Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

need help with omnibox [Solved]

Started by shubhamimortal , Mar 31 2017 03:20 AM
omnibox

  • This topic is locked This topic is locked

#76
JSntgRvr
Posted 17 May 2017 - 08:27 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
That entry is ok. In your position, I would remove Chrome completely from the computer, and reinstall. Also, if using a router, reset it to factory settings.

Keep me posted.
  • 0

Advertisements

#77
shubhamimortal
Posted 18 May 2017 - 12:24 AM

shubhamimortal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts

let it be so i will deleat every thing on crome and even folder lets see it get resolved 


Edited by shubhamimortal, 18 May 2017 - 12:25 AM.

  • 0

#78
JSntgRvr
Posted 18 May 2017 - 06:18 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
OK.
  • 0

#79
shubhamimortal
Posted 24 May 2017 - 03:35 AM

shubhamimortal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts

i have uninstalled crome and downloaded fire fox and fire fox is working fine i think i wont install crome again and go with fire fox

 

tx for the help brother i am really thankfull

 

can you teach me how FRST works


  • 0

#80
JSntgRvr
Posted 24 May 2017 - 12:57 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

Firefox is a good browser. Lets remove the diagnostics tools:

 

Please download DelFix by Xplode and save to your Desktop.

  • Double-click on delfix.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator.
  • Put a check mark next to these items:
    - Remove disinfection tools
    - Create registry backup
    delfix.jpg
    .
  • Click the "Run" button.
  • When the tool has finished, it will create and open a log report (DelFix.txt)


  • 0

#81
shubhamimortal
Posted 25 May 2017 - 11:55 PM

shubhamimortal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts

no firefox is alo having popups but no redirect  http://newstarads.co...?zoneid=1151778and than sampe page is redirected to https://www.bet365.c...iate=365_633700


Edited by shubhamimortal, 25 May 2017 - 11:56 PM.

  • 0

#82
JSntgRvr
Posted 26 May 2017 - 07:28 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

Lets see another FRST scan and the addition.txt log.


  • 0

#83
shubhamimortal
Posted 31 May 2017 - 12:41 AM

shubhamimortal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-05-2017
Ran by lenovo (administrator) on LENOVO-PC (31-05-2017 12:01:08)
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo (Available Profiles: lenovo)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TATIJ3E.EXE
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow32.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-10] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [uTorrent] => C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe [2147520 2017-03-28] (BitTorrent Inc.)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [Dropbox Update] => C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [Google Update] => C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-30] (Google Inc.)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIJ3E.EXE [256640 2012-05-21] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-09-18] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-05-10] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-11-29]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-11-29]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-11-29]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-05-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * bootdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81A5830E-15BB-459C-93EB-096DDA1E65C2}: [NameServer] 218.248.114.197 218.248.114.193
Tcpip\..\Interfaces\{91159599-D312-46D2-B512-3DA51681A45C}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{D3027A75-D66F-4433-980F-232806964DAC}: [DhcpNameServer] 192.168.1.1
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-30] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-30] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-30] (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\g0fr3euz.default [2017-05-31]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\g0fr3euz.default -> V9
FF Extension: (Screengrab (fix version)) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\g0fr3euz.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2017-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-16] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-30] (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\lenovo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\lenovo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @talk.google.com/O1DPlugin -> C:\Users\lenovo\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @tools.google.com/Google Update;version=3 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @tools.google.com/Google Update;version=9 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\lenovo\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\lenovo\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\lenovo\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5732136 2017-05-10] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-10] (AVAST Software)
S4 Change Modem Device Service; C:\Windows\System32\ChgService.exe [135168 2012-11-19] () [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
S4 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () [File not signed]
S2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]
S4 Tally License Server 6.0; C:\Program Files\Tally.ERP9\tallylicserver.exe [408064 2011-06-27] () [File not signed]
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-10-25] (Lenovo Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [258288 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [148696 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [268016 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [41664 2017-05-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34136 2017-05-10] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [31064 2017-05-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107928 2017-05-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [90336 2017-05-10] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [62152 2017-05-10] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [764576 2017-05-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [482608 2017-05-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [115152 2017-05-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [279800 2017-05-10] (AVAST Software)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [105984 2012-11-19] (QUALCOMM Incorporated)
R1 funfrm; C:\Windows\system32\Drivers\funfrm.sys [54800 2012-01-25] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43376 2016-04-21] ()
R0 LHDmgr; C:\Windows\System32\DRIVERS\LhdX86.sys [32352 2010-01-15] (Lenovo.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [178904 2017-05-13] (Malwarebytes)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2011-03-02] (Intel Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [20640 2005-03-12] (Sonic Solutions) [File not signed]
S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [218624 2011-03-02] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2012-05-07] () [File not signed]
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [146816 2013-07-12] (Microsoft Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
R1 ZAM; C:\Windows\System32\drivers\zam32.sys [181496 2017-05-08] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard32.sys [181496 2017-05-08] (Zemana Ltd.)
U3 aib782po; C:\Windows\system32\Drivers\aib782po.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-31 12:01 - 2017-05-31 12:05 - 00017266 _____ C:\Users\lenovo\Desktop\FRST.txt
2017-05-31 11:47 - 2017-05-31 11:47 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-29 16:13 - 2017-05-29 16:14 - 00072704 _____ C:\Users\lenovo\Downloads\Stock-Statement_Format_AB.xls
2017-05-27 13:53 - 2017-05-27 17:37 - 00020341 _____ C:\Users\lenovo\Desktop\Copy of BRIDGES REUNION 16-17 JUNE'17.xlsx
2017-05-26 11:39 - 2017-05-26 11:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-22 19:38 - 2017-05-22 19:38 - 00012469 _____ C:\Users\lenovo\Desktop\vijaya 22 may.xlsx
2017-05-22 14:07 - 2017-05-22 14:07 - 00001235 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2017-05-22 14:07 - 2017-05-22 14:07 - 00000000 ____D C:\Users\lenovo\AppData\Local\VS Revo Group
2017-05-22 14:07 - 2017-05-22 14:07 - 00000000 ____D C:\ProgramData\VS Revo Group
2017-05-22 14:07 - 2017-05-22 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2017-05-22 14:07 - 2017-05-22 14:07 - 00000000 ____D C:\Program Files\VS Revo Group
2017-05-22 14:07 - 2016-12-21 14:52 - 00035632 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2017-05-21 15:36 - 2017-05-21 15:36 - 00088064 _____ C:\Users\lenovo\Downloads\bharat 01.04.16 TO 31.03.17 (3).xls
2017-05-21 15:34 - 2017-05-21 15:34 - 00088064 _____ C:\Users\lenovo\Downloads\bharat 01.04.16 TO 31.03.17 (2).xls
2017-05-19 18:44 - 2017-05-19 18:44 - 00010145 _____ C:\Users\lenovo\Desktop\fleet.xlsx
2017-05-19 18:30 - 2017-05-19 18:30 - 00014420 _____ C:\Users\lenovo\Desktop\Vendor evaluation_Norms.xlsx
2017-05-19 15:20 - 2017-05-19 15:20 - 00015508 _____ C:\Users\lenovo\Downloads\Vendor evaluation_Norms.xlsx
2017-05-18 19:33 - 2017-05-20 18:41 - 00051349 _____ C:\Users\lenovo\Desktop\cg in progress.xlsx
2017-05-18 11:54 - 2017-05-18 11:54 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-18 11:40 - 2017-05-18 11:41 - 00085348 _____ C:\Users\lenovo\Documents\cc_20170518_114049.reg
2017-05-18 11:25 - 2017-05-18 11:25 - 00648288 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-17 17:25 - 2017-05-17 17:25 - 00236728 _____ C:\Users\lenovo\AppData\Local\GDIPFONTCACHEV1.DAT
2017-05-17 12:07 - 2017-05-17 12:08 - 09547560 _____ (Piriform Ltd) C:\Users\lenovo\Downloads\ccsetup530pro.exe
2017-05-17 12:00 - 2017-05-17 12:03 - 00431548 _____ C:\TDSSKiller.3.1.0.15_17.05.2017_12.00.24_log.txt
2017-05-15 18:02 - 2017-05-16 19:07 - 00000000 ____D C:\Users\lenovo\Desktop\to check
2017-05-15 12:19 - 2017-05-16 11:39 - 00027845 _____ C:\Users\lenovo\Desktop\cg.xlsx
2017-05-14 13:00 - 2017-05-14 13:02 - 00000000 ____D C:\AdwCleaner
2017-05-14 12:59 - 2017-05-14 12:59 - 04102600 _____ C:\Users\lenovo\Downloads\adwcleaner_6.046 (1).exe
2017-05-14 11:49 - 2017-05-14 11:50 - 11534624 _____ (VS Revo Group ) C:\Users\lenovo\Downloads\RevoUninProSetup.exe
2017-05-14 11:30 - 2017-05-14 11:30 - 04102600 _____ C:\Users\lenovo\Desktop\adwcleaner_6.046.exe
2017-05-14 11:27 - 2017-05-14 11:27 - 00006549 _____ C:\Users\lenovo\Downloads\Fixlist.txt
2017-05-13 17:30 - 2017-05-13 17:33 - 19044562 _____ C:\Users\lenovo\Downloads\mbar-1.09.3.1001.zip
2017-05-13 17:29 - 2017-05-13 17:29 - 01663672 _____ (Malwarebytes) C:\Users\lenovo\Desktop\JRT.exe
2017-05-13 11:53 - 2017-05-13 11:55 - 16564750 _____ (Malwarebytes Corp.) C:\Users\lenovo\Desktop\mbar-1.09.4.1001.exe
2017-05-13 11:14 - 2017-04-28 06:06 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-05-13 11:14 - 2017-04-28 06:06 - 03945192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-13 11:14 - 2017-04-28 06:06 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-05-13 11:14 - 2017-04-28 06:06 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-05-13 11:14 - 2017-04-28 06:04 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-05-13 11:14 - 2017-04-28 06:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-05-13 11:14 - 2017-04-28 05:41 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-05-13 11:14 - 2017-04-28 05:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-05-13 11:14 - 2017-04-28 05:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-05-13 11:14 - 2017-04-28 05:41 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-13 11:14 - 2017-04-28 05:41 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-13 11:14 - 2017-04-28 05:39 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-05-13 11:14 - 2017-04-28 05:37 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-13 11:14 - 2017-04-28 05:37 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-13 11:14 - 2017-04-28 05:37 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-13 11:14 - 2017-04-28 05:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-05-13 11:14 - 2017-04-28 05:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-05-13 11:14 - 2017-04-28 05:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-05-13 11:14 - 2017-04-28 05:37 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-05-13 11:14 - 2017-04-26 20:21 - 02400768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-13 11:14 - 2017-04-21 20:45 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-05-13 11:14 - 2017-04-20 04:46 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 01417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:24 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-05-13 11:14 - 2017-04-17 20:21 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-05-13 11:14 - 2017-04-17 20:18 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-13 11:14 - 2017-04-17 20:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-13 11:14 - 2017-04-16 13:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-05-13 11:14 - 2017-04-16 13:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-05-13 11:14 - 2017-04-16 13:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-05-13 11:14 - 2017-04-16 13:31 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-13 11:14 - 2017-04-16 13:31 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-05-13 11:14 - 2017-04-16 13:31 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-05-13 11:14 - 2017-04-16 13:30 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-13 11:14 - 2017-04-16 13:23 - 02290176 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-13 11:14 - 2017-04-16 13:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-05-13 11:14 - 2017-04-16 13:22 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-05-13 11:14 - 2017-04-16 13:19 - 20278272 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-13 11:14 - 2017-04-16 13:18 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-05-13 11:14 - 2017-04-16 13:17 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-13 11:14 - 2017-04-16 13:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-05-13 11:14 - 2017-04-16 13:17 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-13 11:14 - 2017-04-16 13:16 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-05-13 11:14 - 2017-04-16 13:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-05-13 11:14 - 2017-04-16 13:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-05-13 11:14 - 2017-04-16 13:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-05-13 11:14 - 2017-04-16 12:59 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-13 11:14 - 2017-04-16 12:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-05-13 11:14 - 2017-04-16 12:55 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-05-13 11:14 - 2017-04-16 12:54 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-13 11:14 - 2017-04-16 12:52 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-13 11:14 - 2017-04-16 12:50 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-05-13 11:14 - 2017-04-16 12:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-13 11:14 - 2017-04-16 12:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-13 11:14 - 2017-04-16 12:40 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-13 11:14 - 2017-04-16 12:38 - 04548608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-13 11:14 - 2017-04-16 12:38 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-13 11:14 - 2017-04-16 12:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-05-13 11:14 - 2017-04-16 12:23 - 13661184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-13 11:14 - 2017-04-16 12:07 - 02767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-13 11:14 - 2017-04-16 12:04 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-13 11:14 - 2017-04-16 12:04 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-13 11:14 - 2017-04-12 20:56 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-05-13 11:14 - 2017-04-12 20:55 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-13 11:14 - 2017-04-12 20:55 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-05-13 11:14 - 2017-04-12 20:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-05-13 11:14 - 2017-04-07 20:56 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-13 11:14 - 2017-04-07 20:56 - 00218856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-13 11:14 - 2017-04-07 20:51 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-13 11:14 - 2017-04-07 20:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-05-13 11:14 - 2017-04-05 20:30 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-13 11:14 - 2017-04-05 20:30 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-13 11:14 - 2017-04-05 20:30 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-05-13 11:14 - 2017-04-04 20:55 - 01309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-05-13 11:14 - 2017-04-04 20:55 - 00240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-05-13 11:14 - 2017-04-04 20:55 - 00187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-05-13 11:14 - 2017-04-04 20:22 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-05-13 11:14 - 2017-04-04 20:22 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-05-13 11:14 - 2017-03-10 21:50 - 01508352 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-05-13 11:14 - 2017-03-10 21:50 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-05-13 11:14 - 2017-03-10 21:22 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-05-13 11:14 - 2017-03-10 21:21 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-05-13 11:14 - 2017-03-10 21:21 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-05-13 11:14 - 2017-03-09 21:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-05-12 14:31 - 2017-05-13 11:36 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\Epson
2017-05-12 12:13 - 2017-05-12 12:13 - 00000165 ____H C:\Users\lenovo\Downloads\~$cg.xlsx
2017-05-12 12:11 - 2017-05-12 18:46 - 00026774 _____ C:\Users\lenovo\Downloads\cg.xlsx
2017-05-12 12:01 - 2017-05-12 12:01 - 00000000 ____D C:\Program Files\Common Files\EPSON
2017-05-12 11:59 - 2017-05-12 11:59 - 00002307 _____ C:\Users\Public\Desktop\Epson User's Guide M200 Series.lnk
2017-05-12 11:59 - 2017-05-12 11:59 - 00002300 _____ C:\Users\Public\Desktop\Epson Network Guide M200 Series.lnk
2017-05-12 11:59 - 2017-05-12 11:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2017-05-12 11:59 - 2017-05-12 11:59 - 00000000 ____D C:\Program Files\Epson Software
2017-05-12 11:57 - 2017-05-12 11:57 - 00000000 ____D C:\Program Files\EpsonNet
2017-05-12 11:57 - 2011-08-30 13:39 - 00457780 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll
2017-05-12 11:57 - 2011-08-30 13:39 - 00457780 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll
2017-05-12 11:57 - 2011-08-30 13:38 - 00475496 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll
2017-05-12 11:57 - 2011-08-30 13:38 - 00475496 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll
2017-05-12 11:57 - 2011-08-01 18:24 - 00249344 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enspres.dll
2017-05-12 11:57 - 2011-08-01 18:24 - 00249344 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enpres.dll
2017-05-12 11:55 - 2017-05-12 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-05-12 11:55 - 2017-05-12 11:59 - 00000000 ____D C:\Program Files\epson
2017-05-12 11:55 - 2017-05-12 11:55 - 00000935 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2017-05-12 11:55 - 2012-07-24 00:00 - 00342016 _____ (Seiko Epson Corporation) C:\Windows\system32\esw2ud.dll
2017-05-12 11:55 - 2011-12-12 00:00 - 00122000 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc.exe
2017-05-12 11:54 - 2017-05-13 12:16 - 00000000 ____D C:\ProgramData\EPSON
2017-05-12 11:54 - 2011-04-19 23:33 - 00095232 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_TLBJ3E.DLL
2017-05-12 11:54 - 2011-03-14 23:33 - 00081408 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_TD4BJ3E.DLL
2017-05-12 11:54 - 2007-04-09 21:36 - 00008192 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_DCINST.DLL
2017-05-11 13:30 - 2017-05-11 13:30 - 00110428 _____ C:\Users\lenovo\Downloads\1323.pdf
2017-05-10 17:22 - 2017-05-10 17:22 - 00330768 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-10 12:14 - 2017-05-10 12:22 - 00007615 _____ C:\Users\lenovo\AppData\Local\Resmon.ResmonCfg
2017-05-08 12:21 - 2017-05-08 12:21 - 00181496 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard32.sys
2017-05-08 12:21 - 2017-05-08 12:21 - 00181496 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam32.sys
2017-05-08 12:21 - 2017-05-08 12:21 - 00001893 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-05-08 12:21 - 2017-05-08 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-05-08 12:17 - 2017-05-08 12:18 - 05774688 _____ (Zemana Ltd. ) C:\Users\lenovo\Desktop\Zemana.AntiMalware.Setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-31 12:03 - 2016-12-29 11:08 - 00048418 _____ C:\Windows\ZAM.krnl.trace
2017-05-31 12:03 - 2016-12-29 11:08 - 00020611 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-05-31 12:01 - 2017-04-13 15:51 - 00000000 ____D C:\FRST
2017-05-31 12:00 - 2017-04-17 11:43 - 00000000 ____D C:\Users\lenovo\Desktop\FRST-OlderVersion
2017-05-31 12:00 - 2017-04-13 15:50 - 01769984 _____ (Farbar) C:\Users\lenovo\Desktop\FRST.exe
2017-05-31 11:55 - 2009-07-14 10:04 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-31 11:55 - 2009-07-14 10:04 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-31 11:47 - 2012-05-01 23:39 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\uTorrent
2017-05-31 11:46 - 2012-10-14 07:47 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2017-05-31 11:45 - 2009-07-14 10:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-30 14:24 - 2015-06-19 12:24 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA.job
2017-05-30 13:47 - 2009-07-14 10:22 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-05-29 16:24 - 2015-06-19 12:24 - 00000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core.job
2017-05-29 15:33 - 2013-04-06 00:28 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA.job
2017-05-29 14:57 - 2012-01-25 22:05 - 00785794 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-29 14:57 - 2009-07-14 08:07 - 00000000 ____D C:\Windows\inf
2017-05-26 18:20 - 2016-06-29 11:57 - 00000000 ____D C:\Windows\system32\MRT
2017-05-26 18:17 - 2016-06-29 11:57 - 129479984 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-26 15:38 - 2017-02-04 13:05 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-05-26 11:36 - 2012-01-25 22:18 - 00000000 ____D C:\Users\lenovo\AppData\Local\Mozilla
2017-05-23 15:00 - 2015-11-03 10:33 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\MPC-HC
2017-05-23 15:00 - 2012-01-27 00:51 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\vlc
2017-05-22 17:23 - 2012-01-25 22:24 - 00000000 ____D C:\Users\lenovo\AppData\Local\Microsoft Help
2017-05-22 16:17 - 2015-05-23 18:57 - 00000000 ____D C:\Program Files\Google
2017-05-22 16:17 - 2012-07-29 08:39 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\Google
2017-05-22 16:17 - 2012-05-01 23:40 - 00000000 ____D C:\Users\lenovo\AppData\Local\Google
2017-05-20 10:53 - 2015-06-19 12:24 - 00000000 ____D C:\Users\lenovo\AppData\Local\Dropbox
2017-05-18 11:54 - 2014-10-03 13:04 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\Dropbox
2017-05-17 12:13 - 2017-02-13 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tally.ERP 9
2017-05-17 12:13 - 2017-02-12 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tally 9
2017-05-17 12:13 - 2012-11-17 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Condition Zero
2017-05-17 12:13 - 2012-05-09 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
2017-05-17 12:13 - 2012-01-25 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jardinains!
2017-05-17 12:13 - 2012-01-25 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2017-05-17 12:11 - 2017-02-04 12:29 - 00000000 ____D C:\Users\lenovo\AppData\Local\CrashDumps
2017-05-17 12:11 - 2009-07-14 08:07 - 00000000 ____D C:\Windows\ModemLogs
2017-05-17 00:33 - 2013-04-06 00:28 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core.job
2017-05-16 19:03 - 2012-05-01 15:14 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-05-16 19:03 - 2012-05-01 15:14 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-05-16 19:03 - 2012-05-01 15:14 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-13 15:35 - 2017-01-13 12:40 - 00000000 ____D C:\Windows\rescache
2017-05-13 13:54 - 2009-07-14 08:07 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-13 13:26 - 2017-04-15 13:58 - 00000000 ____D C:\Users\lenovo\Desktop\mbar
2017-05-13 13:26 - 2017-04-05 13:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-13 12:01 - 2017-04-15 14:05 - 00178904 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-13 11:56 - 2017-04-15 13:58 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-05-13 11:45 - 2017-03-17 11:57 - 00000000 ____D C:\Users\lenovo\Desktop\u teck
2017-05-13 11:37 - 2012-01-25 22:01 - 00000000 ____D C:\Users\lenovo
2017-05-13 11:19 - 2017-04-13 15:33 - 00002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-13 10:56 - 2017-04-30 12:47 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-05-12 11:59 - 2012-01-25 22:07 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-05-10 17:22 - 2017-04-30 12:47 - 00482608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-10 17:22 - 2017-04-30 12:47 - 00279800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-10 17:22 - 2017-04-30 12:47 - 00107928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-10 17:22 - 2017-04-30 12:47 - 00090336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-10 17:22 - 2017-04-30 12:47 - 00062152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-10 17:22 - 2017-04-30 12:47 - 00034136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-10 17:21 - 2017-04-30 12:58 - 00031064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-05-10 17:21 - 2017-04-30 12:47 - 00764576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-10 17:21 - 2017-04-30 12:47 - 00268016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-05-10 17:21 - 2017-04-30 12:47 - 00258288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-05-10 17:21 - 2017-04-30 12:47 - 00148696 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-05-10 17:21 - 2017-04-30 12:47 - 00041664 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-05-10 11:39 - 2014-10-03 13:14 - 00000000 ___RD C:\Users\lenovo\Dropbox
2017-05-08 12:21 - 2017-03-25 11:33 - 00000000 ____D C:\Program Files\Zemana AntiMalware

==================== Files in the root of some directories =======

2017-05-10 12:14 - 2017-05-10 12:22 - 0007615 _____ () C:\Users\lenovo\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-24 16:16

==================== End of FRST.txt ============================


  • 0

#84
shubhamimortal
Posted 31 May 2017 - 12:42 AM

shubhamimortal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-05-2017
Ran by lenovo (31-05-2017 12:05:40)
Running from C:\Users\lenovo\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2012-01-25 16:31:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1450707365-3114357019-3030383042-500 - Administrator - Disabled)
Guest (S-1-5-21-1450707365-3114357019-3030383042-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1450707365-3114357019-3030383042-1002 - Limited - Enabled)
lenovo (S-1-5-21-1450707365-3114357019-3030383042-1000 - Administrator - Enabled) => C:\Users\lenovo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
Able2Extract Professional v6.0 (HKLM\...\Able2Extract Professional v6.0) (Version:  - )
Adobe Flash Player 25 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM\...\Adobe PageMaker 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.19) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.4.51 - Conexant)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Dropbox) (Version: 26.4.24 - Dropbox, Inc.)
EasyCapture (HKLM\...\EasyCapture4.0) (Version: V4.0.09.0731 - Lenovo)
EditPad Lite 7.3.8 (HKLM\...\EditPad Lite) (Version: 7.3.8 - Just Great Software)
Energy Management (HKLM\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.5 - Lenovo)
Energy Management (Version: 6.0.1.5 - Lenovo) Hidden
ePass2003 (HKLM\...\ePass2003-4FE7-A218-48BDAE051E2B_std) (Version: 1.1.14.709 - Feitian Technologies Co., Ltd.)
Epson Event Manager (HKLM\...\{C9AC7ED6-FD1C-4E83-8553-ECF8BCA111E8}) (Version: 3.01.0007 - Seiko Epson Corporation)
EPSON M200 Series Printer Uninstall (HKLM\...\EPSON M200 Series) (Version:  - SEIKO EPSON Corporation)
Epson Network Guide M200 Series (HKLM\...\M200 Series Netg) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson User's Guide M200 Series (HKLM\...\M200 Series Useg) (Version:  - )
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
HP LaserJet Pro MFP M125-M126 (HKLM\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 8.0.14087.1054 - Hewlett-Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM126DSService (Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (Version: 3.0.26.59 - HP) Hidden
HPLJDXPHelper (Version: 060.048.005 - HP) Hidden
HPLJProMFPM125M126 (HKLM\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (Version: 008.000.0001 - HP) Hidden
HPLJUTM125_126 (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM125-M126 (Version: 080.046.00113 - Hewlett-Packard) Hidden
IIS 7.5 Express (HKLM\...\{3A30B5F5-F12C-490F-8CD4-D200C75DF7E8}) (Version: 7.5.1190 - Microsoft Corporation)
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2279 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lenovo EasyCamera (HKLM\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1209.1 - Lenovo EasyCamera)
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
LightScribe System Software  1.10.27.1 (HKLM\...\{CBCF859F-04BE-4A07-B6FA-F4FAD69EF1ED}) (Version: 1.10.27.1 - hxxp://www.lightscribe.com)
LINE (HKLM\...\LINE) (Version: 4.1.2.525 - LINE Corporation)
LJDXPHelperUI (Version: 060.048.005 - HP) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Application Compatibility Toolkit 5.6 (HKLM\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{1596098A-FCEC-48F0-B7C7-08A31B771033}) (Version: 7.03.0918 - Nero AG)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
Python 2.7.10 (HKLM\...\{E2B51919-207A-43EB-AE78-733F9C6797C2}) (Version: 2.7.10150 - Python Software Foundation)
Realtek USB 2.0 Reader Driver (HKLM\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
SafeZone Stable 3.55.2393.596 (Version: 3.55.2393.596 - Avast Software) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
Tally.ERP 9 (HKLM\...\{854D0F4D-7EFC-4EBB-A7ED-6D7E8DD3F017}) (Version:  - ©Tally Solutions Pvt. Ltd., 1988-2009.)
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
Typing Instructor Platinum (HKLM\...\{F358C0E1-B8DD-43A4-8B2E-269710247F16}) (Version: 21.00.0000 - Individual Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410A}) (Version: 21.0.12288 - WinZip Computing, S.L. )
Xfire (remove only) (HKLM\...\Xfire) (Version:  - )
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.0.388 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{449CFB1B-1C07-48EA-9A9A-7A7881C2B49B}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{53B5243F-8302-4DAD-BE8F-1D0665E8225E}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO3.dll (Hewlett-Packard Company)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\lenovo\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08B3726E-7946-48AD-B127-3B367AD6F9FD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core => C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {1E38F814-553E-47E5-A63F-C12B22672517} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-16] (Adobe Systems Incorporated)
Task: {2CD8A13C-D387-4034-B13F-80400C1B9FCA} - System32\Tasks\SafeZone scheduled Autoupdate 1493537364 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {2DAF0963-3518-43A6-B0B2-FC60C5C64B44} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-18] (Adobe Systems Incorporated)
Task: {42DEE3D0-6115-457D-B0A0-241770E39A0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-04-13] (Google Inc.)
Task: {58BEB454-DF1A-4FC5-A9DE-7D52AB9FF71D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA => C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {629FE72A-398A-4C69-9079-0F1365A5C93A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core => C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {64A97AD7-CB0B-4145-B3C3-C9F23C6E5FB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-16] (Adobe Systems Incorporated)
Task: {6DCE60F6-D94A-4504-8AAD-433CFAB9AA71} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-30] (AVAST Software)
Task: {77771A96-49D9-46C7-A53B-6E354150073C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-10] (AVAST Software)
Task: {79050ED9-BBE5-4EE5-BEE0-A69D15AA0034} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A2EE3336-089C-4187-A778-8C4BE758CF5A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA => C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {A5490C5A-11BA-4C74-8630-47FCB561601D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A8041C4C-67DD-4348-9665-E1543B0AC3E4} - System32\Tasks\{FEC9547F-F20B-4A03-B4C2-D86D6BB9C500} => pcalua.exe -a "C:\Users\lenovo\Downloads\Tally ERP 9 Release 5.3.1 with Crack-easy to Activate-2016\setup.exe" -d "C:\Users\lenovo\Downloads\Tally ERP 9 Release 5.3.1 with Crack-easy to Activate-2016"
Task: {BAAD6FD4-A389-4E9F-B2BE-0633696327D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-04-13] (Google Inc.)
Task: {C7AEF7C1-3D8D-483A-B8CD-9846F9818EDD} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-10-27] (WinZip Computing, S.L.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core.job => C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA.job => C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core.job => C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA.job => C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-05-10 17:22 - 2017-05-10 17:22 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-10 17:22 - 2017-05-10 17:22 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-10 17:22 - 2017-05-10 17:22 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-30 13:50 - 2017-05-30 13:50 - 06097640 _____ () C:\Program Files\AVAST Software\Avast\defs\17052906\algo.dll
2017-05-10 17:22 - 2017-05-10 17:22 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-05-10 17:22 - 2017-05-10 17:22 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-05-31 11:48 - 2017-05-31 11:48 - 05991936 _____ () C:\Program Files\AVAST Software\Avast\defs\17053004\algo.dll
2012-01-25 22:10 - 2005-08-03 22:32 - 00125440 _____ () C:\Program Files\WinRAR\rarext.dll
2012-09-16 22:19 - 2010-07-29 18:19 - 00234496 _____ () C:\Program Files\Total Video Converter\TVCShellExt.dll
2017-05-08 12:21 - 2017-05-08 12:21 - 00130928 _____ () C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll
2015-09-15 13:50 - 2012-09-18 15:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll
2015-09-15 13:58 - 2012-09-18 15:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2017-05-18 11:54 - 2017-05-17 02:25 - 00871744 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-05-18 11:54 - 2017-05-17 02:25 - 01787200 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2017-05-18 11:54 - 2017-04-26 06:08 - 00035792 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-05-18 11:54 - 2017-04-26 06:08 - 00100296 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-05-18 11:54 - 2017-04-26 06:08 - 00018888 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\select.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00019776 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00020824 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-05-18 11:54 - 2017-04-26 06:09 - 00123856 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-05-18 11:54 - 2017-04-26 06:08 - 00694224 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 01729360 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00020816 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-05-18 11:54 - 2017-04-26 06:08 - 00145864 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-05-18 11:54 - 2017-04-26 06:09 - 00019408 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-05-18 11:54 - 2017-04-26 06:08 - 00116688 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-05-18 11:54 - 2017-04-26 06:10 - 00105928 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-05-18 11:54 - 2017-05-17 02:31 - 00022864 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00060736 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00038712 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00024528 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-05-18 11:54 - 2017-04-26 06:08 - 00392656 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-05-18 11:54 - 2017-04-26 06:10 - 00020936 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00116176 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32security.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00392512 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00124880 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-05-18 11:54 - 2017-05-17 02:31 - 00026456 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00024016 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00175560 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00030160 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00043472 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00048592 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00057808 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00024016 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-05-18 11:53 - 2017-05-17 02:30 - 00246608 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00027488 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00022336 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-05-18 11:54 - 2017-05-17 02:31 - 00082264 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd
2017-05-18 11:54 - 2017-05-17 02:31 - 00025432 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00028616 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 01826104 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-05-18 11:54 - 2017-04-26 06:09 - 00083912 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\sip.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 01972024 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 03928896 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00171336 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00042816 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00531264 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00133432 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00224064 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00207680 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00060880 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-05-18 11:54 - 2017-05-17 02:31 - 00054608 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-05-18 11:54 - 2017-05-17 02:31 - 00022864 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-05-18 11:54 - 2017-05-17 02:31 - 00022872 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-18 11:54 - 2017-05-17 02:31 - 00021848 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-18 11:54 - 2017-05-17 02:31 - 00022872 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-05-18 11:54 - 2017-04-26 06:10 - 00349128 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-05-18 11:54 - 2017-05-17 02:31 - 00023896 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00025936 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-05-18 11:54 - 2017-04-26 06:04 - 00036296 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\librsync.dll
2017-05-18 11:54 - 2017-05-17 02:30 - 00084288 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-05-18 11:54 - 2017-05-17 02:31 - 00030536 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2017-05-18 11:54 - 2017-04-26 06:13 - 00017864 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-05-18 11:54 - 2017-04-26 06:13 - 01631184 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-05-18 11:54 - 2017-05-17 02:31 - 00026456 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-05-18 11:54 - 2017-05-17 02:31 - 00023368 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\wincrashpad.compiled._Crashpad.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00546104 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2017-05-18 11:54 - 2017-05-17 02:30 - 00357688 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2017-05-10 17:22 - 2017-05-10 17:22 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-10 17:22 - 2017-05-10 17:22 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-10 17:21 - 2017-05-10 17:21 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-10 17:21 - 2017-05-10 17:21 - 00134920 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll
2017-05-13 14:08 - 2017-05-13 14:08 - 00169984 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d61220a4a2df736b34065374250e40aa\IsdiInterop.ni.dll
2012-01-25 22:08 - 2011-01-12 17:56 - 00058880 _____ () C:\Program Files\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\lenovo\Desktop\Screenshot 2017-03-29 13.20.34.png:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\lenovo\Desktop\Screenshot 2017-03-29 14.08.49.png:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\lenovo\Desktop\Screenshot 2017-03-30 13.18.34.png:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\lenovo\Desktop\Screenshot 2017-03-30 14.37.14.png:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\lenovo\Desktop\Screenshot 2017-04-12 16.16.29.png:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\ncodesolutions.com -> hxxps://sign.ncodesolutions.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 07:34 - 2017-05-01 12:18 - 00000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 218.248.114.197 - 218.248.114.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: Change Modem Device Service => 2
MSCONFIG\Services: doyyloadrwyownloadpr => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: Tally License Server 6.0 => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WifiSrv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^lenovo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^lenovo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: Dropbox Update => "C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Energy Management => C:\Program Files\Lenovo\Energy Management\Energy Management.exe
MSCONFIG\startupreg: EnergyUtility => C:\Program Files\Lenovo\Energy Management\Utility.exe
MSCONFIG\startupreg: ePass2003_std => C:\Program Files\Feitian\ePass2003\ePassCertd_2003.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: StatusAlerts => "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: UpdatePRCShortCut => " "C:\PROGRAM FILES\LENOVO\ONEKEY APP\ONEKEY RECOVERY" UPDATEWITHCREATEONCE "SOFTWARE\LENOVO\ONEKEY APP\ONEKEY RECOVERY"
MSCONFIG\startupreg: uTorrent => "C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{E90D3F40-2480-4416-96CB-49DC83CA4F85}C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{AED30E13-E854-4537-829F-C386812ED8E3}C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{07998946-3EAD-4DB5-B340-F7928897731F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe
FirewallRules: [TCP Query User{0413F3CC-26C8-4E53-828B-5BBDBB173C3C}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6E90BF32-D1EB-41AF-A684-F6D3786785E6}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{25954FDA-FB63-4949-87BD-067F9C27AA2F}C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6D89EABF-109D-4A03-9518-5A708A534918}C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{E567225D-55A1-4744-97FA-A1A989612FD1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B86ACFFF-CEFC-49DA-A337-01389C23BDFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Users\lenovo\AppData\Roaming\icr-20-jan.exe] => Enabled:Windows Messanger
StandardProfile\AuthorizedApplications: [C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

==================== Restore Points =========================

26-05-2017 16:52:00 Scheduled Checkpoint
26-05-2017 18:16:17 Windows Update

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/29/2017 03:33:05 PM) (Source: Google Update) (EventID: 20) (User: lenovo-PC)
Description: Event-ID 20

Error: (05/26/2017 01:01:36 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={835B1D10-7110-4F94-9502-292EB9DADC47}: The user lenovo-PC\lenovo dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.

Error: (05/26/2017 01:00:15 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={ED4F1022-FF62-49BD-BA92-DF8EF8BBD0F4}: The user lenovo-PC\lenovo dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.

Error: (05/26/2017 12:58:54 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={3895E3BA-0789-444A-BEE6-9A56F2E31EA1}: The user lenovo-PC\lenovo dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.

Error: (05/26/2017 12:57:33 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={2CA3C400-8E9A-420C-A2E1-9F32252B9B48}: The user lenovo-PC\lenovo dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.

Error: (05/26/2017 12:24:51 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={A3A5D14B-3DB0-44FF-BD93-68EA7E2B2FEB}: The user lenovo-PC\lenovo dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.

Error: (05/26/2017 12:05:20 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={92AED8D6-B9A7-4171-8C11-0EED6D3273CE}: The user lenovo-PC\lenovo dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.

Error: (05/26/2017 12:03:59 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={4B81077B-BB0C-4D2A-8E54-278B1D931B67}: The user lenovo-PC\lenovo dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.

Error: (05/26/2017 12:02:38 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={50C7DE57-847E-4AB6-9470-D5605CED2FB1}: The user lenovo-PC\lenovo dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.

Error: (05/26/2017 12:01:17 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={545C7327-278E-4080-BA9A-C28C61561159}: The user lenovo-PC\lenovo dialed a connection named Broadband Connection which has failed. The error code returned on failure is 651.


System errors:
=============
Error: (05/29/2017 03:14:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:06:32 PM on ‎5/‎29/‎2017 was unexpected.

Error: (05/27/2017 03:39:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:09:00 PM on ‎5/‎27/‎2017 was unexpected.

Error: (05/26/2017 03:38:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:40:42 PM on ‎5/‎26/‎2017 was unexpected.

Error: (05/26/2017 10:56:39 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:26:55 PM on ‎5/‎25/‎2017 was unexpected.

Error: (05/24/2017 06:42:22 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (05/23/2017 12:30:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {005A3A96-BAC4-4B0A-94EA-C0CE100EA736} did not register with DCOM within the required timeout.

Error: (05/22/2017 07:38:58 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} did not register with DCOM within the required timeout.

Error: (05/22/2017 07:38:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.

Error: (05/19/2017 06:52:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} did not register with DCOM within the required timeout.

Error: (05/19/2017 06:52:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.


==================== Memory info ===========================

Processor: Intel® Core™ i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 72%
Total physical RAM: 1985.86 MB
Available physical RAM: 553.4 MB
Total Virtual: 3971.72 MB
Available Virtual: 2642.45 MB

==================== Drives ================================

Drive c: © (Fixed) (Total:78.03 GB) (Free:4.28 GB) NTFS
Drive d: () (Fixed) (Total:126.95 GB) (Free:0.6 GB) NTFS
Drive e: () (Fixed) (Total:126.95 GB) (Free:7.3 GB) NTFS
Drive g: () (Fixed) (Total:133.73 GB) (Free:28.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=260.7 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================


  • 0

#85
JSntgRvr
Posted 31 May 2017 - 09:35 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

Download the attached file and save it in the same directory FRST64 is saved.

  • Start FRST64 with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.

 

The rest looks clear. Reset the browser to default if it continues.


  • 0

Advertisements

#86
shubhamimortal
Posted 01 June 2017 - 11:32 PM

shubhamimortal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts

Fix result of Farbar Recovery Scan Tool (x86) Version: 28-05-2017
Ran by lenovo (02-06-2017 10:56:45) Run:9
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo (Available Profiles: lenovo)
Boot Mode: Normal

==============================================
 

Hi brother

 

i have 1 more problem my net on compurer is running too slow i dont know why it working like 126kbps connection but data used shown by modem is high 

 

 

fixlist content:
*****************
U3 aib782po; C:\Windows\system32\Drivers\aib782po.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

*****************

aib782po => service not found.

==== End of Fixlog 10:56:45 ====


  • 0

#87
JSntgRvr
Posted 02 June 2017 - 05:05 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

Bring the Task Manager up. How is the CPU doing?


  • 0

#88
shubhamimortal
Posted 10 June 2017 - 06:17 AM

shubhamimortal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 70 posts

tx brother every thing is fine now and tx a lot for replying and helping me out of omnibox and firefox id doing great


  • 0

#89
JSntgRvr
Posted 16 June 2017 - 06:08 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP