:22 - 2019-04-20 05:22 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2019-04-20 05:22 - 2019-04-20 05:22 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2019-04-20 05:22 - 2019-04-20 05:22 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2019-04-20 05:22 - 2019-04-20 05:22 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2019-04-20 05:22 - 2019-04-20 05:22 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll
2019-04-20 05:21 - 2019-04-20 05:21 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-04-20 05:21 - 2019-04-20 05:21 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-04-20 05:20 - 2019-04-20 05:20 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-04-20 05:20 - 2019-04-20 05:20 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-04-20 05:14 - 2019-02-13 15:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-04-20 04:59 - 2019-04-20 04:59 - 001789728 _____ (Patch My PC, LLC) C:\Users\Lenovo\Downloads\PatchMyPC.exe
2019-04-20 04:52 - 2019-04-20 04:52 - 001053784 _____ (Slimware Utilities Holdings, Inc.) C:\Users\Lenovo\Downloads\DriverUpdate-setup-647c971c-3a7c-4d70-87e5-a2605e00daa2.exe
2019-04-20 04:41 - 2019-04-20 05:53 - 000000000 ____D C:\SecurityCheck
2019-04-20 04:30 - 2019-04-21 00:51 - 000000000 ____D C:\Users\Lenovo\Desktop\Comp Tool
2019-04-20 04:30 - 2019-04-20 04:30 - 000012371 _____ C:\Users\Lenovo\Desktop\bookmarks_20_04_2019.html
2019-04-20 00:38 - 2019-04-20 00:38 - 000000000 ____D C:\Users\Lenovo\Desktop\Old Firefox Data
2019-04-20 00:36 - 2019-04-20 00:36 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Mozilla
2019-04-19 14:09 - 2019-04-19 14:09 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbam
2019-04-19 14:04 - 2019-04-19 14:04 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbamtray
2019-04-19 14:03 - 2019-04-19 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-19 14:03 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-19 13:03 - 2019-04-19 13:03 - 001214008 _____ (Google LLC) C:\Users\Lenovo\Downloads\ChromeSetup.exe
2019-04-19 13:03 - 2019-04-19 13:03 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-19 13:03 - 2019-04-19 13:03 - 000002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000001222 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-19 12:45 - 2019-04-19 12:45 - 000000000 ____D C:\Users\Lenovo\Downloads\FRST-OlderVersion
2019-04-19 10:06 - 2019-04-19 10:19 - 000003530 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-19 10:06 - 2019-04-19 10:19 - 000003406 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-19 09:47 - 2019-04-19 09:49 - 005208384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-19 09:42 - 2019-04-19 09:44 - 000000000 ____D C:\AdwCleaner
2019-04-19 02:14 - 2019-04-19 12:53 - 000084516 _____ C:\Users\Lenovo\Downloads\Addition.txt
2019-04-19 02:10 - 2019-04-21 00:52 - 000000000 ____D C:\FRST
2019-04-19 02:10 - 2019-04-19 12:53 - 000072532 _____ C:\Users\Lenovo\Downloads\FRST.txt
2019-04-19 01:58 - 2019-04-19 01:58 - 037133296 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer (2).exe
2019-04-19 01:24 - 2019-04-19 01:24 - 037133296 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer (1).exe
2019-04-18 13:15 - 2019-04-19 13:03 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-18 13:15 - 2019-04-18 13:16 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Google clean
2019-04-18 12:52 - 2019-04-18 12:52 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2019-04-18 12:50 - 2019-04-20 20:08 - 000000000 ____D C:\ProgramData\ProductData
2019-04-18 12:50 - 2019-04-18 12:51 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\IObit
2019-04-18 12:50 - 2019-04-18 12:50 - 000002950 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Lenovo
2019-04-18 12:49 - 2019-04-18 12:55 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\IObit
2019-04-18 12:49 - 2019-04-18 12:54 - 000000000 ____D C:\ProgramData\IObit
2019-04-18 12:49 - 2019-04-18 12:49 - 000001430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2019-04-18 12:49 - 2019-04-18 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2019-04-18 12:49 - 2019-04-18 12:49 - 000000000 ____D C:\Program Files (x86)\IObit
2019-04-18 12:30 - 2019-04-20 20:02 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-04-18 12:30 - 2019-04-18 12:30 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-04-13 05:25 - 2019-04-13 05:25 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-10 09:53 - 2019-04-02 14:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 09:53 - 2019-03-15 00:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 09:53 - 2019-03-14 18:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 09:53 - 2019-03-14 18:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 09:53 - 2019-03-14 18:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 09:53 - 2019-03-14 18:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-10 09:53 - 2019-03-14 18:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-10 09:53 - 2019-03-14 17:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 09:53 - 2019-03-14 17:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-10 09:53 - 2019-03-14 17:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 09:52 - 2019-04-02 22:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 09:52 - 2019-04-02 22:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 09:52 - 2019-04-02 22:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 09:52 - 2019-04-02 22:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 09:52 - 2019-04-02 22:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 09:52 - 2019-04-02 22:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 09:52 - 2019-04-02 22:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 09:52 - 2019-04-02 22:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 09:52 - 2019-04-02 22:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 09:52 - 2019-04-02 22:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 09:52 - 2019-04-02 22:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 09:52 - 2019-04-02 22:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 09:52 - 2019-04-02 22:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 09:52 - 2019-04-02 19:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 09:52 - 2019-04-02 19:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 09:52 - 2019-04-02 19:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 09:52 - 2019-04-02 19:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 09:52 - 2019-04-02 19:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 09:52 - 2019-04-02 19:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 09:52 - 2019-04-02 19:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 09:52 - 2019-04-02 19:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 09:52 - 2019-04-02 19:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 09:52 - 2019-04-02 18:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 09:52 - 2019-04-02 18:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 09:52 - 2019-04-02 18:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-10 09:52 - 2019-04-02 18:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 09:52 - 2019-04-02 18:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 09:52 - 2019-04-02 18:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 09:52 - 2019-04-02 18:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 09:52 - 2019-04-02 18:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 09:52 - 2019-04-02 18:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 09:52 - 2019-04-02 18:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 09:52 - 2019-04-02 18:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 09:52 - 2019-04-02 18:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 09:52 - 2019-04-02 18:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 09:52 - 2019-04-02 18:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 09:52 - 2019-04-02 17:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 09:52 - 2019-04-02 17:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 09:52 - 2019-04-02 17:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 09:52 - 2019-04-02 17:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 09:52 - 2019-04-02 17:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 09:52 - 2019-04-02 17:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 09:52 - 2019-04-02 17:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 09:52 - 2019-04-02 17:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 09:52 - 2019-04-02 17:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 09:52 - 2019-04-02 17:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 09:52 - 2019-04-02 17:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 09:52 - 2019-04-02 17:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 09:52 - 2019-04-02 17:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 09:52 - 2019-04-02 17:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 09:52 - 2019-04-02 17:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 09:52 - 2019-04-02 17:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 09:52 - 2019-04-02 17:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 09:52 - 2019-04-02 17:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 09:52 - 2019-04-02 16:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-10 09:52 - 2019-04-02 15:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 09:52 - 2019-04-02 14:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 09:52 - 2019-04-02 14:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 09:52 - 2019-04-02 14:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 09:52 - 2019-04-02 14:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 09:52 - 2019-03-16 22:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 09:52 - 2019-03-16 19:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 09:52 - 2019-03-15 00:55 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 001626928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 09:52 - 2019-03-15 00:52 - 001424696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000954160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-04-10 09:52 - 2019-03-15 00:52 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-04-10 09:52 - 2019-03-15 00:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 09:52 - 2019-03-15 00:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-10 09:52 - 2019-03-15 00:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 09:52 - 2019-03-15 00:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 09:52 - 2019-03-15 00:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 09:52 - 2019-03-15 00:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 09:52 - 2019-03-15 00:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 09:52 - 2019-03-15 00:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 09:52 - 2019-03-15 00:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 09:52 - 2019-03-15 00:29 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 09:52 - 2019-03-15 00:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 09:52 - 2019-03-15 00:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-10 09:52 - 2019-03-14 23:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 09:52 - 2019-03-14 23:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 09:52 - 2019-03-14 23:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 09:52 - 2019-03-14 23:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 09:52 - 2019-03-14 23:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 09:52 - 2019-03-14 23:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-10 09:52 - 2019-03-14 18:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 09:52 - 2019-03-14 18:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 09:52 - 2019-03-14 18:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 09:52 - 2019-03-14 18:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 09:52 - 2019-03-14 18:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 09:52 - 2019-03-14 18:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 09:52 - 2019-03-14 18:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 09:52 - 2019-03-14 18:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 09:52 - 2019-03-14 18:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 09:52 - 2019-03-14 18:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 09:52 - 2019-03-14 18:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 09:52 - 2019-03-14 18:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 09:52 - 2019-03-14 18:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 09:52 - 2019-03-14 18:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 09:52 - 2019-03-14 18:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-10 09:52 - 2019-03-14 18:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 09:52 - 2019-03-14 18:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 09:52 - 2019-03-14 18:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 09:52 - 2019-03-14 18:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-10 09:52 - 2019-03-14 18:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-10 09:52 - 2019-03-14 18:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 09:52 - 2019-03-14 18:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 09:52 - 2019-03-14 17:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 09:52 - 2019-03-14 17:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 09:52 - 2019-03-14 17:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 09:52 - 2019-03-14 17:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 09:52 - 2019-03-14 17:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 09:52 - 2019-03-14 17:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 09:52 - 2019-03-14 17:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 09:52 - 2019-03-14 17:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 09:52 - 2019-03-14 17:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 09:52 - 2019-03-14 17:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 09:52 - 2019-03-14 17:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 09:52 - 2019-03-14 17:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-09 03:02 - 2019-04-09 03:02 - 000000000 ____D C:\ProgramData\Hankuper
2019-04-09 03:02 - 2019-04-09 03:02 - 000000000 ____D C:\Program Files\AdLock
2019-04-09 02:58 - 2019-04-09 02:58 - 036153840 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer.exe
2019-04-09 00:08 - 2019-04-09 00:08 - 003976665 _____ C:\Users\Lenovo\Downloads\Mega Man Battle Network 2 (USA).zip
2019-04-06 18:30 - 2019-04-06 18:30 - 000364952 _____ C:\Users\Lenovo\Downloads\download.pdf
2019-04-05 11:04 - 2019-04-05 11:04 - 000192384 _____ C:\Users\Lenovo\Downloads\9299 (1) (1).pdf
2019-04-05 11:02 - 2019-04-05 11:02 - 000182444 _____ C:\Users\Lenovo\Downloads\9299 (1).pdf
2019-04-05 11:00 - 2019-04-05 11:00 - 000182444 _____ C:\Users\Lenovo\Downloads\929 (1).pdf
2019-04-05 10:00 - 2019-04-05 10:00 - 000338279 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1) (1)[1145].pdf
2019-04-01 15:19 - 2019-04-01 15:19 - 000182444 _____ C:\Users\Lenovo\Downloads\929.pdf
2019-04-01 15:01 - 2019-04-01 15:01 - 000233489 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1) (1).pdf
2019-03-31 01:33 - 2019-03-31 01:33 - 000000000 ____D C:\Users\Lenovo\Downloads\New folder
2019-03-27 12:24 - 2019-03-27 12:24 - 000233489 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1).pdf
2019-03-25 13:27 - 2019-03-25 13:27 - 000063894 _____ C:\Users\Lenovo\Downloads\Albert - Akta lahir.pdf
2019-03-25 13:02 - 2019-03-25 13:02 - 001771175 _____ C:\Users\Lenovo\Downloads\Statement20181231.pdf
2019-03-25 13:01 - 2019-03-25 13:01 - 000116172 _____ C:\Users\Lenovo\Downloads\scoreReport (2).pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-21 00:52 - 2018-04-12 09:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-20 23:48 - 2016-12-21 04:23 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2019-04-20 23:04 - 2018-05-26 17:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-20 20:16 - 2018-03-22 21:37 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\360WD
2019-04-20 20:03 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-20 20:02 - 2018-05-26 17:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-20 20:01 - 2018-04-12 07:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-20 05:53 - 2018-04-12 09:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-20 05:51 - 2014-12-30 12:34 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2019-04-20 05:27 - 2018-05-26 17:40 - 000003646 _____ C:\WINDOWS\System32\Tasks\opera scheduled autoupdate 1521719234
2019-04-20 05:27 - 2018-03-22 21:47 - 000001443 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-04-20 05:24 - 2018-04-12 09:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-20 05:22 - 2015-01-12 14:01 - 000000000 ____D C:\ProgramData\McAfee
2019-04-20 05:17 - 2017-10-16 00:08 - 000000000 ____D C:\ProgramData\Package Cache
2019-04-20 05:03 - 2018-03-22 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-04-20 05:03 - 2018-03-22 22:15 - 000000000 ____D C:\Program Files (x86)\Java
2019-04-20 05:01 - 2018-03-22 22:16 - 000099192 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-04-20 04:59 - 2018-05-26 17:40 - 000004578 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-20 04:59 - 2018-05-26 17:40 - 000004544 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-04-20 04:59 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-20 04:59 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-20 04:55 - 2017-03-11 16:44 - 000000000 ____D C:\Users\Lenovo\AppData\Local\tkdata
2019-04-20 04:19 - 2018-04-12 09:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-20 04:18 - 2018-03-22 23:45 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-04-20 04:18 - 2014-11-25 18:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-20 04:15 - 2016-12-09 20:20 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Temp
2019-04-20 04:14 - 2009-07-14 13:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-04-20 00:36 - 2014-11-25 18:39 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Mozilla
2019-04-19 14:07 - 2018-03-22 23:25 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-19 14:03 - 2018-04-12 09:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-19 12:57 - 2018-03-25 06:00 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-04-19 12:47 - 2018-03-22 21:37 - 000000000 ____D C:\ProgramData\360safe
2019-04-19 12:47 - 2014-11-25 18:39 - 000000000 ____D C:\ProgramData\Mozilla
2019-04-19 10:08 - 2018-03-22 21:37 - 000000000 _RSHD C:\360SANDBOX
2019-04-19 10:01 - 2018-03-22 22:30 - 000000000 __SHD C:\$360Section
2019-04-19 10:01 - 2018-03-22 22:05 - 000000000 ____D C:\ProgramData\360Quarant
2019-04-19 02:36 - 2017-09-30 14:04 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online
2019-04-19 02:35 - 2019-02-26 14:27 - 000000000 ____D C:\WINDOWS\Minidump
2019-04-18 15:45 - 2017-12-30 07:35 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2019-04-18 13:26 - 2017-05-27 00:44 - 000000000 ____D C:\ProgramData\Adguard
2019-04-18 13:26 - 2017-05-27 00:43 - 000000000 ____D C:\Program Files (x86)\Adguard
2019-04-18 12:32 - 2015-09-12 20:58 - 000000000 ____D C:\Users\Lenovo\AppData\Local\TeamViewer
2019-04-18 12:30 - 2018-05-26 17:10 - 000000000 ____D C:\Users\DefaultAppPool
2019-04-18 12:30 - 2015-09-12 20:45 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\TeamViewer
2019-04-18 10:28 - 2018-03-22 21:37 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360safe
2019-04-18 10:20 - 2018-05-26 17:10 - 000000000 ____D C:\Users\Lenovo
2019-04-18 10:14 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-18 03:50 - 2019-02-16 23:48 - 000003752 _____ C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1550324909
2019-04-18 03:50 - 2018-05-26 17:40 - 000002970 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2019-04-18 03:50 - 2018-05-26 17:40 - 000002646 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2019-04-18 03:50 - 2018-05-26 17:40 - 000002604 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2019-04-18 03:50 - 2018-05-26 17:40 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-04-18 03:50 - 2018-05-26 17:40 - 000002202 _____ C:\WINDOWS\System32\Tasks\StartCN
2019-04-18 03:48 - 2019-03-18 21:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-04-18 01:12 - 2017-09-28 20:12 - 000061060 _____ C:\Users\Lenovo\Desktop\Share.xlsx
2019-04-16 13:23 - 2018-12-26 22:02 - 000019344 _____ C:\Users\Lenovo\Desktop\Mascot-202-RENT.xlsx
2019-04-13 19:26 - 2016-09-22 12:11 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\vlc
2019-04-13 05:25 - 2019-03-18 21:25 - 000476264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1af7b8ca475981fe.tmp
2019-04-12 03:45 - 2018-05-27 10:37 - 000503220 _____ C:\WINDOWS\system32\perfh011.dat
2019-04-12 03:45 - 2018-05-27 10:37 - 000145096 _____ C:\WINDOWS\system32\perfc011.dat
2019-04-12 03:45 - 2018-05-26 17:09 - 001571872 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-11 18:06 - 2018-03-22 21:38 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360TotalSecurity
2019-04-11 17:47 - 2018-04-12 19:20 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-10 09:51 - 2015-03-13 02:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 09:44 - 2015-03-13 02:42 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-07 23:23 - 2018-03-22 21:48 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360DrvMgr
2019-04-05 21:35 - 2017-09-29 19:45 - 000000000 ____D C:\Program Files\rempl
2019-04-02 03:51 - 2018-11-18 11:45 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-02 03:51 - 2018-11-18 11:45 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-26 08:20 - 2019-02-19 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2019-03-26 07:28 - 2019-03-18 21:25 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-23 15:36 - 2019-03-21 23:11 - 000000000 ____D C:\ProgramData\Stardock

==================== Files in the root of some directories =======

2017-05-27 00:44 - 2018-06-15 09:49 - 000000267 _____ () C:\ProgramData\fontcacheev1.dat
2018-08-13 21:01 - 2018-06-14 21:01 - 000000032 ____R () C:\ProgramData\hash.dat
2015-10-04 11:58 - 2015-10-04 11:58 - 000000097 _____ () C:\Users\Lenovo\AppData\Roaming\settings.xml
2015-04-25 14:16 - 2015-04-25 14:16 - 000000054 _____ () C:\Users\Lenovo\AppData\Roaming\updater.cfg
2015-11-09 13:55 - 2015-11-30 19:16 - 000002856 _____ () C:\Users\Lenovo\AppData\Roaming\VoiceMeeterDefault.xml
2016-09-23 11:37 - 2017-01-05 11:54 - 000000202 _____ () C:\Users\Lenovo\AppData\Roaming\_encryptiondb.grf
2014-11-26 19:09 - 2014-11-26 19:09 - 000000038 ___SH () C:\Users\Lenovo\AppData\Local\1754111884ee9ab5277ca00.95260103
2014-12-26 00:02 - 2016-06-26 16:10 - 000007603 _____ () C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2019-04-20 19:47 - 2019-04-20 19:47 - 003520592 _____ (Geek Unіnstaller) C:\Users\Lenovo\AppData\Local\Temp\geek64.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2018-05-26 17:01
==================== End of FRST.txt ============================

Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.04.2019 01
Ran by Lenovo (21-04-2019 00:54:50)
Running from C:\Users\Lenovo\Desktop\Comp Tool\FRST
Windows 10 Pro Version 1803 17134.706 (X64) (2018-05-26 07:41:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1925601759-1010797402-2804155008-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1925601759-1010797402-2804155008-503 - Limited - Disabled)
Guest (S-1-5-21-1925601759-1010797402-2804155008-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1925601759-1010797402-2804155008-1002 - Limited - Enabled)
Lenovo (S-1-5-21-1925601759-1010797402-2804155008-1000 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-1925601759-1010797402-2804155008-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . (HKLM\...\{3D383E25-72E7-4F09-AA1C-9ADE6A2EF42F}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{0C9A6167-6560-4085-9C35-EDB1AE105328}) (Version: 3.2.0.9 - Intel) Hidden
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 10.2.0.1180 - 360 Security Center)
3DP Chip Lite v17.11.1 (HKLM-x32\...\3DP Chip Lite) (Version: v17.11.1 - 3DP)
ACDSee Pro 3 (HKLM-x32\...\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.355 - ACD Systems International Inc.)
Active Directory Authentication Library for SQL Server (HKLM\...\{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
AdLock (HKLM\...\{26D2159D-4BE2-43A4-9E68-F0594DF0295C}) (Version: 1.0.2.2 - Hankuper) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.2.1 - Advanced Micro Devices, Inc.)
Anathena (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\242cfcc8731b6ee3) (Version: 3.3.8.0 - Anathena)
Any Video Converter 6.2.5 (HKLM-x32\...\Any Video Converter) (Version: 6.2.5 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.189 - ArcSoft)
AVG 2015 (HKLM\...\{6E4BAAF0-7F23-41E5-B16B-4727B6FC0C6F}) (Version: 15.0.6081 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattlePing (HKLM-x32\...\{DB480AC3-1578-B8DC-3F8F-786A2A4E3BC7}) (Version: 1.3.7.1 - BattlePing)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{15EEB07A-3FB9-FA4C-8EFF-697728CB1E5C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{A63E3031-0522-18C6-F18F-7EE80973315F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{A2966D0F-43BB-116D-C9C7-49612FBFD0AE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{4C608ED2-535B-2119-3661-9E6F7DDB600F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9005C809-497A-FD45-CB96-76A3338E35B9}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D84300A6-72F1-5771-B3B1-8FC71184AB38}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{56D13277-FA9F-2842-682D-DD7298973585}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{8D0C7788-D519-7B65-36F6-D0D21296F173}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{930FD2C7-D026-197D-94E4-CB5917CE7420}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{086D11E3-9CA4-DBEF-2B48-5A2EFFD53145}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{D0C1EAB6-92F1-EE91-04C2-5947EE150593}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{57EAA61A-CD02-DF34-0839-2549F57A334C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{AA477FD2-347B-1732-5D8C-AF35AF1B9703}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{BBFC5953-2CB9-5932-1D47-52E4AA99737B}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{01E7D692-D785-743F-5A55-F00162D26A1C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{5D8BA452-1264-7D13-E4EC-8236EC5B83FE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F49BA906-83DA-3F5A-5B24-03C8DE2A3936}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{5A466CAA-F071-D9EF-A799-EF63552DBE70}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{D7DC4DDB-3E0D-6F79-4258-4A461654B689}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{ACDFF800-6015-BEEC-8A27-7B1A80915273}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{A28B1FC5-3947-9D39-7FE5-A3CB18E16358}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1620.51 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX H.264 decoder 8.2.0.26 (HKLM-x32\...\divxh264_is1) (Version: 8.2.0.26 - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.93 - DivX, LLC)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
DriverUpdate (HKLM\...\{29F2ECB3-23D0-4A77-A259-3EA42E85CD71}) (Version: 5.8.2 - Slimware Utilities Holdings, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 45.4.92 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
eNexia version 749.0 (HKLM-x32\...\{8C3EC8A8-70A1-4298-BD7D-3CD7DAE20D64}_is1) (Version: 749.0 - eNexiaTK)
Google Chrome (HKLM-x32\...\{8CAF1821-50A9-3971-88C2-371AACE003E1}) (Version: 73.0.3683.103 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GRF Editor version 1.7.9 (HKLM-x32\...\GRF Editor_is1) (Version: 1.7.9 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{699E6891-25C3-443A-9B8E-80C74F0172C8}) (Version: 2.1.03413 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{4d839fe1-a8d3-4edc-b0ca-844394309856}) (Version: 3.2.0.9 - Intel)
IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.4.0.8 - IObit)
iTunes (HKLM\...\{1D7D1271-5258-4F5A-B8C1-7176BF398782}) (Version: 12.7.3.46 - Apple Inc.)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
K-Lite Mega Codec Pack 14.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.0.5 - KLCP)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Magic Bullet Suite 64-bit (HKLM\...\{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
mHotspot version 7.8.8.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 7.8.8.0 - 1BN Software & IT Solutions Pvt. Ltd.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (日本語) (HKLM-x32\...\{9A330858-0CD6-4FB3-8C57-0F1BB58012B0}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (日本語) (HKLM-x32\...\{903C5477-BA28-4CFC-8BE4-62E3C328D4DD}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU (HKLM-x32\...\{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Database Providers (x86) ENU (HKLM-x32\...\{296E293F-C481-4DDE-9ED2-3F79FCF38731}) (Version: 3.1.1648.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Modem AC2726 UI (HKLM\...\ZTEWireless-101_is1) (Version: - )
MornaTK Installer (HKLM-x32\...\{BCD1C4AD-EB1A-40DF-A838-2AF8C45B5942}) (Version: 1.0 - MornaTales)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.3.0 - Movavi)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 66.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 66.0.3 (x86 en-US)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
Mumble 1.2.19 (HKLM-x32\...\{F62A874F-2354-49B1-87BE-CAAD7C8FA084}) (Version: 1.2.19 - Thorvald Natvig)
MYOB AccountRight Plus v19.12.0 ED (HKLM-x32\...\{27D4F4A7-5A34-4657-9E78-D6B1E87C8A90}) (Version: 19.12.0 - MYOB Technology Pty Ltd) Hidden
MYOB AccountRight Plus v19.12.0 ED (HKLM-x32\...\InstallShield_{27D4F4A7-5A34-4657-9E78-D6B1E87C8A90}) (Version: 19.12.0 - MYOB Technology Pty Ltd)
MYOB ODBC Direct v10 AUS (HKLM-x32\...\{55D5A77E-FAAA-4358-B3E5-6565E024F78B}) (Version: 10.1.0 - MYOB Technology Pty Ltd) Hidden
MYOB ODBC Direct v10 AUS (HKLM-x32\...\InstallShield_{55D5A77E-FAAA-4358-B3E5-6565E024F78B}) (Version: 10.1.0 - MYOB Technology Pty Ltd)
MySQL Installer - Community (HKLM-x32\...\{4553E209-560C-451E-9DE9-E6B812D32B8C}) (Version: 1.4.8.0 - Oracle Corporation)
MySQL Server 5.0 (HKLM-x32\...\{2FEB25F8-C3CB-49A2-AE79-DE17FFAFB5D9}) (Version: 5.0.45 - MySQL AB)
MySQL Tools for 5.0 (HKLM-x32\...\{EC561602-C0B9-4FAA-A175-1B3273639AC3}) (Version: 5.0.12 - MySQL AB)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NovaRO (HKLM-x32\...\NovaRO_is1) (Version: 6.0.0 - NovaRO)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.0.1.1 - Duodian Technology Co. Ltd.)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Opera Stable 60.0.3255.56 (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Opera 60.0.3255.56) (Version: 60.0.3255.56 - Opera Software)
Pingzapper version 2.1.2 (HKLM-x32\...\{7FD61982-5436-439B-B5D0-36F0536FF8BF}_is1) (Version: 2.1.2 - Pingzapper)
PlayNexia II (HKLM-x32\...\PlayNexia II) (Version: - )
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.13.1-r115223-release - Plays.tv, LLC)
Pokémon World Online Uninstaller (HKLM-x32\...\{6B67E1A1-1D62-4BDC-8C60-07FDF25CA975}_is1) (Version: 1.97 - PWO Team)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
PX Profile Update (HKLM-x32\...\{230C6C56-D930-2D7A-CF62-9BE26FAEE260}) (Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Ragnarok Online (HKLM-x32\...\{181579B5-0028-4E01-AC27-97ED80352279}) (Version: 14.2.5 - Gravity Interactive, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.1.1-r111306-release - Raptr, Inc)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.30.0239 - REALTEK Semiconductor Corp.)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Safari (HKLM-x32\...\{A08BAD08-9AA3-410F-98F3-C92C8EE37218}) (Version: 5.34.54.16 - Apple Inc.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Spotify (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
Sql Server Customer Experience Improvement Program (HKLM\...\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.0) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare PDFelement 6 Pro(Build 6.8.6) (HKLM-x32\...\{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.8.6.4121 - Wondershare Software Co.,Ltd.)
Wondershare Video Converter Ultimate(Build 10.3.0.178) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.3.0.178 - Wondershare Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 7.1.1-0 - Bitnami)
Zoom (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Lenovo\Dropbox [2015-07-07 16:17]
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID\{f1d8036a-7f48-43e4-8045-dbcb4e742507}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2018-12-18 14:31 - 2017-10-19 09:17 - 000271360 _____ (Wondershare Software) [File not signed] C:\WINDOWS\System32\WSPDFelementMonitor.dll
2013-08-27 17:32 - 2013-08-27 17:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2007-07-06 12:14 - 2007-07-06 12:14 - 005730304 _____ () [File not signed] C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
2016-06-28 21:38 - 2016-06-28 21:38 - 000138752 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000009216 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000077312 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPMaster.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000011264 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPUF.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000060928 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPDU.exe
2015-11-25 06:49 - 2015-11-25 06:49 - 002257408 _____ (ActiveState Software Inc) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\python26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000028160 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-25 06:46 - 2015-11-25 06:46 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000041472 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000096256 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000356864 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000017920 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000019968 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000036352 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000043008 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000805376 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000087040 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-25 06:46 - 2015-11-25 06:46 - 000354304 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000167936 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 001980928 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-11-25 07:01 - 2015-11-25 07:01 - 004088320 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Core.dll
2015-11-25 07:02 - 2015-11-25 07:02 - 004604416 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Gui.dll
2015-11-25 07:02 - 2015-11-25 07:02 - 001316352 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icuuc53.dll
2015-11-25 07:01 - 2015-11-25 07:01 - 001961472 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icuin53.dll
2015-11-25 07:01 - 2015-11-25 07:01 - 021529088 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icudt53.dll
2015-12-08 06:57 - 2015-12-08 06:57 - 000077824 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 001862144 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 000516608 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-25 07:02 - 2015-11-25 07:02 - 000839680 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Network.dll
2015-11-25 06:47 - 2015-11-25 06:47 - 004060160 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-25 07:01 - 2015-11-25 07:01 - 004468736 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Widgets.dll
2015-11-25 06:43 - 2015-11-25 06:43 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2018-03-22 23:24 - 2019-04-19 14:07 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-19 14:03 - 2019-04-19 14:07 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-19 14:03 - 2019-04-19 14:07 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2013-11-21 11:31 - 2013-11-21 11:31 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-11-21 11:31 - 2013-11-21 11:31 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-11-15 03:41 - 2019-04-20 04:14 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

2016-11-07 03:29 - 2016-11-07 03:29 - 000000499 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

192.168.137.70 iPhone.mshome.net # 2016 11 0 13 17 29 46 813
192.168.137.1 Lenovo-PC.mshome.net # 2021 11 5 5 17 29 46 813

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;D:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: CLHNServiceForPowerDVD => 2
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Service => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: hmevpnsvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: PingzapperSvc => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: UDisk Monitor => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lenovo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MYOB Add-On Connector.lnk => C:\Windows\pss\MYOB Add-On Connector.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG-Secure-Search-Update_0715tb => "C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe" /PROMPT /CMPID=0715tb
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: cFosSpeed => C:\Program Files\cFosSpeed\cFosSpeed.exe
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: Energy Management => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
MSCONFIG\startupreg: EnergyUtility => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
MSCONFIG\startupreg: ForteConfig => C:\Program Files\Conexant\ForteConfig\fmapp.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Lenovo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\Program Files (x86)\Raptr\RAPTRS~1.EXE --startup
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: RemoteControl11 => "C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SACpl.exe /t
MSCONFIG\startupreg: Spotify => "C:\Users\Lenovo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lenovo\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SynLenovoGestureMgr => %ProgramFiles%\Synaptics\SynTP\SynLenovoGestureMgr.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
MSCONFIG\startupreg: WTFast Tray => "D:\Program Files (x86)\WTFast\WTFast.exe" trayonly
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\StartupFolder: => "Bitcoin.lnk"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "Free Download Manager"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "Adguard"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "DownloadAccelerator"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2F7D52ED-983D-4D27-B896-9D3EA6CBE8FE}] => (Allow) C:\Users\Lenovo\AppData\Local\Programs\Opera\60.0.3255.56\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{CE45069C-AF27-49F4-939C-19A65BAFC930}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DF893C2E-F55C-453B-8F60-35B62AAB2660}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{A8B9668F-F37B-4923-B750-B814DFDD32FB}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/20/2019 08:06:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "SQLAgent$SQLEXPRESS" in DLL "perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/20/2019 08:06:32 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (04/20/2019 08:06:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSSQL$SQLEXPRESS" in DLL "perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/20/2019 08:06:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/20/2019 08:02:56 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$SQLEXPRESS\Performance'. SQL Server performance counters are disabled.

Error: (04/20/2019 07:56:42 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/20/2019 05:40:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AvLaunch.exe, version: 19.3.4241.0, time stamp: 0x5c82677e
Faulting module name: ucrtbase.dll, version: 10.0.17134.677, time stamp: 0x9f346d3f
Exception code: 0xc0000409
Fault offset: 0x000000000006e14e
Faulting process id: 0x25f8
Faulting application start time: 0x01d4f6e7b2b2210b
Faulting application path: C:\Program Files\AVAST Software\Avast\AvLaunch.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 3ac7d2f6-1875-453e-a00a-1e8f1c2eac0e
Faulting package full name:
Faulting package-relative application ID:

Error: (04/20/2019 05:36:38 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$SQLEXPRESS\Performance'. SQL Server performance counters are disabled.


System errors:
=============
Error: (04/20/2019 09:59:27 PM) (Source: DCOM) (EventID: 10016) (User: Lenovo-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Lenovo-PC\Lenovo SID (S-1-5-21-1925601759-1010797402-2804155008-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/20/2019 08:48:30 PM) (Source: DCOM) (EventID: 10016) (User: Lenovo-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Lenovo-PC\Lenovo SID (S-1-5-21-1925601759-1010797402-2804155008-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/20/2019 08:09:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/20/2019 08:03:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/20/2019 08:03:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The RasMan service depends on the SstpSvc service which failed to start because of the following error:
The operation completed successfully.

Error: (04/20/2019 08:02:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAService service failed to start due to the following error:
The system cannot find the file specified.

Error: (04/20/2019 08:02:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TrueKeyServiceHelper service failed to start due to the following error:
The system cannot find the file specified.

Error: (04/20/2019 08:02:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TrueKey service failed to start due to the following error:
The system cannot find the file specified.


CodeIntegrity:
===================================

Date: 2019-04-20 20:23:44.513
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-04-20 20:23:44.451
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-04-20 07:33:38.231
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-04-20 07:33:38.129
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-04-20 02:59:53.375
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-20 02:55:29.316
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-20 02:55:28.526
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-20 02:55:27.687
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 53%
Total physical RAM: 8088.36 MB
Available physical RAM: 3766.72 MB
Total Virtual: 20220.36 MB
Available Virtual: 14181.4 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:151.27 GB) (Free:19.96 GB) NTFS
Drive d: (Data) (Fixed) (Total:584.83 GB) (Free:275.97 GB) NTFS
Drive f: (Bandicam) (Fixed) (Total:195.31 GB) (Free:179.55 GB) NTFS

\\?\Volume{c05dd144-747f-11e4-9d1a-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=584.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================
 

jmarket

PCHF's Almighty Ruler
PCHF Owner
Support Team
Security Team
Jan 10, 2015
2,121
494
PCHF Bunker
pchelpforum.net
Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system. Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

Baroona

PCHF Member
PCHF Member
Apr 18, 2019
21
1
23
Fix result of Farbar Recovery Scan Tool (x64) Version: 21.04.2019 01
Ran by Lenovo (22-04-2019 09:15:00) Run:2
Running from C:\Users\Lenovo\Desktop\Comp Tool\FRST
Loaded Profiles: Lenovo (Available Profiles: Lenovo & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
Toolbar: HKLM - No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File
Toolbar: HKLM-x32 - No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File
BHO-x32: No Name -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> No File
S3 SlimWareServices; "C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe" [X]
U3 aswbdisk; no ImagePath
U3 idsvc; no ImagePath
AVG 2015 (HKLM\...\{6E4BAAF0-7F23-41E5-B16B-4727B6FC0C6F}) (Version: 15.0.6081 - AVG Technologies) Hidden
HKLM\...\StartupApproved\Run32: => "AVG_UI"
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
MSCONFIG\startupreg: RemoteControl11 => "C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe"
MSCONFIG\startupreg: AVG-Secure-Search-Update_0715tb => "C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe" /PROMPT /CMPID=0715tb
Hosts:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state On
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
reboot:
end
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8}" => removed successfully
HKLM\Software\Classes\CLSID\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0F4B8786-5502-4803-8EBC-F652A1153BB6} => not found
HKLM\System\CurrentControlSet\Services\SlimWareServices => removed successfully
SlimWareServices => service removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6E4BAAF0-7F23-41E5-B16B-4727B6FC0C6F}\\SystemComponent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\AVG_UI" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AVG_UI" => not found
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vProt => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl11 => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG-Secure-Search-Update_0715tb => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state On =========

Ok.


========= End of CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset c:\resetlog.txt =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= ipconfig /release =========


Windows IP Configuration

No operation can be performed on Local Area Connection* 4 while it has its media disconnected.
No operation can be performed on Local Area Connection* 5 while it has its media disconnected.

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 5:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::941a:52d:426a:63f6%14
Default Gateway . . . . . . . . . :

========= End of CMD: =========


========= ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Local Area Connection while it has its media disconnected.
No operation can be performed on Local Area Connection* 4 while it has its media disconnected.
No operation can be performed on Local Area Connection* 5 while it has its media disconnected.

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 5:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::941a:52d:426a:63f6%14
IPv4 Address. . . . . . . . . . . : 192.168.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1

========= End of CMD: =========


========= netsh int ipv4 reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15421023 B
Java, Flash, Steam htmlcache => 18451780 B
Windows/system/drivers => 191253 B
Edge => 3584 B
Chrome => 268585324 B
Firefox => 1036075604 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5438 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Lenovo => 302604509 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:19:36 ====
 

jmarket

PCHF's Almighty Ruler
PCHF Owner
Support Team
Security Team
Jan 10, 2015
2,121
494
PCHF Bunker
pchelpforum.net
Go ahead and post some fresh FRST logs for me please.

We may have to end up uninstalling all browsers and re-installing them from scratch.
 

Baroona

PCHF Member
PCHF Member
Apr 18, 2019
21
1
23
what have i got into haha

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.04.2019 01
Ran by Lenovo (administrator) on LENOVO-PC (LENOVO 20369) (22-04-2019 16:07:54)
Running from C:\Users\Lenovo\Desktop\Comp Tool\FRST
Loaded Profiles: Lenovo (Available Profiles: Lenovo & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() [File not signed] C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
(Plays.tv, LLC -> Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Razer Inc. -> Razer Inc.) D:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(QIHU 360 SOFTWARE CO. LIMITED -> QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPMaster.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPUF.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPDU.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve -> Valve Corporation) D:\Steam\Steam.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-08-10] (Plays.tv, LLC -> Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-01] (Raptr, Inc -> Raptr, Inc)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [669248 2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [135968 2018-03-15] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-07] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Run: [Opera Browser Assistant] => C:\Users\Lenovo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2480216 2019-02-12] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-08] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\system32\ff_vfw.dll [126976 2015-08-25] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\SysWOW64\huffyuv.dll [39936 2004-05-19] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-08] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-26] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\SysWOW64\ff_vfw.dll [112128 2015-08-25] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-19] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {012A6F59-87D6-44E0-A91E-4191C44105EE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {02E9EE88-8B2A-45A8-B237-293AF930C0D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {06B7B6A5-89CC-4D81-B982-3F531F29F6A9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {07375CF8-C1FF-492B-8278-0396D0245D6F} - System32\Tasks\DropboxUpdateTaskMachineCore1d1719f65cee02e => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {0F9B47A5-A3A5-4CC4-9CF4-6FCF47A1FB9F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {159448A5-F558-4572-8A16-6E303989186A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19946D02-33AE-4E60-81DF-5092DEB8F277} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {1AE784A5-A8C1-469D-ACDC-69A2BD7FEE8A} - System32\Tasks\DropboxUpdateTaskMachineUA1d1719f66008e5b => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {1DA9B645-13DA-4059-A3CB-D56C3971092C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {21BE9597-704B-4669-B98E-367AC00D234B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24672617-0A93-4BB5-8559-4012CEDFDF08} - System32\Tasks\{61E32EBD-8E77-4D1B-9D4E-DFB440A9AB05} => C:\Windows\system32\pcalua.exe -a "D:\game\Gravity\openkore\Ragnarok Online\Setup.exe" -d "D:\game\Gravity\openkore\Ragnarok Online"
Task: {25C72C5E-A5A2-4F4B-BD37-3E4477093B5A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {297450E0-6ABB-427D-BB1C-BB2872268E11} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {31709D69-4FCE-4D4D-821C-94E1E6D6B831} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {36512371-A906-4CBA-8D6E-CCCA8F25E12E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {3BB917BA-28B7-4433-B3E7-7EFBADC9BF05} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {3BB99F43-80C7-4010-9269-058CFC43E873} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3C199C18-45CD-429D-B193-E25CBD0D0253} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D4F0449-FE30-4BDD-871D-BC436EDB0421} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {508A340E-5F91-492E-ABB0-B98532F80480} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {522525D9-3E35-4CED-9B07-86DCF48846B4} - System32\Tasks\S-1-5-21-1925601759-1010797402-2804155008-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {547C6C01-5708-4D14-AA13-ACA0C447A4A6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {57DFC5D9-A460-4BFF-B8E3-7B32AFB8CF85} - System32\Tasks\CommView for WiFi Update => C:\Program Files (x86)\CommViewWiFi\Updater.exe
Task: {5A1FB4EE-EE0E-4270-9E75-684F0AF09C07} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {621144B0-DE22-4BA5-8091-E7C4827BEF4F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {67DA1BE8-90A4-4CF2-A274-8747F431E302} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {789B54F6-B496-4419-97FF-B9199F07696D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {807DE444-D371-423B-899D-8236EA7A416B} - System32\Tasks\Uninstaller_SkipUac_Lenovo => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe (IObit Information Technology -> IObit)
Task: {909165E7-58B7-40A8-BAD4-06369AE44715} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {9C7FF83C-4028-4C31-9DA7-4814BF4DD82A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9EA7EA19-87D5-4A05-90A2-77FAC5CAFED8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
Task: {A1E768A1-C621-44E3-9D8D-0B31A7AA6480} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe (Intel(R) Software -> Intel Corporation)
Task: {A2BC51F7-A5A5-4583-BCFC-07D102EFC8B5} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {A3F7EA55-63E8-472B-BD18-E4C82C33D682} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Inc. -> Adobe)
Task: {A65C2727-BF46-4882-A619-716BB2E10EE3} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A9744BF1-B3BE-485E-8CED-C8A112DB42C9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B170E593-7A4A-42ED-8E5E-FE91C524223A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe (Adobe Inc. -> Adobe)
Task: {B79C1E15-BBAE-4901-8144-CA6499E7F7BD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BAB0F865-1900-4889-B5E2-E00F083B9AC6} - System32\Tasks\Opera scheduled assistant Autoupdate 1550324909 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {C35EAC49-C654-4AD2-A8E0-13BB4B538500} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {C97EB93D-C73A-445D-9AD3-43A1702373F0} - System32\Tasks\opera scheduled autoupdate 1521719234 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {CB120083-D139-490E-ABC1-9711116BDE86} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe (Adobe Inc. -> Adobe)
Task: {CC790BC5-5E2E-431D-96D7-38992A378467} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {D841F08B-9CC5-4DE4-8780-B48A4D247CC3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DA3CD105-1C40-4F31-B596-534277F311B7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {DC97CD24-99CA-4409-AA44-E0B8E9790D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DEBAD4D3-2F39-4C63-9561-762021145015} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe
Task: {ECF63DBD-0D24-4258-861D-7F5BDFA4C73D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F8A429FB-D075-49EE-91B6-D247866AD4A6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {FEB657CD-087C-4664-B5E8-D03BBC23E1CF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d1719f65cee02e.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d1719f66008e5b.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8d45d7f2-23ec-402e-ba7c-d7e2681ab43c}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {A485DD13-1799-4E8B-8E0D-87A35529FC3C} URL =
SearchScopes: HKLM-x32 -> DefaultScope {A485DD13-1799-4E8B-8E0D-87A35529FC3C} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-04-20] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: 5556b60k.default-1555684723521
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5556b60k.default-1555684723521 [2019-04-22]
FF Extension: (Federated Learning Awesome Bar) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5556b60k.default-1555684723521\Extensions\[email protected] [2019-04-20]
FF Extension: (AdBlock) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5556b60k.default-1555684723521\Extensions\[email protected] [2019-04-20]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - D:\Program Files (x86)\DAP\daplinkchecker
FF Extension: (DAP Link Checker) - D:\Program Files (x86)\DAP\daplinkchecker [2017-11-12] [Legacy] [not signed]
FF HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - D:\Program Files (x86)\DAP\DAPFireFox
FF Extension: (Download Accelerator Plus (DAP) extension) - D:\Program Files (x86)\DAP\DAPFireFox [2017-11-12] [Legacy] [not signed]
FF HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-20] (Adobe Inc. -> )
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC -> DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2014-11-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-20] (Adobe Inc. -> )
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC -> DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-09-02] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-04-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Lenovo\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall) [File not signed]
FF Plugin-x32: @softnyxNpruntime -> D:\Game\SoftnyxGame\NyxLauncherIS\npSoftnyx.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-19] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-19] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1925601759-1010797402-2804155008-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Lenovo\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-11-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2019-04-22]
CHR Extension: (Slides) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-19]
CHR Extension: (AdLock ad blocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aemffjkmgcepimloclpkecifcnipnodh [2019-04-19]
CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-19]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-19]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-19]
CHR Extension: (Sheets) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-19]
CHR Extension: (AdBlock) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-19]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-19]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>

Opera:
=======
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-04-18]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
S3 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [287264 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. -> Apple Inc.)
R2 AUEPLauncher; C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe [9216 2018-01-31] () [File not signed]
S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-20] (CyberLink -> )
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink -> CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink -> CyberLink)
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2018-03-15] (Intel(R) Driver & Support Assistant -> Intel)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products -> )
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
S3 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373688 2017-06-12] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit Information Technology -> IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.0\my.ini [9263 2017-02-03] () [File not signed]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7780848 2017-11-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-10] (Plays.tv, LLC -> Plays.tv, LLC)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [965184 2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 RzKLService; D:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
S4 UDisk Monitor; D:\Program Files\Modem AC2726 UI\bin\MonServiceUDisk64.exe [407040 2009-09-23] () [File not signed]
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products -> )
S3 VSStandardCollectorService140; D:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe [105064 2018-07-25] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 TrueKey; "C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe" [X]
S2 TrueKeyScheduler; "C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe" [X]
S2 TrueKeyServiceHelper; "C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [192600 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [340568 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [443992 2018-09-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360netmon; C:\WINDOWS\System32\DRIVERS\360netmon.sys [96424 2018-03-13] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [26706464 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [518176 2016-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [211160 2018-12-21] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
S3 CYUSB3; C:\WINDOWS\System32\Drivers\CYUSB3.sys [90536 2018-08-12] (Cypress Semiconductor Corporation -> Cypress Semiconductor)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-04-19] (Malwarebytes Corporation -> Malwarebytes)
S3 GunBod; C:\WINDOWS\system32\gunbod64.sys [84384 2017-02-09] (Beijing Apex Weifeng Technology Co.,Ltd. -> )
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37184 2018-10-16] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [43392 2018-10-16] (IObit Information Technology -> IObit)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-31] (Logitech -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-04-20] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-04-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-04-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-04-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek Semiconductor Corp -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-14] (Razer Inc. -> Razer Inc)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] (Intel(R) Code Signing External -> )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2015-11-07] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R2 WtfEngineDrv; C:\WINDOWS\system32\DRIVERS\WtfEngineDrv.sys [37872 2016-05-20] (Initex, OOO -> AAA Internet Publishing, Inc.)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-12-21] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-04-12] (CyberLink -> CyberLink Corp.)
S3 taphss6; \SystemRoot\System32\drivers\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-22 09:28 - 2019-04-22 09:28 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-04-22 09:27 - 2019-04-22 09:27 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-22 09:27 - 2019-04-22 09:27 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-04-22 09:27 - 2019-04-22 09:27 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-04-20 20:03 - 2019-04-20 20:03 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-04-20 19:47 - 2019-04-20 19:59 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Geek Uninstaller
2019-04-20 05:47 - 2019-04-20 05:47 - 000689864 _____ (PC Drivers HeadQuarters LP) C:\Users\Lenovo\Downloads\DriverSupport.exe
2019-04-20 05:27 - 2019-04-20 05:27 - 000001443 _____ C:\Users\Lenovo\Desktop\Opera Browser.lnk
2019-04-20 05:22 - 2019-04-20 05:22 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2019-04-20 05:22 - 2019-04-20 05:22 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2019-04-20 05:22 - 2019-04-20 05:22 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2019-04-20 05:22 - 2019-04-20 05:22 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2019-04-20 05:22 - 2019-04-20 05:22 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2019-04-20 05:22 - 2019-04-20 05:22 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll
2019-04-20 05:21 - 2019-04-20 05:21 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-04-20 05:21 - 2019-04-20 05:21 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-04-20 05:20 - 2019-04-20 05:20 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-04-20 05:20 - 2019-04-20 05:20 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-04-20 05:14 - 2019-02-13 15:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-04-20 04:59 - 2019-04-20 04:59 - 001789728 _____ (Patch My PC, LLC) C:\Users\Lenovo\Downloads\PatchMyPC.exe
2019-04-20 04:52 - 2019-04-20 04:52 - 001053784 _____ (Slimware Utilities Holdings, Inc.) C:\Users\Lenovo\Downloads\DriverUpdate-setup-647c971c-3a7c-4d70-87e5-a2605e00daa2.exe
2019-04-20 04:41 - 2019-04-20 05:53 - 000000000 ____D C:\SecurityCheck
2019-04-20 04:30 - 2019-04-21 00:51 - 000000000 ____D C:\Users\Lenovo\Desktop\Comp Tool
2019-04-20 04:30 - 2019-04-20 04:30 - 000012371 _____ C:\Users\Lenovo\Desktop\bookmarks_20_04_2019.html
2019-04-20 00:36 - 2019-04-20 00:36 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Mozilla
2019-04-19 14:09 - 2019-04-19 14:09 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbam
2019-04-19 14:04 - 2019-04-19 14:04 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbamtray
2019-04-19 14:03 - 2019-04-19 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-19 14:03 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-19 13:03 - 2019-04-19 13:03 - 001214008 _____ (Google LLC) C:\Users\Lenovo\Downloads\ChromeSetup.exe
2019-04-19 13:03 - 2019-04-19 13:03 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-19 13:03 - 2019-04-19 13:03 - 000002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000001222 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-04-19 13:00 - 2019-04-19 13:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-19 12:45 - 2019-04-19 12:45 - 000000000 ____D C:\Users\Lenovo\Downloads\FRST-OlderVersion
2019-04-19 10:06 - 2019-04-19 10:19 - 000003530 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-19 10:06 - 2019-04-19 10:19 - 000003406 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-19 09:47 - 2019-04-19 09:49 - 005208384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-19 09:42 - 2019-04-19 09:44 - 000000000 ____D C:\AdwCleaner
2019-04-19 02:14 - 2019-04-19 12:53 - 000084516 _____ C:\Users\Lenovo\Downloads\Addition.txt
2019-04-19 02:10 - 2019-04-22 16:07 - 000000000 ____D C:\FRST
2019-04-19 02:10 - 2019-04-19 12:53 - 000072532 _____ C:\Users\Lenovo\Downloads\FRST.txt
2019-04-19 01:58 - 2019-04-19 01:58 - 037133296 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer (2).exe
2019-04-19 01:24 - 2019-04-19 01:24 - 037133296 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer (1).exe
2019-04-18 13:15 - 2019-04-19 13:03 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-18 13:15 - 2019-04-18 13:16 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Google clean
2019-04-18 12:52 - 2019-04-18 12:52 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2019-04-18 12:50 - 2019-04-22 09:33 - 000000000 ____D C:\ProgramData\ProductData
2019-04-18 12:50 - 2019-04-18 12:51 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\IObit
2019-04-18 12:50 - 2019-04-18 12:50 - 000002950 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Lenovo
2019-04-18 12:49 - 2019-04-18 12:55 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\IObit
2019-04-18 12:49 - 2019-04-18 12:54 - 000000000 ____D C:\ProgramData\IObit
2019-04-18 12:49 - 2019-04-18 12:49 - 000001430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2019-04-18 12:49 - 2019-04-18 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2019-04-18 12:49 - 2019-04-18 12:49 - 000000000 ____D C:\Program Files (x86)\IObit
2019-04-18 12:30 - 2019-04-22 09:27 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-04-18 12:30 - 2019-04-18 12:30 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-04-13 05:25 - 2019-04-13 05:25 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-10 09:53 - 2019-04-02 14:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 09:53 - 2019-03-15 00:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 09:53 - 2019-03-14 18:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 09:53 - 2019-03-14 18:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 09:53 - 2019-03-14 18:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 09:53 - 2019-03-14 18:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-10 09:53 - 2019-03-14 18:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-10 09:53 - 2019-03-14 17:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 09:53 - 2019-03-14 17:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-10 09:53 - 2019-03-14 17:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 09:52 - 2019-04-02 22:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 09:52 - 2019-04-02 22:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 09:52 - 2019-04-02 22:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 09:52 - 2019-04-02 22:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 09:52 - 2019-04-02 22:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 09:52 - 2019-04-02 22:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 09:52 - 2019-04-02 22:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 09:52 - 2019-04-02 22:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 09:52 - 2019-04-02 22:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 09:52 - 2019-04-02 22:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 09:52 - 2019-04-02 22:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 09:52 - 2019-04-02 22:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 09:52 - 2019-04-02 22:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 09:52 - 2019-04-02 22:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 09:52 - 2019-04-02 19:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 09:52 - 2019-04-02 19:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 09:52 - 2019-04-02 19:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 09:52 - 2019-04-02 19:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 09:52 - 2019-04-02 19:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 09:52 - 2019-04-02 19:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 09:52 - 2019-04-02 19:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 09:52 - 2019-04-02 19:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 09:52 - 2019-04-02 19:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 09:52 - 2019-04-02 18:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 09:52 - 2019-04-02 18:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 09:52 - 2019-04-02 18:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 09:52 - 2019-04-02 18:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-10 09:52 - 2019-04-02 18:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 09:52 - 2019-04-02 18:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 09:52 - 2019-04-02 18:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 09:52 - 2019-04-02 18:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 09:52 - 2019-04-02 18:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 09:52 - 2019-04-02 18:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 09:52 - 2019-04-02 18:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 09:52 - 2019-04-02 18:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 09:52 - 2019-04-02 18:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 09:52 - 2019-04-02 18:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 09:52 - 2019-04-02 18:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 09:52 - 2019-04-02 17:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 09:52 - 2019-04-02 17:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 09:52 - 2019-04-02 17:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 09:52 - 2019-04-02 17:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 09:52 - 2019-04-02 17:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 09:52 - 2019-04-02 17:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 09:52 - 2019-04-02 17:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 09:52 - 2019-04-02 17:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 09:52 - 2019-04-02 17:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 09:52 - 2019-04-02 17:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 09:52 - 2019-04-02 17:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 09:52 - 2019-04-02 17:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 09:52 - 2019-04-02 17:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 09:52 - 2019-04-02 17:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 09:52 - 2019-04-02 17:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 09:52 - 2019-04-02 17:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 09:52 - 2019-04-02 17:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 09:52 - 2019-04-02 17:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 09:52 - 2019-04-02 16:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-10 09:52 - 2019-04-02 15:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-10 09:52 - 2019-04-02 15:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 09:52 - 2019-04-02 14:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 09:52 - 2019-04-02 14:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 09:52 - 2019-04-02 14:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 09:52 - 2019-04-02 14:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 09:52 - 2019-04-02 14:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 09:52 - 2019-04-02 14:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 09:52 - 2019-03-16 22:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 09:52 - 2019-03-16 19:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 09:52 - 2019-03-15 00:55 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 001626928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-04-10 09:52 - 2019-03-15 00:53 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 09:52 - 2019-03-15 00:52 - 001424696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000954160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-04-10 09:52 - 2019-03-15 00:52 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-04-10 09:52 - 2019-03-15 00:52 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-04-10 09:52 - 2019-03-15 00:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 09:52 - 2019-03-15 00:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-10 09:52 - 2019-03-15 00:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 09:52 - 2019-03-15 00:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 09:52 - 2019-03-15 00:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 09:52 - 2019-03-15 00:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 09:52 - 2019-03-15 00:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 09:52 - 2019-03-15 00:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 09:52 - 2019-03-15 00:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 09:52 - 2019-03-15 00:29 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 09:52 - 2019-03-15 00:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 09:52 - 2019-03-15 00:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-10 09:52 - 2019-03-14 23:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 09:52 - 2019-03-14 23:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 09:52 - 2019-03-14 23:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 09:52 - 2019-03-14 23:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 09:52 - 2019-03-14 23:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 09:52 - 2019-03-14 23:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-10 09:52 - 2019-03-14 18:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 09:52 - 2019-03-14 18:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 09:52 - 2019-03-14 18:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 09:52 - 2019-03-14 18:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 09:52 - 2019-03-14 18:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 09:52 - 2019-03-14 18:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 09:52 - 2019-03-14 18:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 09:52 - 2019-03-14 18:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 09:52 - 2019-03-14 18:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 09:52 - 2019-03-14 18:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 09:52 - 2019-03-14 18:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 09:52 - 2019-03-14 18:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 09:52 - 2019-03-14 18:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 09:52 - 2019-03-14 18:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 09:52 - 2019-03-14 18:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 09:52 - 2019-03-14 18:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 09:52 - 2019-03-14 18:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-10 09:52 - 2019-03-14 18:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 09:52 - 2019-03-14 18:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-10 09:52 - 2019-03-14 18:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 09:52 - 2019-03-14 18:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 09:52 - 2019-03-14 18:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 09:52 - 2019-03-14 18:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 09:52 - 2019-03-14 18:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 09:52 - 2019-03-14 18:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-10 09:52 - 2019-03-14 18:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-10 09:52 - 2019-03-14 18:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 09:52 - 2019-03-14 18:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 09:52 - 2019-03-14 17:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 09:52 - 2019-03-14 17:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 09:52 - 2019-03-14 17:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 09:52 - 2019-03-14 17:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 09:52 - 2019-03-14 17:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 09:52 - 2019-03-14 17:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 09:52 - 2019-03-14 17:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 09:52 - 2019-03-14 17:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 09:52 - 2019-03-14 17:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 09:52 - 2019-03-14 17:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 09:52 - 2019-03-14 17:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 09:52 - 2019-03-14 17:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 09:52 - 2019-03-14 17:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 09:52 - 2019-03-14 17:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 09:52 - 2019-03-14 17:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 09:52 - 2019-03-14 17:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 09:52 - 2019-03-14 17:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 09:52 - 2019-03-14 17:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 09:52 - 2019-03-14 11:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-09 03:02 - 2019-04-09 03:02 - 000000000 ____D C:\ProgramData\Hankuper
2019-04-09 03:02 - 2019-04-09 03:02 - 000000000 ____D C:\Program Files\AdLock
2019-04-09 02:58 - 2019-04-09 02:58 - 036153840 _____ (Hankuper s.r.o.) C:\Users\Lenovo\Downloads\Adlock_Installer.exe
2019-04-09 00:08 - 2019-04-09 00:08 - 003976665 _____ C:\Users\Lenovo\Downloads\Mega Man Battle Network 2 (USA).zip
2019-04-06 18:30 - 2019-04-06 18:30 - 000364952 _____ C:\Users\Lenovo\Downloads\download.pdf
2019-04-05 11:04 - 2019-04-05 11:04 - 000192384 _____ C:\Users\Lenovo\Downloads\9299 (1) (1).pdf
2019-04-05 11:02 - 2019-04-05 11:02 - 000182444 _____ C:\Users\Lenovo\Downloads\9299 (1).pdf
2019-04-05 11:00 - 2019-04-05 11:00 - 000182444 _____ C:\Users\Lenovo\Downloads\929 (1).pdf
2019-04-05 10:00 - 2019-04-05 10:00 - 000338279 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1) (1)[1145].pdf
2019-04-01 15:19 - 2019-04-01 15:19 - 000182444 _____ C:\Users\Lenovo\Downloads\929.pdf
2019-04-01 15:01 - 2019-04-01 15:01 - 000233489 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1) (1).pdf
2019-03-31 01:33 - 2019-03-31 01:33 - 000000000 ____D C:\Users\Lenovo\Downloads\New folder
2019-03-27 12:24 - 2019-03-27 12:24 - 000233489 _____ C:\Users\Lenovo\Downloads\form 80 2015-2019(1).pdf
2019-03-25 13:27 - 2019-03-25 13:27 - 000063894 _____ C:\Users\Lenovo\Downloads\Albert - Akta lahir.pdf
2019-03-25 13:02 - 2019-03-25 13:02 - 001771175 _____ C:\Users\Lenovo\Downloads\Statement20181231.pdf
2019-03-25 13:01 - 2019-03-25 13:01 - 000116172 _____ C:\Users\Lenovo\Downloads\scoreReport (2).pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-22 16:07 - 2018-04-12 09:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-22 15:55 - 2018-05-26 17:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-22 09:40 - 2018-03-22 21:37 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\360WD
2019-04-22 09:36 - 2016-12-21 04:23 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2019-04-22 09:36 - 2014-12-30 12:34 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2019-04-22 09:27 - 2018-05-26 17:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-22 09:24 - 2018-04-12 07:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-21 15:35 - 2018-05-27 10:37 - 000503220 _____ C:\WINDOWS\system32\perfh011.dat
2019-04-21 15:35 - 2018-05-27 10:37 - 000145096 _____ C:\WINDOWS\system32\perfc011.dat
2019-04-21 15:35 - 2018-05-26 17:09 - 001571872 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-21 15:35 - 2018-04-12 09:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-20 20:03 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-20 05:53 - 2018-04-12 09:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-20 05:27 - 2018-05-26 17:40 - 000003646 _____ C:\WINDOWS\System32\Tasks\opera scheduled autoupdate 1521719234
2019-04-20 05:27 - 2018-03-22 21:47 - 000001443 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-04-20 05:24 - 2018-04-12 09:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-20 05:22 - 2015-01-12 14:01 - 000000000 ____D C:\ProgramData\McAfee
2019-04-20 05:17 - 2017-10-16 00:08 - 000000000 ____D C:\ProgramData\Package Cache
2019-04-20 05:03 - 2018-03-22 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-04-20 05:03 - 2018-03-22 22:15 - 000000000 ____D C:\Program Files (x86)\Java
2019-04-20 05:01 - 2018-03-22 22:16 - 000099192 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-04-20 04:59 - 2018-05-26 17:40 - 000004578 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-20 04:59 - 2018-05-26 17:40 - 000004544 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-04-20 04:59 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-20 04:59 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-20 04:55 - 2017-03-11 16:44 - 000000000 ____D C:\Users\Lenovo\AppData\Local\tkdata
2019-04-20 04:18 - 2018-03-22 23:45 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-04-20 04:18 - 2014-11-25 18:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-20 04:15 - 2016-12-09 20:20 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Temp
2019-04-20 04:14 - 2009-07-14 13:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-04-20 00:36 - 2014-11-25 18:39 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Mozilla
2019-04-19 14:07 - 2018-03-22 23:25 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-19 14:03 - 2018-04-12 09:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-19 12:57 - 2018-03-25 06:00 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-04-19 12:47 - 2018-03-22 21:37 - 000000000 ____D C:\ProgramData\360safe
2019-04-19 12:47 - 2014-11-25 18:39 - 000000000 ____D C:\ProgramData\Mozilla
2019-04-19 10:08 - 2018-03-22 21:37 - 000000000 _RSHD C:\360SANDBOX
2019-04-19 10:01 - 2018-03-22 22:30 - 000000000 __SHD C:\$360Section
2019-04-19 10:01 - 2018-03-22 22:05 - 000000000 ____D C:\ProgramData\360Quarant
2019-04-19 02:36 - 2017-09-30 14:04 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online
2019-04-19 02:35 - 2019-02-26 14:27 - 000000000 ____D C:\WINDOWS\Minidump
2019-04-18 15:45 - 2017-12-30 07:35 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2019-04-18 13:26 - 2017-05-27 00:44 - 000000000 ____D C:\ProgramData\Adguard
2019-04-18 13:26 - 2017-05-27 00:43 - 000000000 ____D C:\Program Files (x86)\Adguard
2019-04-18 12:32 - 2015-09-12 20:58 - 000000000 ____D C:\Users\Lenovo\AppData\Local\TeamViewer
2019-04-18 12:30 - 2018-05-26 17:10 - 000000000 ____D C:\Users\DefaultAppPool
2019-04-18 12:30 - 2015-09-12 20:45 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\TeamViewer
2019-04-18 10:28 - 2018-03-22 21:37 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360safe
2019-04-18 10:20 - 2018-05-26 17:10 - 000000000 ____D C:\Users\Lenovo
2019-04-18 10:14 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-18 03:50 - 2019-02-16 23:48 - 000003752 _____ C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1550324909
2019-04-18 03:50 - 2018-05-26 17:40 - 000002970 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2019-04-18 03:50 - 2018-05-26 17:40 - 000002646 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2019-04-18 03:50 - 2018-05-26 17:40 - 000002604 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2019-04-18 03:50 - 2018-05-26 17:40 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-04-18 03:50 - 2018-05-26 17:40 - 000002202 _____ C:\WINDOWS\System32\Tasks\StartCN
2019-04-18 03:48 - 2019-03-18 21:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-04-18 01:12 - 2017-09-28 20:12 - 000061060 _____ C:\Users\Lenovo\Desktop\Share.xlsx
2019-04-16 13:23 - 2018-12-26 22:02 - 000019344 _____ C:\Users\Lenovo\Desktop\Mascot-202-RENT.xlsx
2019-04-13 19:26 - 2016-09-22 12:11 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\vlc
2019-04-13 05:25 - 2019-03-18 21:25 - 000476264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1af7b8ca475981fe.tmp
2019-04-11 18:06 - 2018-03-22 21:38 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360TotalSecurity
2019-04-11 17:47 - 2018-04-12 19:20 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-11 17:47 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-10 09:51 - 2015-03-13 02:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 09:44 - 2015-03-13 02:42 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-07 23:23 - 2018-03-22 21:48 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\360DrvMgr
2019-04-05 21:35 - 2017-09-29 19:45 - 000000000 ____D C:\Program Files\rempl
2019-04-02 03:51 - 2018-11-18 11:45 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-02 03:51 - 2018-11-18 11:45 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-26 08:20 - 2019-02-19 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2019-03-26 07:28 - 2019-03-18 21:25 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-23 15:36 - 2019-03-21 23:11 - 000000000 ____D C:\ProgramData\Stardock

==================== Files in the root of some directories =======

2017-05-27 00:44 - 2018-06-15 09:49 - 000000267 _____ () C:\ProgramData\fontcacheev1.dat
2018-08-13 21:01 - 2018-06-14 21:01 - 000000032 ____R () C:\ProgramData\hash.dat
2015-10-04 11:58 - 2015-10-04 11:58 - 000000097 _____ () C:\Users\Lenovo\AppData\Roaming\settings.xml
2015-04-25 14:16 - 2015-04-25 14:16 - 000000054 _____ () C:\Users\Lenovo\AppData\Roaming\updater.cfg
2015-11-09 13:55 - 2015-11-30 19:16 - 000002856 _____ () C:\Users\Lenovo\AppData\Roaming\VoiceMeeterDefault.xml
2016-09-23 11:37 - 2017-01-05 11:54 - 000000202 _____ () C:\Users\Lenovo\AppData\Roaming\_encryptiondb.grf
2014-11-26 19:09 - 2014-11-26 19:09 - 000000038 ___SH () C:\Users\Lenovo\AppData\Local\1754111884ee9ab5277ca00.95260103
2014-12-26 00:02 - 2016-06-26 16:10 - 000007603 _____ () C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.04.2019 01
Ran by Lenovo (22-04-2019 16:13:09)
Running from C:\Users\Lenovo\Desktop\Comp Tool\FRST
Windows 10 Pro Version 1803 17134.706 (X64) (2018-05-26 07:41:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1925601759-1010797402-2804155008-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1925601759-1010797402-2804155008-503 - Limited - Disabled)
Guest (S-1-5-21-1925601759-1010797402-2804155008-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1925601759-1010797402-2804155008-1002 - Limited - Enabled)
Lenovo (S-1-5-21-1925601759-1010797402-2804155008-1000 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-1925601759-1010797402-2804155008-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . (HKLM\...\{3D383E25-72E7-4F09-AA1C-9ADE6A2EF42F}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{0C9A6167-6560-4085-9C35-EDB1AE105328}) (Version: 3.2.0.9 - Intel) Hidden
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 10.2.0.1180 - 360 Security Center)
3DP Chip Lite v17.11.1 (HKLM-x32\...\3DP Chip Lite) (Version: v17.11.1 - 3DP)
ACDSee Pro 3 (HKLM-x32\...\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.355 - ACD Systems International Inc.)
Active Directory Authentication Library for SQL Server (HKLM\...\{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
AdLock (HKLM\...\{26D2159D-4BE2-43A4-9E68-F0594DF0295C}) (Version: 1.0.2.2 - Hankuper) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.2.1 - Advanced Micro Devices, Inc.)
Anathena (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\242cfcc8731b6ee3) (Version: 3.3.8.0 - Anathena)
Any Video Converter 6.2.5 (HKLM-x32\...\Any Video Converter) (Version: 6.2.5 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.189 - ArcSoft)
AVG 2015 (HKLM\...\{6E4BAAF0-7F23-41E5-B16B-4727B6FC0C6F}) (Version: 15.0.6081 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattlePing (HKLM-x32\...\{DB480AC3-1578-B8DC-3F8F-786A2A4E3BC7}) (Version: 1.3.7.1 - BattlePing)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{15EEB07A-3FB9-FA4C-8EFF-697728CB1E5C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{A63E3031-0522-18C6-F18F-7EE80973315F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{A2966D0F-43BB-116D-C9C7-49612FBFD0AE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{4C608ED2-535B-2119-3661-9E6F7DDB600F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9005C809-497A-FD45-CB96-76A3338E35B9}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D84300A6-72F1-5771-B3B1-8FC71184AB38}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{56D13277-FA9F-2842-682D-DD7298973585}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{8D0C7788-D519-7B65-36F6-D0D21296F173}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{930FD2C7-D026-197D-94E4-CB5917CE7420}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{086D11E3-9CA4-DBEF-2B48-5A2EFFD53145}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{D0C1EAB6-92F1-EE91-04C2-5947EE150593}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{57EAA61A-CD02-DF34-0839-2549F57A334C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{AA477FD2-347B-1732-5D8C-AF35AF1B9703}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{BBFC5953-2CB9-5932-1D47-52E4AA99737B}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{01E7D692-D785-743F-5A55-F00162D26A1C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{5D8BA452-1264-7D13-E4EC-8236EC5B83FE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F49BA906-83DA-3F5A-5B24-03C8DE2A3936}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{5A466CAA-F071-D9EF-A799-EF63552DBE70}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{D7DC4DDB-3E0D-6F79-4258-4A461654B689}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{ACDFF800-6015-BEEC-8A27-7B1A80915273}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{A28B1FC5-3947-9D39-7FE5-A3CB18E16358}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1620.51 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX H.264 decoder 8.2.0.26 (HKLM-x32\...\divxh264_is1) (Version: 8.2.0.26 - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.93 - DivX, LLC)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
DriverUpdate (HKLM\...\{29F2ECB3-23D0-4A77-A259-3EA42E85CD71}) (Version: 5.8.2 - Slimware Utilities Holdings, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 45.4.92 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
eNexia version 749.0 (HKLM-x32\...\{8C3EC8A8-70A1-4298-BD7D-3CD7DAE20D64}_is1) (Version: 749.0 - eNexiaTK)
Google Chrome (HKLM-x32\...\{8CAF1821-50A9-3971-88C2-371AACE003E1}) (Version: 73.0.3683.103 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GRF Editor version 1.7.9 (HKLM-x32\...\GRF Editor_is1) (Version: 1.7.9 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{699E6891-25C3-443A-9B8E-80C74F0172C8}) (Version: 2.1.03413 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{4d839fe1-a8d3-4edc-b0ca-844394309856}) (Version: 3.2.0.9 - Intel)
IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.4.0.8 - IObit)
iTunes (HKLM\...\{1D7D1271-5258-4F5A-B8C1-7176BF398782}) (Version: 12.7.3.46 - Apple Inc.)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
K-Lite Mega Codec Pack 14.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.0.5 - KLCP)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Magic Bullet Suite 64-bit (HKLM\...\{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
mHotspot version 7.8.8.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 7.8.8.0 - 1BN Software & IT Solutions Pvt. Ltd.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (日本語) (HKLM-x32\...\{9A330858-0CD6-4FB3-8C57-0F1BB58012B0}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (日本語) (HKLM-x32\...\{903C5477-BA28-4CFC-8BE4-62E3C328D4DD}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU (HKLM-x32\...\{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Database Providers (x86) ENU (HKLM-x32\...\{296E293F-C481-4DDE-9ED2-3F79FCF38731}) (Version: 3.1.1648.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Modem AC2726 UI (HKLM\...\ZTEWireless-101_is1) (Version: - )
MornaTK Installer (HKLM-x32\...\{BCD1C4AD-EB1A-40DF-A838-2AF8C45B5942}) (Version: 1.0 - MornaTales)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.3.0 - Movavi)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 66.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 66.0.3 (x86 en-US)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
Mumble 1.2.19 (HKLM-x32\...\{F62A874F-2354-49B1-87BE-CAAD7C8FA084}) (Version: 1.2.19 - Thorvald Natvig)
MYOB AccountRight Plus v19.12.0 ED (HKLM-x32\...\{27D4F4A7-5A34-4657-9E78-D6B1E87C8A90}) (Version: 19.12.0 - MYOB Technology Pty Ltd) Hidden
MYOB AccountRight Plus v19.12.0 ED (HKLM-x32\...\InstallShield_{27D4F4A7-5A34-4657-9E78-D6B1E87C8A90}) (Version: 19.12.0 - MYOB Technology Pty Ltd)
MYOB ODBC Direct v10 AUS (HKLM-x32\...\{55D5A77E-FAAA-4358-B3E5-6565E024F78B}) (Version: 10.1.0 - MYOB Technology Pty Ltd) Hidden
MYOB ODBC Direct v10 AUS (HKLM-x32\...\InstallShield_{55D5A77E-FAAA-4358-B3E5-6565E024F78B}) (Version: 10.1.0 - MYOB Technology Pty Ltd)
MySQL Installer - Community (HKLM-x32\...\{4553E209-560C-451E-9DE9-E6B812D32B8C}) (Version: 1.4.8.0 - Oracle Corporation)
MySQL Server 5.0 (HKLM-x32\...\{2FEB25F8-C3CB-49A2-AE79-DE17FFAFB5D9}) (Version: 5.0.45 - MySQL AB)
MySQL Tools for 5.0 (HKLM-x32\...\{EC561602-C0B9-4FAA-A175-1B3273639AC3}) (Version: 5.0.12 - MySQL AB)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NovaRO (HKLM-x32\...\NovaRO_is1) (Version: 6.0.0 - NovaRO)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.0.1.1 - Duodian Technology Co. Ltd.)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Opera Stable 60.0.3255.56 (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Opera 60.0.3255.56) (Version: 60.0.3255.56 - Opera Software)
Pingzapper version 2.1.2 (HKLM-x32\...\{7FD61982-5436-439B-B5D0-36F0536FF8BF}_is1) (Version: 2.1.2 - Pingzapper)
PlayNexia II (HKLM-x32\...\PlayNexia II) (Version: - )
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.13.1-r115223-release - Plays.tv, LLC)
Pokémon World Online Uninstaller (HKLM-x32\...\{6B67E1A1-1D62-4BDC-8C60-07FDF25CA975}_is1) (Version: 1.97 - PWO Team)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
PX Profile Update (HKLM-x32\...\{230C6C56-D930-2D7A-CF62-9BE26FAEE260}) (Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Ragnarok Online (HKLM-x32\...\{181579B5-0028-4E01-AC27-97ED80352279}) (Version: 14.2.5 - Gravity Interactive, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.1.1-r111306-release - Raptr, Inc)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.30.0239 - REALTEK Semiconductor Corp.)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Safari (HKLM-x32\...\{A08BAD08-9AA3-410F-98F3-C92C8EE37218}) (Version: 5.34.54.16 - Apple Inc.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Spotify (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
Sql Server Customer Experience Improvement Program (HKLM\...\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.0) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare PDFelement 6 Pro(Build 6.8.6) (HKLM-x32\...\{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.8.6.4121 - Wondershare Software Co.,Ltd.)
Wondershare Video Converter Ultimate(Build 10.3.0.178) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.3.0.178 - Wondershare Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 7.1.1-0 - Bitnami)
Zoom (HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Lenovo\Dropbox [2015-07-07 16:17]
CustomCLSID: HKU\S-1-5-21-1925601759-1010797402-2804155008-1000_Classes\CLSID\{f1d8036a-7f48-43e4-8045-dbcb4e742507}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-09-28] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2018-12-18 14:31 - 2017-10-19 09:17 - 000271360 _____ (Wondershare Software) [File not signed] C:\WINDOWS\System32\WSPDFelementMonitor.dll
2013-08-27 17:32 - 2013-08-27 17:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2007-07-06 12:14 - 2007-07-06 12:14 - 005730304 _____ () [File not signed] C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
2016-06-28 21:36 - 2016-06-28 21:36 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamenu.dll
2016-06-28 21:38 - 2016-06-28 21:38 - 000138752 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000009216 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000077312 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPMaster.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000011264 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPUF.exe
2018-01-31 17:49 - 2018-01-31 17:49 - 000060928 _____ () [File not signed] C:\Program Files (x86)\AMD\Performance Profile Client\AUEPDU.exe
2015-11-25 06:49 - 2015-11-25 06:49 - 002257408 _____ (ActiveState Software Inc) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\python26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000028160 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-25 06:46 - 2015-11-25 06:46 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000041472 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000096256 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000356864 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000017920 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000019968 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-25 06:48 - 2015-11-25 06:48 - 000036352 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000043008 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000805376 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-25 06:43 - 2015-11-25 06:43 - 000087040 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-25 06:46 - 2015-11-25 06:46 - 000354304 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-25 06:48 - 2015-11-25 06:48 - 000167936 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 001980928 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-11-25 07:02 - 2015-11-25 07:02 - 004604416 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Gui.dll
2015-11-25 07:01 - 2015-11-25 07:01 - 004088320 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Core.dll
2015-11-25 07:01 - 2015-11-25 07:01 - 001961472 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icuin53.dll
2015-11-25 07:02 - 2015-11-25 07:02 - 001316352 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icuuc53.dll
2015-11-25 07:01 - 2015-11-25 07:01 - 021529088 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\icudt53.dll
2015-12-08 06:57 - 2015-12-08 06:57 - 000077824 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 001862144 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-25 06:47 - 2015-11-25 06:47 - 000516608 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-25 07:02 - 2015-11-25 07:02 - 000839680 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Network.dll
2015-11-25 06:47 - 2015-11-25 06:47 - 004060160 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-25 07:01 - 2015-11-25 07:01 - 004468736 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Widgets.dll
2015-11-25 06:43 - 2015-11-25 06:43 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2018-03-22 23:24 - 2019-04-19 14:07 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-19 14:03 - 2019-04-19 14:07 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-19 14:03 - 2019-04-19 14:07 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-03-22 23:24 - 2019-04-19 14:07 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-19 14:07 - 2019-04-19 14:07 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-19 14:03 - 2019-04-19 14:07 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2013-11-21 11:31 - 2013-11-21 11:31 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-11-21 11:31 - 2013-11-21 11:31 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-11-15 03:41 - 2019-04-22 09:16 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

2016-11-07 03:29 - 2016-11-07 03:29 - 000000499 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

192.168.137.70 iPhone.mshome.net # 2016 11 0 13 17 29 46 813
192.168.137.1 Lenovo-PC.mshome.net # 2021 11 5 5 17 29 46 813

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;D:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: CLHNServiceForPowerDVD => 2
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Service => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: hmevpnsvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: PingzapperSvc => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: UDisk Monitor => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lenovo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MYOB Add-On Connector.lnk => C:\Windows\pss\MYOB Add-On Connector.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: cFosSpeed => C:\Program Files\cFosSpeed\cFosSpeed.exe
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: Energy Management => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
MSCONFIG\startupreg: EnergyUtility => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
MSCONFIG\startupreg: ForteConfig => C:\Program Files\Conexant\ForteConfig\fmapp.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Lenovo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\Program Files (x86)\Raptr\RAPTRS~1.EXE --startup
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SACpl.exe /t
MSCONFIG\startupreg: Spotify => "C:\Users\Lenovo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lenovo\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SynLenovoGestureMgr => %ProgramFiles%\Synaptics\SynTP\SynLenovoGestureMgr.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: WTFast Tray => "D:\Program Files (x86)\WTFast\WTFast.exe" trayonly
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\StartupFolder: => "Bitcoin.lnk"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "Free Download Manager"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "Adguard"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "DownloadAccelerator"
HKU\S-1-5-21-1925601759-1010797402-2804155008-1000\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E4C5C504-2D9E-4E7E-A6E8-331178A7B1DD}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{CA1A8D5E-E08F-407D-AE69-E974D7573933}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{C1DE0AB3-597A-44B3-B925-3A8DA1D0D063}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6A4C5110-FB26-44EF-90A3-6F64906DF519}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DBF015C2-BE70-44FC-8899-D4618C9FC5EE}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FA1692F2-C3D8-4D02-8399-8A72520C5447}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

==================== Restore Points =========================

22-04-2019 06:02:56 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2019 09:36:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.17134.112, time stamp: 0x2a3c4e62
Faulting module name: msxml6.dll, version: 6.30.17134.706, time stamp: 0x89769e02
Exception code: 0xc0000005
Fault offset: 0x00000000000a728c
Faulting process id: 0x1dc4
Faulting application start time: 0x01d4f89b04f4b450
Faulting application path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\msxml6.dll
Report Id: 90c8c60a-52f5-41c8-8838-62521b55cb48
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Error: (04/22/2019 09:30:49 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "SQLAgent$SQLEXPRESS" in DLL "perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/22/2019 09:30:49 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (04/22/2019 09:30:48 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSSQL$SQLEXPRESS" in DLL "perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/22/2019 09:30:45 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/22/2019 09:27:24 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$SQLEXPRESS\Performance'. SQL Server performance counters are disabled.

Error: (04/22/2019 09:17:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (04/22/2019 09:15:01 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {ee04ecc5-1436-4ee4-bec4-dd8ce3ea2645}


System errors:
=============
Error: (04/22/2019 09:46:19 AM) (Source: DCOM) (EventID: 10016) (User: Lenovo-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Lenovo-PC\Lenovo SID (S-1-5-21-1925601759-1010797402-2804155008-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/22/2019 09:37:38 AM) (Source: DCOM) (EventID: 10016) (User: Lenovo-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Lenovo-PC\Lenovo SID (S-1-5-21-1925601759-1010797402-2804155008-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/22/2019 09:33:24 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/22/2019 09:27:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAService service failed to start due to the following error:
The system cannot find the file specified.

Error: (04/22/2019 09:27:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TrueKey service failed to start due to the following error:
The system cannot find the file specified.

Error: (04/22/2019 09:27:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TrueKeyServiceHelper service failed to start due to the following error:
The system cannot find the file specified.

Error: (04/22/2019 09:27:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TrueKeyScheduler service failed to start due to the following error:
The system cannot find the file specified.

Error: (04/22/2019 09:26:31 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.


CodeIntegrity:
===================================

Date: 2019-04-22 11:44:04.372
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-04-22 11:44:04.372
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-04-22 02:53:31.395
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-22 02:53:27.177
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-22 02:53:26.259
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-22 02:50:18.534
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-22 02:50:18.178
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-22 02:50:17.811
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 80%
Total physical RAM: 8088.36 MB
Available physical RAM: 1538.73 MB
Total Virtual: 20220.36 MB
Available Virtual: 10690.42 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:151.27 GB) (Free:18.69 GB) NTFS
Drive d: (Data) (Fixed) (Total:584.83 GB) (Free:275.43 GB) NTFS
Drive f: (Bandicam) (Fixed) (Total:195.31 GB) (Free:179.55 GB) NTFS

\\?\Volume{c05dd144-747f-11e4-9d1a-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=584.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================
 

jmarket

PCHF's Almighty Ruler
PCHF Owner
Support Team
Security Team
Jan 10, 2015
2,121
494
PCHF Bunker
pchelpforum.net
Is Chrome behaving the way it should?

You have a lot of bloatware, junk, and un-needed programs. It's quite possible one of them messed up the system
 

jmarket

PCHF's Almighty Ruler
PCHF Owner
Support Team
Security Team
Jan 10, 2015
2,121
494
PCHF Bunker
pchelpforum.net
Before I close it though, let's go ahead and run some cleanup.

Please go HERE and download Delfix Save it to your desktop.

Right click the new Delfix desktop icon and then click "run as administrator"

Place a tick in the following checkboxes

  1. Remove disinfection tools
  2. Create registry backup
  3. Purge system restore

Then select "Run"



Delfix will remove the tools used to clean your PC and remove itself. When finished a .txt file will display on your desktop. A copy of this file will be also located as C:\Delfix.txt.

Please post a copy of this file in your next post :)
 

Baroona

PCHF Member
PCHF Member
Apr 18, 2019
21
1
23
# DelFix v1.013 - Logfile created 24/04/2019 at 10:22:33
# Updated 17/04/2016 by Xplode
# Username : Lenovo - LENOVO-PC
# Operating System : Windows 10 Enterprise (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\SecurityCheck
Deleted : C:\Users\Lenovo\Downloads\FRST-OlderVersion
Deleted : C:\Users\Lenovo\Downloads\Addition.txt
Deleted : C:\Users\Lenovo\Downloads\FRST.txt

~ Creating registry backup ... OK

~ Cleaning system restore ...


New restore point created !

########## - EOF - ##########
 
Status
Not open for further replies.