Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2019 Ran by Alex (04-11-2019 10:15:34) Running from D:\Downloads\Chrome Windows 10 Pro Version 1903 18362.449 (X64) (2019-10-29 13:33:28) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2000554322-72074022-1378442669-500 - Administrator - Disabled) Alex (S-1-5-21-2000554322-72074022-1378442669-1002 - Administrator - Enabled) => C:\Users\Alex DefaultAccount (S-1-5-21-2000554322-72074022-1378442669-503 - Limited - Disabled) Guest (S-1-5-21-2000554322-72074022-1378442669-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2000554322-72074022-1378442669-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2000554322-72074022-1378442669-1002\...\uTorrent) (Version: 3.5.5.45365 - BitTorrent Inc.) AdGuard (HKLM-x32\...\{1d7ee810-0b6a-4cf5-8e22-8905eb4734e1}) (Version: 6.3.1399.4073 - Adguard Software Ltd) AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 6.3.1399.4073 - Adguard Software Ltd) Hidden Adobe Photoshop CC 2018 (HKLM\...\{C0FE994F-A638-4DCD-84A9-912A80C92365}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden Alcor Micro USB Card Reader Driver (HKLM-x32\...\{AEEF33DD-E3B9-4049-B709-0E546C2B1AAB}) (Version: 20.25.401.14526 - Alcor Micro Corp.) Hidden Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{AEEF33DD-E3B9-4049-B709-0E546C2B1AAB}) (Version: 20.25.401.14526 - Alcor Micro Corp.) Application Verifier x64 External Package (HKLM\...\{62CB44B2-8007-DBB2-1CBA-5CB7309EB3C3}) (Version: 10.1.17134.12 - Microsoft) Hidden Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.) ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.25 - ASUSTek COMPUTER INC.) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.23.0001 - ASUS) ATK Package (ASUS Keyboard Hotkeys) (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0060 - ASUSTeK COMPUTER INC.) Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software) Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform) ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 - Microsoft Corporation) Hidden Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.94.51 - Conexant) Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) DiagnosticsHub_CollectionService (HKLM\...\{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 - Microsoft Corporation) Hidden Entity Framework 6.2.0 Tools for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.120 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden Grammarly (HKU\S-1-5-21-2000554322-72074022-1378442669-1002\...\GrammarlyForWindows) (Version: 1.5.48 - Grammarly) icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden Intel Driver && Support Assistant (HKLM-x32\...\{6B913517-E442-4045-A3A6-4C9EC4C4F0CC}) (Version: 19.10.42.4 - Intel) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Intel(R) Computing Improvement Program (HKLM\...\{A9133872-C9FE-45CC-8F01-D1947B0F09EA}) (Version: 2.4.04755 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000040-0210-1037-84C8-B8D95FA3C8C3}) (Version: 21.40.0.1 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{9758f1c4-4afb-42ef-99ca-a0e88d687809}) (Version: 19.10.42.4 - Intel) Intel® PROSet/Wireless Software (HKLM-x32\...\{d5c53162-d8b4-4547-8a40-917a25c0172e}) (Version: 20.60.0 - Intel Corporation) IntelliJ IDEA Community Edition 2019.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 2019.2) (Version: 192.5728.98 - JetBrains s.r.o.) IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation) Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation) Java(TM) SE Development Kit 10.0.2 (64-bit) (HKLM\...\{71307D56-8005-5F5E-9227-BFA2754D6E54}) (Version: 10.0.2.0 - Oracle Corporation) Kits Configuration Installer (HKLM-x32\...\{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 - Microsoft) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains) Microsoft .NET Core SDK 2.1.403 (x64) (HKLM-x32\...\{2eabe091-c571-4b9d-bdaa-5df5d11c84d4}) (Version: 2.1.403 - Microsoft Corporation) Microsoft .NET Core SDK 2.1.500 (x64) (HKLM-x32\...\{d83984c4-b4ab-41e1-8d62-84f151ca642b}) (Version: 2.1.500 - Microsoft Corporation) Microsoft .NET Core SDK 2.1.502 (x64) (HKLM-x32\...\{6e700b89-6f3c-4dff-b957-44b77c8a4b0e}) (Version: 2.1.502 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12130.20272 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - he-il (HKLM\...\ProPlus2019Retail - he-il) (Version: 16.0.12130.20272 - Microsoft Corporation) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{1385D3DB-8E80-427B-91D2-B7535862B8E4}) (Version: 11.3.6518.0 - Microsoft Corporation) Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation) Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1089.1204 - Microsoft Corporation) MSI Development Tools (HKLM-x32\...\{1E406B46-65F4-91CE-65DA-DB66D5443B68}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation) NVIDIA Graphics Driver 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.08 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040D-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden Oracle VM VirtualBox 6.0.12 (HKLM\...\{E572CA5C-A60B-4C3B-9E9E-1302BBE4DBEE}) (Version: 6.0.12 - Oracle Corporation) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.3 beta r3260 - Rainmeter) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Revo Uninstaller Pro 4.1.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.0 - VS Revo Group, Ltd.) SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden SourceGear DiffMerge 4.2.0.697.stable (x64) (HKLM\...\{F6BEC317-F689-4158-B1F0-F229B794CFBA}) (Version: 4.2.0.697 - SourceGear, LLC) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TypeScript SDK (HKLM-x32\...\{3CBDDAE8-99AE-4168-BDA7-8352BF15BE73}) (Version: 3.1.2.0 - Microsoft Corporation) Hidden TypeScript SDK (HKLM-x32\...\{A3055644-FB53-420D-8724-EBEAB330D64F}) (Version: 3.0.3.0 - Microsoft Corporation) Hidden Universal CRT Extension SDK (HKLM-x32\...\{18ABFDF6-23D9-87E6-015E-FFE3C7F153D5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{0D6B41AF-D117-8944-A059-3F9346A896C5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{B6273353-8B54-1F89-1A16-5940925104CE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{775886B8-DEE1-CB20-8A94-FC09FA54ECF6}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden Visual Studio Enterprise 2017 (HKLM-x32\...\8bbda070) (Version: 15.9.28307.222 - Microsoft Corporation) VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_codecoveragemsi (HKLM-x32\...\{B2DB38F7-4225-4EA6-A7B2-F9A0E089DD89}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_codeduitestframeworkmsi (HKLM-x32\...\{4379D9C7-B16D-486C-BC6D-43550A4C55EE}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_cuitcommoncoremsi (HKLM-x32\...\{060D7518-16AC-41F1-9956-38CA636FCF7B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_cuitextensionmsi (HKLM-x32\...\{88484E59-774D-4947-AF0E-4524D6C3147D}) (Version: 15.8.27729 - Microsoft Corporation) Hidden vs_cuitextensionmsi_x64 (HKLM-x32\...\{184D5702-3AD2-4F0D-95E6-11E1C75A9298}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_enterprisemsi (HKLM-x32\...\{6E0FB913-0E76-44B5-B0D4-2B71A7984BD2}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden vs_Graphics_Singletonx64 (HKLM\...\{B6BAC9A6-A70D-4E4D-B90A-7EE2B336E090}) (Version: 15.8.27729 - Microsoft Corporation) Hidden vs_Graphics_Singletonx86 (HKLM-x32\...\{3161DA68-DD37-4798-82DB-B3A0BD6BA233}) (Version: 15.8.27729 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_networkemulationmsi_x64 (HKLM-x32\...\{674BB892-7904-4B94-8077-9DA3D2CBFC70}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_professionalmsi (HKLM-x32\...\{C135A30B-7258-4E11-8660-87C5642A4AAE}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WinAppDeploy (HKLM-x32\...\{5AD4A604-B476-1578-2A20-6B02FC6258BE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation) Windows Driver Package - ASUSTek COMPUTER INC. (AsusPTPDrv) HIDClass (10/25/2017 11.0.0.21) (HKLM\...\38D64A6EF13E2FAA5DE3820CB44E2994223DD766) (Version: 10/25/2017 11.0.0.21 - ASUSTek COMPUTER INC.) Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.) Windows Driver Package - libusb-win32 WorldCup Device (02/23/2013 1.2.6.0) (HKLM\...\607E81836F3E58EDC7289F7B7047149AE2C7F301) (Version: 02/23/2013 1.2.6.0 - libusb-win32) Windows Mobile Connectivity Tools 10.0.15254.0 - Desktop x86 (HKLM-x32\...\{833F02C5-2C39-49F6-BD64-91D351081274}) (Version: 10.1.15254.1 - Microsoft Corporation) Windows SDK AddOn (HKLM-x32\...\{E77C2F78-6089-48F8-89DF-DDF2850DFFD9}) (Version: 10.1.0.0 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.17134.12 (HKLM-x32\...\{5f83ccda-0498-4b97-a298-16a642bf49f2}) (Version: 10.1.17134.12 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.9.0 - ASUSTeK COMPUTER INC.) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - en-us (HKLM-x32\...\{389D182F-0ADA-5C7E-FF32-2573A821592C}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{C3776B36-B34E-00E2-3009-95A6F1870B58}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{965D1746-D94A-49B9-2A48-A14914CA3B57}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{84C6B91B-67DA-DDE3-86F1-87A3E307E8C1}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{3755CD99-C62E-3312-DDD3-29A4F259270D}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{729DA966-8590-2C1F-2178-16C1D32FD7FD}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{F1C18506-3168-A9D9-E2D9-D23A512A326E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{4095D263-6A13-78D3-DEDA-AA3452011F6E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{C3243E23-2EB6-4419-2692-40944923B112}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden Packages: ========= EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-10-29] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-11-01] (HP Inc.) Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-11-01] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad] Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2019-05-19] (Microsoft Platform Extensions) Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-11-01] (Microsoft Corporation) [MS Ad] Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.3.22883.0_x64__8wekyb3d8bbwe [2019-11-01] (Microsoft Corporation) MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-11-01] (Microsoft Corporation) [MS Ad] PDF Document Scanner -> C:\Program Files\WindowsApps\61083ApeApps.PDFDocumentScanner_4.21.0.0_x64__d2yynfvsn01f4 [2019-11-01] (Ape Apps) [MS Ad] Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.10.2.0_x64__jb41c8remg0x2 [2019-11-01] (Polarr) Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-23] (Microsoft Corporation) WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.5149.0_x64__cv1g1gvanyjgm [2019-11-01] (WhatsApp Inc.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2000554322-72074022-1378442669-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Alex\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2000554322-72074022-1378442669-1002_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) CustomCLSID: HKU\S-1-5-21-2000554322-72074022-1378442669-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Alex\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2000554322-72074022-1378442669-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Alex\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File SSODL: EldosMountNotificator-cbfs6 - {3041C05F-484E-4B19-A0B9-C51C3506C05B} - C:\WINDOWS\system32\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.) SSODL-x32: EldosMountNotificator-cbfs6 - {3041C05F-484E-4B19-A0B9-C51C3506C05B} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.) ShellServiceObjects: Virtual Storage Mount Notification -> {3041C05F-484E-4B19-A0B9-C51C3506C05B} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.) ShellServiceObjects-x32: Virtual Storage Mount Notification -> {3041C05F-484E-4B19-A0B9-C51C3506C05B} => C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-29] (AVAST Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {9570AEB6-09DB-44CD-8B62-1C5B6757F2F6} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {9570AEB6-09DB-44CD-8B62-1C5B6757F2F6} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-29] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers1-x32: [SourceGearDiffMergeShellExtension32] -> {2F410E77-24FD-4788-8412-3810115E7BCB} => C:\Program Files (x86)\SourceGear\Common\DiffMerge\SourceGearDiffMergeShellExtension32.dll [2013-10-23] (SourceGear LLC) [File not signed] ContextMenuHandlers1: [SourceGearDiffMergeShellExtension64] -> {41E0355D-F488-487D-B7BA-D235D5834F1D} => C:\Program Files\SourceGear\Common\DiffMerge\SourceGearDiffMergeShellExtension64.dll [2013-10-23] (SourceGear LLC) [File not signed] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-29] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers4-x32: [SourceGearDiffMergeShellExtension32] -> {2F410E77-24FD-4788-8412-3810115E7BCB} => C:\Program Files (x86)\SourceGear\Common\DiffMerge\SourceGearDiffMergeShellExtension32.dll [2013-10-23] (SourceGear LLC) [File not signed] ContextMenuHandlers4: [SourceGearDiffMergeShellExtension64] -> {41E0355D-F488-487D-B7BA-D235D5834F1D} => C:\Program Files\SourceGear\Common\DiffMerge\SourceGearDiffMergeShellExtension64.dll [2013-10-23] (SourceGear LLC) [File not signed] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-28] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\igfxDTCM.dll [2018-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-22] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-29] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b04caf901f490205\Magic Actions for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=abjcfabbhafbcdfjoecdgepllmpfceif ==================== Loaded Modules (Whitelisted) ============= 2019-11-02 16:50 - 2019-11-02 16:50 - 000372736 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\4a599b9f84f855dc789514ea7006b70f\Interop.CxHDAudioAPILib.ni.dll 2019-11-02 16:50 - 2019-11-02 16:50 - 000018944 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\0efcb8e5631b46dfd3e458dd42110422\Interop.CxUtilSvcLib.ni.dll 2019-11-01 17:55 - 2019-11-01 17:55 - 000116224 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.5149.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\node-quarantine\build\Release\binding.node 2017-03-15 17:08 - 2017-03-15 17:08 - 000732672 _____ () [File not signed] C:\Program Files (x86)\Adguard\brolib32.dll 2017-10-03 12:45 - 2017-10-03 12:45 - 000147968 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2017-10-24 11:24 - 2017-10-24 11:24 - 000036864 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2017-06-21 10:51 - 2017-06-21 10:51 - 000029184 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll 2019-10-29 12:32 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll 2018-10-16 14:41 - 2018-10-16 14:41 - 000315392 _____ () [File not signed] C:\Program Files\Rainmeter\Plugins\ActionTimer.DLL 2018-10-16 14:42 - 2018-10-16 14:42 - 000023552 _____ () [File not signed] C:\Program Files\Rainmeter\Plugins\InputText.DLL 2019-06-01 16:47 - 2019-06-01 16:47 - 002126848 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.5149.0_x64__cv1g1gvanyjgm\app\ffmpeg.dll 2019-06-01 16:47 - 2019-06-01 16:47 - 000109056 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.5149.0_x64__cv1g1gvanyjgm\app\libegl.dll 2019-06-01 16:47 - 2019-06-01 16:47 - 005103616 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.5149.0_x64__cv1g1gvanyjgm\app\libglesv2.dll 2017-10-24 11:24 - 2017-10-24 11:24 - 000073216 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll 2017-10-24 11:24 - 2017-10-24 11:24 - 000242688 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll 2017-10-24 11:24 - 2017-10-24 11:24 - 000407040 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll 2019-10-29 15:36 - 2018-03-13 10:21 - 001173504 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll 2017-11-01 20:58 - 2017-11-01 20:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll 2017-10-24 11:24 - 2017-10-24 11:24 - 000403968 _____ (TODO: ) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorUGameDLL.dll 2017-10-24 11:24 - 2017-10-24 11:24 - 000029184 _____ (TODO: ) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [220] ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-09-29 15:46 - 2019-09-16 14:23 - 000002112 ____R C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 api.adguard.com 0.0.0.0 adclick.g.doublecklick.net 0.0.0.0 adeventtracker.spotify.com 0.0.0.0 ads-fa.spotify.com 0.0.0.0 analytics.spotify.com 0.0.0.0 audio2.spotify.com 0.0.0.0 b.scorecardresearch.com 0.0.0.0 bounceexchange.com 0.0.0.0 bs.serving-sys.com 0.0.0.0 content.bitsontherun.com 0.0.0.0 core.insightexpressai.com 0.0.0.0 crashdump.spotify.com 0.0.0.0 d2gi7ultltnc2u.cloudfront.net 0.0.0.0 d3rt1990lpmkn.cloudfront.net 0.0.0.0 desktop.spotify.com 0.0.0.0 doubleclick.net 0.0.0.0 ds.serving-sys.com 0.0.0.0 googleadservices.com 0.0.0.0 googleads.g.doubleclick.net 0.0.0.0 gtssl2-ocsp.geotrust.com 0.0.0.0 log.spotify.com 0.0.0.0 media-match.com 0.0.0.0 omaze.com 0.0.0.0 pagead46.l.doubleclick.net 0.0.0.0 pagead2.googlesyndication.com 0.0.0.0 partner.googleadservices.com 0.0.0.0 pubads.g.doubleclick.net 0.0.0.0 redirector.gvt1.com 0.0.0.0 s0.2mdn.net 0.0.0.0 securepubads.g.doubleclick.net 2019-05-17 10:06 - 2019-05-17 10:06 - 000000438 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\SourceGear\Common\DiffMerge\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Users\Alex\AppData\Local\Microsoft\WindowsApps;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2000554322-72074022-1378442669-1002\Control Panel\Desktop\\Wallpaper -> D:\Media\Saved Pictures\cityscapes_old_Czech_history_flags_town_Prague_rivers_6022x3988(1).png DNS Servers: 192.168.43.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "system_jconsole.jar" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant" HKU\S-1-5-21-2000554322-72074022-1378442669-1002\...\StartupApproved\Run: => "Spotify Web Helper" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File FirewallRules: [{A6E742F5-7ADD-4DB8-AB7B-FF655E0E9A94}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{68A5A69C-8CED-415B-B5F7-D409F8482878}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{7A2577C3-672C-44F9-8AFD-409BDEE81755}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{524F3A9F-6BED-4CC9-A43F-B126D2BE2EC4}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{577D2496-EF0D-493A-953E-9663512467D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{4DA68222-27A5-4A79-800F-D846E7C88DB6}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{D640598E-ECDD-44D3-904B-F05328506E3D}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{9B7633EE-8D21-4947-885C-01CDB5D072FE}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{4742B0C1-6577-463F-BF31-62287CF0DD45}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司) FirewallRules: [{B7D58553-EF6B-4EEC-A18C-32C3E587F92C}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{5CF9BE72-29DB-4065-87AF-A5A03312D357}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{38091BCD-8AA0-4448-8742-317ECCAC3325}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{BB18E79F-3B42-4D8A-9788-135C18DEB62D}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{8F2CA185-87A5-4D03-93D4-CF774A38283B}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{5299FF4D-8636-4309-89C7-8F01FC5FFF9F}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed] FirewallRules: [{BE90AC7D-C2D8-488E-90E3-8AA44F3E38DD}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{F8E027E1-F7EC-4B68-B313-22CED4DD06D3}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File FirewallRules: [{F074CC3B-C0FC-4976-9A72-0BF1DB857327}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File FirewallRules: [{C78341EC-A155-49CD-A73C-BE3BC73DACF5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File FirewallRules: [{7474C3D8-ABF0-4B7F-9A4F-135BC132FEC2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File FirewallRules: [{7FD0DED7-51B2-4B98-B131-EA3B8AA629E9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File FirewallRules: [{BD26B09B-AFD1-4B43-82ED-8DB0B7A458F9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File FirewallRules: [{1624C483-F0D1-4B39-83E6-81E7091103BE}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File FirewallRules: [{CAFAE633-21C8-4A2B-89DB-C9D29CD069CF}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File FirewallRules: [{0455BF38-F4D9-4BCF-9992-E56A10F8C4A1}] => (Allow) D:\Program Files\Nox\bin\Nox.exe No File FirewallRules: [{5DB6114C-5745-498A-893E-44A6402BD520}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2C854FE7-FCB8-44EA-8F68-A4C7EEEC7D1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{79DE7D3E-9DBE-40A9-A4E6-A05876FC2959}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{57999D92-A754-4B3C-AB83-63380E558862}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5938A0AE-CEBD-43A7-9C6F-E06151ABB66C}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{F22A64ED-7B1A-4173-9E44-D60F0B95A23A}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{6720C6AE-4B5D-4B6A-9920-5F8265284079}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{FA7DD936-1693-4101-9B98-122F1DDA3526}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司) FirewallRules: [{84AE89C1-8E21-49FB-814A-30272211C733}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{86BE9FB3-E0DD-46BD-A38E-97A198503178}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{6681289E-6D79-42EC-9A32-E6A4EEBC0730}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{07EE5E51-5497-4FC9-8D53-39FC3CCD1C5C}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{FD559080-8F94-40E8-9070-019C54035F3B}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{7D4D7F5A-C808-4908-8D39-6D335924671C}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed] FirewallRules: [{DA43770C-7B5B-44B4-B3B1-75DAE5439956}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{226A6013-BD27-4F13-B589-4E4F824F8ADB}] => (Allow) C:\Users\Alex\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{868C39F0-7333-4EB6-AA9A-BA1FD30D79F3}] => (Allow) C:\Users\Alex\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{C0D39196-5CDF-419E-8EFF-EF0AFE032E21}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{53B08AC8-626F-48B2-8774-9FCFAD7E0180}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [UDP Query User{A62F5F0D-8A48-4DE4-9B4D-56AEA52E99D9}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe No File FirewallRules: [TCP Query User{49FEA4F2-E579-41B6-8F43-2F2A61D869B9}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe No File FirewallRules: [{D1E928E2-FCE0-417D-9917-ADD821F1D42C}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{321545A3-3BF8-439A-AA10-053810E88FC0}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{F52DCE59-DF77-4F87-8B60-C0C6287E84A3}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{24515E23-D6F2-4A4A-91E2-E91C2660D8D2}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司) FirewallRules: [{DE98A226-5D8B-4AC8-94D0-52E783091897}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{742EE7DA-E373-415D-926F-CFAD506B01D2}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{A53C8DB6-1BE4-4DA7-89E5-7FFA0A14CB5C}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{06AE5CC8-5C2E-4F9E-99D7-DD4C46D722EF}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{91EA2ED4-500F-408A-8641-21A5EF3D0C0E}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{942A1A1B-7EE9-4777-BFED-8EA6E0705CBC}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed] FirewallRules: [{69E9319C-B678-4BD9-92A5-7D5E38821E67}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{2E6451A3-AD40-4FB8-ACCF-42D64BD1FD2C}] => (Allow) E:\Games\Steam\Steam.exe No File FirewallRules: [{AA615BA0-1374-42A0-B4AA-80D8CDDAEC96}] => (Allow) E:\Games\Steam\Steam.exe No File FirewallRules: [UDP Query User{E97CE564-7775-4244-8BF4-5835BD6E5E56}D:\downloads\chrome\anydesk.exe] => (Allow) D:\downloads\chrome\anydesk.exe No File FirewallRules: [TCP Query User{C57139D4-BD70-4180-9C1F-E837F7D4926B}D:\downloads\chrome\anydesk.exe] => (Allow) D:\downloads\chrome\anydesk.exe No File FirewallRules: [{6ED47E32-23DC-47E2-B18B-1285D2A35999}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{747C537C-EBDD-4722-8214-7DB0995717C0}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{20BAAE53-1AD8-4317-97D3-760FD8EBC8F2}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{A3C2388C-2A35-4636-9130-DCB1874558D0}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed] FirewallRules: [{A6A3C05E-49BF-4C1A-86DE-26106BA2864B}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{2893747B-7DBE-4AA9-ABCA-9433AB8436D1}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{4741CF36-B0FD-457D-B00B-9090E047BD91}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{9F73FE48-AD47-4300-B389-BA09F6BA86D5}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{9E879F1D-0483-496D-A8F3-CF828E4462D6}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司) FirewallRules: [{522C1C54-2138-4E6D-A1AE-416D46310078}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{AA6A741B-AFE9-40E9-A266-CE295989D451}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{BCB4CA02-247B-4733-B858-8770361B9DF0}] => (Allow) e:\games\txgameassistant\ui\TxGaDcc.exe No File FirewallRules: [{8AD92706-634E-404E-87FC-9D8DD61EAC75}] => (Allow) e:\games\txgameassistant\ui\bugreport.exe No File FirewallRules: [{7AD4EE32-8D90-4934-B495-BD5D12AEC29E}] => (Allow) e:\games\txgameassistant\ui\TInst.exe No File FirewallRules: [{E42F771E-F12D-4394-8EFE-2E31FCC28AE4}] => (Allow) e:\games\txgameassistant\ui\adb.exe No File FirewallRules: [{3CBCE643-9C22-4ED6-B82F-5C53F9BBD23F}] => (Allow) e:\games\txgameassistant\ui\AndroidEmulator.exe No File FirewallRules: [{3137AC8F-72A3-4177-9A61-C4DFC329E4B8}] => (Allow) C:\Users\Alex\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{56E1FD55-418C-4C64-8B2A-458E570847E6}] => (Allow) C:\Users\Alex\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{25CE14BE-EDAB-48DB-8581-048D10EEFD10}] => (Allow) C:\Users\Alex\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{FE27430A-4817-4A91-B1F8-71DB66FADBB6}] => (Allow) C:\Users\Alex\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{654377F1-94F4-43ED-9321-57CF691166E6}] => (Allow) e:\games\txgameassistant\appmarket\GF186\TUpdate.exe No File FirewallRules: [{5E369E1D-8B5D-486E-A38E-3561DBBA73A7}] => (Allow) e:\games\txgameassistant\appmarket\GameDownload.exe No File FirewallRules: [{8E445166-CCC9-4E46-81DC-8778725E3318}] => (Allow) e:\games\txgameassistant\appmarket\QQExternal.exe No File FirewallRules: [{E89379BB-0C5A-4AE8-B7E0-FB77AC96AB2F}] => (Allow) e:\games\txgameassistant\appmarket\bugreport.exe No File FirewallRules: [{CEDF9A67-A974-419E-A2FB-F7832228FB2C}] => (Allow) e:\games\txgameassistant\appmarket\TInst.exe No File FirewallRules: [{F1599F47-CA17-4441-95CF-30E7B288BBCC}] => (Allow) e:\games\txgameassistant\appmarket\AppMarket.exe No File FirewallRules: [{D0CCAC36-4564-4783-AF55-692C46802F5A}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{14D96340-9356-4D76-BCD0-2973CB6BAD03}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{EDF0B0EE-DBA9-48A6-B75B-B9E4560E083C}] => (Allow) D:\Games\Steam\Steam.exe No File FirewallRules: [{7719CAFD-4793-4DA6-90D9-D697BBD0928D}] => (Allow) D:\Games\Steam\Steam.exe No File FirewallRules: [{71E7D3D7-9EA8-4CA6-8D13-0E1D6673722F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File FirewallRules: [{35E7BF1F-B4DB-43A1-BB32-CDC02A38F97B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File FirewallRules: [{51726D9E-8F81-4B4B-A746-7983065BC0C8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{25BA10AF-B5E2-49E6-8321-E9B268830FE9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B4D1EBD6-E8EB-44D4-86CA-39C8DA21B505}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File FirewallRules: [{AB81E5D9-4A3E-472A-A1E5-1667B6088DC5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File FirewallRules: [{4CF9B394-93F6-46E8-9FC7-4C1A570482A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{CB97AB2D-B46F-444F-9440-300ABC0C839C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E58A2172-5AC4-4D6C-A2EB-0B3BAC567233}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd) FirewallRules: [{D332C7A4-7F8A-47DC-BE2F-EA0FB0729A16}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{CF1A27CB-60FD-45D8-B251-2FBA6160B920}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{17DBCFEB-90FD-40D3-8604-2A3A84A317AA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{E1979933-86EE-4CB0-A4E7-5A69CE183812}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File FirewallRules: [{553E4DA6-0E06-4A3B-A0FF-8490398E9FE5}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe No File FirewallRules: [{998C3280-346E-4280-ABE7-B63B6617579B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File FirewallRules: [{03EE8B07-C2EE-4E45-9524-799739B2C20E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe No File FirewallRules: [{9FB9C183-38B6-40DD-8A46-7A67BBB39F17}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{16048E09-6E6B-40B1-AF7E-1BE22C7AE6E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{935B2B93-36FC-4610-A272-DE7255CA0705}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File FirewallRules: [{A6B56197-67EA-496D-9BC5-3FE527854249}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File FirewallRules: [{8D9948AB-EA67-453B-ADBB-34FE2D165C5D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{F8022175-726D-4012-8AD5-1426A046D619}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{06198D7A-A823-478B-8F30-ABBA598A7178}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 29-10-2019 15:35:13 Windows Update 30-10-2019 09:35:51 Revo Uninstaller Pro's restore point - Adobe Photoshop CC 2019 30-10-2019 09:37:13 Revo Uninstaller Pro's restore point - Adobe Creative Cloud 30-10-2019 09:38:39 Revo Uninstaller Pro's restore point - CCleaner 30-10-2019 09:41:17 Revo Uninstaller Pro's restore point - Spotify 30-10-2019 09:42:28 Revo Uninstaller Pro's restore point - Adobe Acrobat DC 30-10-2019 09:42:47 Removed Adobe Acrobat DC. 01-11-2019 17:51:51 Removed Avast Driver Updater ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (11/04/2019 10:14:57 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: ALEX-ASUS) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. System errors: ============= CodeIntegrity: =================================== Date: 2019-11-04 10:11:51.674 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-04 10:11:51.569 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-04 10:11:51.433 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-04 10:11:51.333 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-04 10:11:51.250 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-04 10:11:51.150 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-04 10:11:51.056 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2019-11-04 10:11:50.917 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. X510UF.303 04/17/2019 Motherboard: ASUSTeK COMPUTER INC. X510UF Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz Percentage of memory in use: 31% Total physical RAM: 16263 MB Available physical RAM: 11220.09 MB Total Virtual: 18695 MB Available Virtual: 13215.28 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:173.23 GB) (Free:88.8 GB) NTFS Drive d: (Local Disk) (Fixed) (Total:303.11 GB) (Free:170.98 GB) NTFS \\?\Volume{e9b623dc-f55c-4bba-a020-4a42ae37fea6}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS \\?\Volume{02c80970-8e73-4501-9d3a-9ca8f75eb092}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================