CreateRestorePoint: (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit) FF Plugin: @alipay.com/npalicert -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalicdo64.dll [No File] FF Plugin: @alipay.com/npAliInetHealth -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAlipaydhc64.dll [No File] FF Plugin: @alipay.com/npAliSecCtrl -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAliSecCtrl64.dll [No File] FF Plugin-x32: @alipay.com/npalicert -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalicdo.dll [No File] FF Plugin-x32: @alipay.com/npalidcp -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalidcp.dll [No File] FF Plugin-x32: @alipay.com/npaliedit -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npaliedit.dll [No File] FF Plugin-x32: @alipay.com/npAliInetHealth -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAlipaydhc.dll [No File] FF Plugin-x32: @alipay.com/npAliSecCtrl -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAliSecCtrl.dll [No File] FF Plugin-x32: @alipay.com/NPComBrg701,version=1.0.2011.701 -> C:\Windows\system32\itruscert\NPComBrg701.dll [No File] FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [No File] S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit) S3 Blackberry Device Manager; "C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe" [X] S4 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X] S2 pcas; "C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\pcas.exe" [X] S2 secbizsrv; "C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\secbizsrv.exe" [X] S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes) C:\Windows\system32\drivers\mbamchameleon.sys S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X] HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) C:\Program Files (x86)\IObit C:\Program Files\Malwarebytes Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden <==== ATTENTION CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{08D512D2-7D97-4E22-B7DB-82791106C086}\InprocServer32 -> C:\Users\BR\AppData\Roaming\alipay\cf\alicdo_x64.dll => No File CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe /Automation => No File CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe /Automation => No File CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe => No File CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2011\acadficn.dll => No File Task: {6B018955-0C55-476B-92A7-6ACC06682672} - System32\Tasks\Uninstaller_SkipUac_BR => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-01-19] (IObit) 2017-02-21 20:06 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2017-02-21 20:06 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2017-02-21 20:06 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2017-02-21 20:06 - 2016-05-23 21:49 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll 2017-02-21 20:06 - 2016-10-18 16:57 - 00631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state on Hosts: EmptyTemp: