i am getting notice of win32 ramnit-cw virus infection but its not going please help
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20.06.2018
Ran by lenovo (administrator) on LENOVO-PC (29-06-2018 15:38:27)
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo (Available Profiles: lenovo)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow32.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Windscribe Limited) C:\Program Files\Windscribe\WindscribeService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Investintech.com Inc.) C:\Program Files\Investintech.com Inc\Able2Extract Professional 6.0\Able2ExtractPro.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-17] (AVAST Software)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,,c:\program files\microsoft\desktoplayer.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [uTorrent] => C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe [1984184 2018-06-24] (BitTorrent Inc.)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [Dropbox Update] => C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [Google Update] => C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-22] (Google Inc.)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [Windscribe] => C:\Program Files\Windscribe\Windscribe.exe [10601064 2017-05-09] (Windscribe Limited)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [7722600 2018-05-24] (Lavasoft)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-11-29]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-11-29]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-11-29]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2018-06-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * bootdelete
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.225.1 192.168.225.1
Tcpip\..\Interfaces\{91159599-D312-46D2-B512-3DA51681A45C}: [DhcpNameServer] 192.168.225.1 192.168.225.1
Tcpip\..\Interfaces\{96A1187B-2A35-49D8-B44A-7BA8556D531D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B5589E53-4647-4589-839D-1C9F84919F9D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C057E2E2-FA66-4793-8023-576C456030EC}: [DhcpNameServer] 192.168.225.1 192.168.225.1
Tcpip\..\Interfaces\{CD510772-EDFB-4137-932D-16DA47E82156}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{CDFA3976-0D4A-4547-8644-8382C04C398F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E4937AE7-06F0-4B5C-A903-4D6CDD1167AE}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E59173B5-8FB8-4C2D-8ADD-ACE5E9DFFB22}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://in.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180524__yaie
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180524__yaie&p={searchTerms}
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-07-28] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-05-17] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2016-12-30] ()
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-28] (Oracle Corporation)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2016-12-30] ()
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: sq39mbzn.default-1496470462934-1510904037715
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715 [2018-06-29]
FF Homepage: Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715 -> hxxps://in.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180524__yaff
FF NewTab: Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715 -> hxxps://in.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180524__yaff
FF Extension: (Pioneer Enrollment) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715\Extensions\[email protected] [2018-06-24] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715\Extensions\[email protected] [2018-06-05]
FF SearchPlugin: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-24]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2017-06-14] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2016-12-06] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-16] ()
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-12-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-12-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-12-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-12-22] (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-07-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-07-28] (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-24] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-24] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\lenovo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\lenovo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @talk.google.com/O1DPlugin -> C:\Users\lenovo\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @tools.google.com/Google Update;version=3 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-22] (Google Inc.)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @tools.google.com/Google Update;version=9 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-22] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\lenovo\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\lenovo\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\lenovo\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2016-11-22]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5963368 2018-05-17] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-02] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-17] (AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-02] (AVAST Software)
S4 Change Modem Device Service; C:\Windows\System32\ChgService.exe [135168 2012-11-19] () [File not signed]
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [280680 2017-10-12] (Intel Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 FoxitPhantomService; C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1659080 2016-12-30] (Foxit Software Inc.)
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
S4 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2018-06-28] () [File not signed]
S2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2018-06-19] (StarWind Software) [File not signed]
S4 Tally License Server 6.0; C:\Program Files\Tally.ERP9\tallylicserver.exe [465920 2018-06-28] () [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10942704 2017-10-20] (TeamViewer GmbH)
R2 WCAssistantService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25704 2018-05-24] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files\Windscribe\WindscribeService.exe [71272 2017-05-09] (Windscribe Limited)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-10-25] (Lenovo Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167040 2018-05-17] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [185432 2018-03-15] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157368 2018-03-15] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276688 2018-03-15] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50336 2018-03-15] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [184632 2018-05-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-05-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [133160 2018-05-17] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100544 2018-05-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [71840 2018-05-17] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784112 2018-05-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [392368 2018-05-17] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [152344 2018-05-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-05-17] (AVAST Software)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2017-10-12] (IVT Corporation.)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [105984 2012-11-19] (QUALCOMM Incorporated)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [108032 2017-10-12] (Samsung Electronics Co., Ltd.)
R1 funfrm; C:\Windows\system32\Drivers\funfrm.sys [54800 2012-01-25] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43376 2016-04-21] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-10-12] (REALiX)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [110280 2017-10-12] (Qualcomm Atheros Co., Ltd.)
R0 LHDmgr; C:\Windows\System32\DRIVERS\LhdX86.sys [32352 2010-01-15] (Lenovo.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [178904 2017-05-13] (Malwarebytes)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2011-03-02] (Intel Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [20640 2005-03-12] (Sonic Solutions) [File not signed]
S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [218624 2011-03-02] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2012-05-07] ()
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [146816 2013-07-12] (Microsoft Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
R3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [41976 2017-04-21] (The OpenVPN Project)
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
R1 ZAM; C:\Windows\System32\drivers\zam32.sys [181496 2017-05-08] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard32.sys [181496 2017-05-08] (Zemana Ltd.)
U3 axhyrhmw; C:\Windows\system32\Drivers\axhyrhmw.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-29 15:38 - 2018-06-29 15:48 - 000022653 _____ C:\Users\lenovo\Desktop\FRST.txt
2018-06-29 15:34 - 2018-06-29 15:36 - 001773056 ____C (Farbar) C:\Users\lenovo\Desktop\FRST.exe
2018-06-29 14:33 - 2018-06-29 14:35 - 000000000 ___DC C:\Users\lenovo\AppData\LocalLow\uTorrent
2018-06-18 18:24 - 2018-06-18 18:24 - 000594451 _____ C:\Users\lenovo\Desktop\work in progress 6pdf.pdf
2018-06-18 18:24 - 2018-06-18 18:24 - 000000000 ___DC C:\Foxit Software
2018-06-18 18:08 - 2018-06-18 18:39 - 000000000 ___DC C:\Users\lenovo\AppData\Roaming\Foxit Software
2018-06-18 18:07 - 2018-06-18 18:07 - 000000000 ___DC C:\ProgramData\Foxit Software
2018-06-18 18:06 - 2018-06-18 18:06 - 000001020 _____ C:\Users\Public\Desktop\Foxit PhantomPDF.lnk
2018-06-18 18:06 - 2018-06-18 18:06 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2018-06-18 18:06 - 2018-06-18 18:06 - 000000000 ____D C:\Users\Public\Foxit Software
2018-06-18 18:05 - 2018-06-18 18:05 - 000000000 ___DC C:\Program Files\Foxit Software
2018-06-16 15:40 - 2018-06-16 15:41 - 000000000 ____D C:\Users\lenovo\Downloads\DuckTales.2017.S01E02.WEB.x264-TBS[ettv]
2018-06-16 12:47 - 2018-06-16 12:47 - 000000000 ____D C:\Users\lenovo\Downloads\DuckTales.2017.S01E03.Daytrip.of.Doom.1080p.WEB-DL.AAC2.0.H.264-YFN
2018-06-16 12:31 - 2018-06-24 13:43 - 000000000 ____D C:\Users\lenovo\Downloads\Despicable Me (2010)
2018-06-16 12:31 - 2018-06-24 13:42 - 000000000 ____D C:\Users\lenovo\Downloads\Aladdin (1992)
2018-06-16 12:31 - 2018-06-16 12:58 - 000000000 ____D C:\Users\lenovo\Downloads\Aladdin II The Return Of Jafar 1994 720p HDTVRip AC3 x264 [Dual Audio] [Hindi-Eng] By Sifu {HKRG}
2018-06-16 12:31 - 2018-06-16 12:31 - 000000000 ____D C:\Users\lenovo\Downloads\Despicable Me 2 (2013) [1080p]
2018-06-16 12:23 - 2018-06-16 15:41 - 000000000 ____D C:\Users\lenovo\Downloads\[ www.Torrenting.com ] - Babys.Day.Out.1994.iNTERNAL.DVDRip.XviD-EXViDiNT
2018-06-16 12:23 - 2018-06-16 12:23 - 000000000 ____D C:\Users\lenovo\Downloads\Hook (1991) [1080p]
2018-06-16 11:45 - 2018-06-24 13:42 - 000000000 ____D C:\Users\lenovo\Downloads\Sonu Ke Titu Ki Sweety 2018 Hindi 720p HDRip x264 MP3 - xRG
2018-06-15 14:12 - 2018-06-18 18:02 - 000000000 ____D C:\Users\lenovo\Downloads\Foxit PhantomPDF Business 8.2.2192 + Crack [TechTools.ME]
2018-06-15 14:02 - 2018-06-15 14:01 - 000012224 _____ C:\Users\lenovo\Desktop\Truck List 15.6.2018.xlsx
2018-06-10 12:55 - 2018-06-21 18:25 - 000000000 ____D C:\Users\lenovo\Desktop\EXPORT BILL 2018-19
2018-06-10 12:54 - 2018-06-11 17:25 - 000000000 ____D C:\Users\lenovo\Desktop\EXPORT BILL 2017-18
2018-06-06 12:34 - 2018-06-06 12:34 - 000000000 ____D C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-29 15:48 - 2016-12-29 11:08 - 000074970 _____ C:\Windows\ZAM.krnl.trace
2018-06-29 15:48 - 2016-12-29 11:08 - 000046605 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-06-29 15:38 - 2017-04-13 15:51 - 000000000 ___DC C:\FRST
2018-06-29 15:33 - 2013-04-06 00:28 - 000000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA.job
2018-06-29 15:32 - 2015-06-19 12:24 - 000000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA.job
2018-06-29 15:18 - 2012-01-25 22:05 - 000785794 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-29 15:18 - 2009-07-14 08:07 - 000000000 ____D C:\Windows\inf
2018-06-29 15:16 - 2017-06-07 18:37 - 000000000 ___DC C:\Users\lenovo\AppData\LocalLow\Mozilla
2018-06-29 15:08 - 2009-07-14 10:04 - 000014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-29 15:08 - 2009-07-14 10:04 - 000014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-29 14:35 - 2012-05-01 23:39 - 000000000 ____D C:\Users\lenovo\AppData\Roaming\uTorrent
2018-06-29 14:33 - 2012-10-14 07:47 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2018-06-29 14:33 - 2009-07-14 10:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-28 13:52 - 2017-02-13 16:11 - 000000000 ____D C:\Users\lenovo\Downloads\Tally ERP 9 + Crack
2018-06-28 13:02 - 2016-12-23 11:50 - 000000000 ____D C:\Users\lenovo\Downloads\tagspaces
2018-06-28 11:32 - 2015-06-19 12:24 - 000000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core.job
2018-06-28 11:03 - 2013-04-06 00:28 - 000000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core.job
2018-06-18 18:10 - 2017-08-26 11:39 - 000000000 ___DC C:\Program Files\Mozilla Firefox
2018-06-18 18:07 - 2016-01-15 09:47 - 000000000 ___DC C:\ProgramData\Package Cache
2018-06-16 15:20 - 2017-02-04 13:05 - 000000000 ___DC C:\Program Files\Mozilla Maintenance Service
2018-06-06 12:34 - 2014-10-03 13:04 - 000000000 ____D C:\Users\lenovo\AppData\Roaming\Dropbox
==================== Files in the root of some directories =======
2017-05-10 12:14 - 2017-06-03 11:41 - 000007613 ____C () C:\Users\lenovo\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2018-06-16 17:38 - 2018-06-16 17:39 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\GUR45A6.exe
2018-04-02 13:24 - 2018-04-02 13:14 - 002646416 ____C () C:\Users\lenovo\AppData\Local\temp\removeSZB.exe
2018-06-19 10:01 - 2018-06-29 14:40 - 000391024 ____C (adaware) C:\Users\lenovo\AppData\Local\temp\wcupdater.exe
2018-06-25 17:49 - 2018-06-25 17:52 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\{0DB5254C-B2A5-40D4-B2D3-8C82117057C4}-DropboxClient_52.4.58.exe
2018-04-14 17:56 - 2018-04-14 18:52 - 003225763 ____C (Dropbox, Inc.) C:\Users\lenovo\AppData\Local\temp\{115C6E95-029B-490B-AB77-79AE076987AC}-DropboxClient_47.4.74.exe
2018-06-29 15:47 - 2018-06-29 15:47 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\{36C1CEEC-2497-4312-A777-864C62E61D2E}-DropboxClient_52.4.60.exe
2018-06-24 17:22 - 2018-06-24 18:30 - 014691296 ____C (Dropbox, Inc.) C:\Users\lenovo\AppData\Local\temp\{388A8D0F-28D2-48BC-A0C0-FEA1ED496D37}-DropboxClient_52.4.58.exe
2018-06-24 17:49 - 2018-06-24 17:53 - 000318576 ____C (Dropbox, Inc.) C:\Users\lenovo\AppData\Local\temp\{962BEAB3-A5DD-4EA1-90A7-24F986A83465}-DropboxClient_52.4.58.exe
2018-05-16 16:54 - 2018-05-16 17:39 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\{9BEC9ECD-4D34-40A7-84DD-A3DF19CBFF76}-66.0.3359.139_65.0.3325.181_chrome_updater.exe
2018-06-18 15:58 - 2018-06-18 18:44 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\{B8783A10-2A38-4E62-9BC0-7F555BC52573}-67.0.3396.87_66.0.3359.181_chrome_updater.exe
2018-06-24 17:05 - 2018-06-25 17:57 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\{CA4AD436-2BC3-408A-84A0-9021EA55EF94}-67.0.3396.87_chrome_installer.exe
2017-11-15 13:53 - 2017-11-15 15:28 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\{CDF20049-88C7-4CCF-977B-3A6077CAF2F0}-GoogleUpdateSetup.exe
2018-06-29 15:46 - 2018-06-29 15:46 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\{DE8BA77F-A24C-4166-A192-1F1BB5259653}-67.0.3396.99_chrome_installer.exe
2018-04-22 16:44 - 2018-04-22 16:44 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\{F6D39D3E-1821-400E-9A6F-1055865551F5}-DropboxClient_47.4.74.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-18 16:10
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20.06.2018
Ran by lenovo (29-06-2018 15:49:36)
Running from C:\Users\lenovo\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2012-01-25 16:31:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1450707365-3114357019-3030383042-500 - Administrator - Disabled)
Guest (S-1-5-21-1450707365-3114357019-3030383042-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1450707365-3114357019-3030383042-1002 - Limited - Enabled)
lenovo (S-1-5-21-1450707365-3114357019-3030383042-1000 - Administrator - Enabled) => C:\Users\lenovo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Able2Extract Professional v6.0 (HKLM\...\Able2Extract Professional v6.0) (Version: - )
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM\...\Adobe PageMaker 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 64.0.387.186 - AVAST Software)
Avast Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.4.51 - Conexant)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Dropbox) (Version: 51.4.66 - Dropbox, Inc.)
Easy JPEG Printer (HKLM\...\Easy JPEG Printer) (Version: - )
EasyCapture (HKLM\...\EasyCapture4.0) (Version: V4.0.09.0731 - Lenovo)
EditPad Lite 7.3.8 (HKLM\...\EditPad Lite) (Version: 7.3.8 - Just Great Software)
Energy Management (HKLM\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.5 - Lenovo) Hidden
Energy Management (HKLM\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.5 - Lenovo)
ePass2003 (HKLM\...\ePass2003-4FE7-A218-48BDAE051E2B_std) (Version: 1.1.14.709 - Feitian Technologies Co., Ltd.)
Epson Event Manager (HKLM\...\{C9AC7ED6-FD1C-4E83-8553-ECF8BCA111E8}) (Version: 3.01.0007 - Seiko Epson Corporation)
Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON M200 Series Printer Uninstall (HKLM\...\EPSON M200 Series) (Version: - SEIKO EPSON Corporation)
Epson Network Guide M200 Series (HKLM\...\M200 Series Netg) (Version: - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
Epson User's Guide M200 Series (HKLM\...\M200 Series Useg) (Version: - )
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Foxit PhantomPDF (HKLM\...\{EF71277A-CE76-11E6-B26E-000C29F04684}) (Version: 8.2.0.2192 - Foxit Software Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP LaserJet Pro MFP M125-M126 (HKLM\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 8.0.14087.1054 - Hewlett-Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (HKLM\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM126DSService (HKLM\...\{9A0C3AE6-A6C3-46C4-95A5-E3745CCE3D57}) (Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (HKLM\...\{0BFDA228-F4D0-42C0-90B2-8C47F147AEB1}) (Version: 3.0.26.59 - HP) Hidden
HPLJDXPHelper (HKLM\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 060.048.005 - HP) Hidden
HPLJProMFPM125M126 (HKLM\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM\...\{30DD7187-F392-4D83-8AED-D9A2DC64EF15}) (Version: 008.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{178F0383-A2F1-427C-9881-6EACB8728C76}) (Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}) (Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM125-M126 (HKLM\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
IIS 7.5 Express (HKLM\...\{3A30B5F5-F12C-490F-8CD4-D200C75DF7E8}) (Version: 7.5.1190 - Microsoft Corporation)
ImagePrinter Pro 6.3 (HKLM\...\ImagePrinter Pro 6.3_is1) (Version: - Code Industry Ltd.)
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lenovo EasyCamera (HKLM\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1209.1 - Lenovo EasyCamera)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
LightScribe System Software 1.10.27.1 (HKLM\...\{CBCF859F-04BE-4A07-B6FA-F4FAD69EF1ED}) (Version: 1.10.27.1 - hxxp://www.lightscribe.com)
LINE (HKLM\...\LINE) (Version: 4.1.2.525 - LINE Corporation)
LJDXPHelperUI (HKLM\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 060.048.005 - HP) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Application Compatibility Toolkit 5.6 (HKLM\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 60.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 60.0.2 (x86 en-US)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2.6730 - Mozilla)
MSVC80_x86 (HKLM\...\{212748BB-0DA5-46DE-82A1-403736DC9F27}) (Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{1596098A-FCEC-48F0-B7C7-08A31B771033}) (Version: 7.03.0918 - Nero AG)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
Python 2.7.10 (HKLM\...\{E2B51919-207A-43EB-AE78-733F9C6797C2}) (Version: 2.7.10150 - Python Software Foundation)
Realtek USB 2.0 Reader Driver (HKLM\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)
Red Light Center 3D Client (HKLM\...\Red Light Center 3D Client) (Version: 1.9.4773 - Utherverse Digital Inc)
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
SlimPDF Reader 1.0 (HKLM\...\{7E1FEE27-F869-4D4B-8AA3-64C7FD99BD7C}_is1) (Version: 1.0 - Investintech.com Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
Tally.ERP 9 (HKLM\...\{854D0F4D-7EFC-4EBB-A7ED-6D7E8DD3F017}) (Version: - ©Tally Solutions Pvt. Ltd., 1988-2009.)
TeamViewer 13 (HKLM\...\TeamViewer) (Version: 13.0.3057 Beta - TeamViewer)
Typing Instructor Platinum (HKLM\...\{F358C0E1-B8DD-43A4-8B2E-269710247F16}) (Version: 21.00.0000 - Individual Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Web Companion (HKLM\...\{221986a7-b383-4a67-80f3-a27b48650a1b}) (Version: 4.2.1846.3481 - Lavasoft)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windscribe version 1.70 build 4 (HKLM\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.70 build 4 - Windscribe)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410A}) (Version: 21.0.12288 - WinZip Computing, S.L. )
Xfire (remove only) (HKLM\...\Xfire) (Version: - )
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{449CFB1B-1C07-48EA-9A9A-7A7881C2B49B}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{53B5243F-8302-4DAD-BE8F-1D0665E8225E}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO3.dll (Hewlett-Packard Company)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{86CF96D8-F275-4791-B669-D50577FC157D}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.75.1\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.75.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\lenovo\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.75.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.75.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.75.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Dropbox\Update\1.3.75.1\psuser.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-05-17] (AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2017-06-22] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-05-17] (AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-07-24] (Nero AG)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x86.dll [2018-06-18] (Foxit Software Inc.)
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => C:\Program Files\Total Video Converter\TVCShellExt.dll [2018-06-19] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-19] ()
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2016-10-27] (WinZip Computing, S.L.)
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files\Alcohol Soft\Alcohol 120\AxShlex.dll [2010-02-05] (Alcohol Soft Development Team)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-05-17] (AVAST Software)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-19] ()
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2016-10-27] (WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-10-12] (Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2017-06-22] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-05-17] (AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x86.dll [2018-06-18] (Foxit Software Inc.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-19] ()
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2016-10-27] (WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-1450707365-3114357019-3030383042-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1450707365-3114357019-3030383042-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1450707365-3114357019-3030383042-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.22.0.dll [2018-06-04] (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08B3726E-7946-48AD-B127-3B367AD6F9FD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core => C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {1E38F814-553E-47E5-A63F-C12B22672517} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-05-17] (Adobe Systems Incorporated)
Task: {209353BD-08DC-4AE3-A4DA-963354E2E456} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-02] (AVAST Software)
Task: {2C33235C-C715-4FDA-878D-3864EE7276B4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-16] (Adobe Systems Incorporated)
Task: {2DAF0963-3518-43A6-B0B2-FC60C5C64B44} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {42DEE3D0-6115-457D-B0A0-241770E39A0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-04-13] (Google Inc.)
Task: {58BEB454-DF1A-4FC5-A9DE-7D52AB9FF71D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA => C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {5A1E1087-47F2-419E-B3E2-EB907CA4F527} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-17] (AVAST Software)
Task: {629FE72A-398A-4C69-9079-0F1365A5C93A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core => C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {64A97AD7-CB0B-4145-B3C3-C9F23C6E5FB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-17] (Adobe Systems Incorporated)
Task: {6DCE60F6-D94A-4504-8AAD-433CFAB9AA71} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {79050ED9-BBE5-4EE5-BEE0-A69D15AA0034} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {83DC7922-CE46-4FAE-9A55-A34520C0A075} - System32\Tasks\Driver Booster SkipUAC (lenovo) => C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe
Task: {9BBEC427-8815-41EE-8893-A40089ECE4E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {A2EE3336-089C-4187-A778-8C4BE758CF5A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA => C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {A5490C5A-11BA-4C74-8630-47FCB561601D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A8041C4C-67DD-4348-9665-E1543B0AC3E4} - System32\Tasks\{FEC9547F-F20B-4A03-B4C2-D86D6BB9C500} => C:\Windows\system32\pcalua.exe -a "C:\Users\lenovo\Downloads\Tally ERP 9 Release 5.3.1 with Crack-easy to Activate-2016\setup.exe" -d "C:\Users\lenovo\Downloads\Tally ERP 9 Release 5.3.1 with Crack-easy to Activate-2016"
Task: {BAAD6FD4-A389-4E9F-B2BE-0633696327D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-04-13] (Google Inc.)
Task: {C7AEF7C1-3D8D-483A-B8CD-9846F9818EDD} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-10-27] (WinZip Computing, S.L.)
Task: {EBD37993-39FD-4C4E-A501-983B4C4222A6} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-02] (AVAST Software)
Task: {FFFAFA22-BADF-442B-BB2A-BD10DC6B3506} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-06] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core.job => C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA.job => C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core.job => C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA.job => C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-05-17 12:22 - 2018-05-17 12:22 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-06-24 13:56 - 2018-06-24 13:56 - 005842576 _____ () C:\Program Files\AVAST Software\Avast\defs\18062304\algo.dll
2018-05-17 12:22 - 2018-05-17 12:22 - 000889048 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-05-17 12:22 - 2018-05-17 12:22 - 000924888 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-05-17 12:22 - 2018-05-17 12:22 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-05-17 12:22 - 2018-05-17 12:22 - 000982744 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-05-17 12:22 - 2018-05-17 12:22 - 000519896 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2012-01-25 22:10 - 2018-06-19 10:47 - 000125440 _____ () C:\Program Files\WinRAR\rarext.dll
2012-09-16 22:19 - 2018-06-19 10:47 - 000234496 ____C () C:\Program Files\Total Video Converter\TVCShellExt.dll
2017-05-08 12:21 - 2017-06-22 12:18 - 000131952 _____ () C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll
2015-09-15 13:50 - 2012-09-18 15:26 - 000169472 _____ () C:\Windows\System32\zlhp1020.dll
2015-09-15 13:58 - 2012-09-18 15:26 - 000059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2012-01-25 22:08 - 2011-03-02 14:21 - 000094208 _____ () C:\Windows\System32\IccLibDll.dll
2018-03-15 14:12 - 2018-03-15 14:12 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-17 12:22 - 2018-05-17 12:22 - 000293592 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-05-24 15:07 - 2018-05-24 15:07 - 000114280 ____C () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll
2018-05-24 15:07 - 2018-05-24 15:07 - 000100968 ____C () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2018-05-24 15:07 - 2018-05-24 15:07 - 000361064 ____C () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2018-05-24 15:07 - 2018-05-24 15:07 - 000058984 ____C () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2018-05-24 15:07 - 2018-05-24 15:07 - 000084072 ____C () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2018-05-24 15:07 - 2018-05-24 15:07 - 000057448 ____C () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2018-06-06 12:33 - 2018-06-04 15:48 - 001107272 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2018-06-06 12:33 - 2018-06-04 15:48 - 002079048 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2018-06-06 12:34 - 2018-06-04 15:51 - 000106816 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000025408 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\select.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000020808 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000042312 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000700736 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000021856 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000137032 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 001845600 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000022880 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000123200 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2018-06-06 12:34 - 2018-06-04 15:50 - 000112448 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32api.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000022872 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000063312 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000031040 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32event.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000077120 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\fastpath.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000399168 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2018-06-06 12:34 - 2018-06-04 15:51 - 000049984 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32process.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000027456 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000131392 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32file.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000120648 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32security.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000392520 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000028000 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000030536 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000182080 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32gui.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000036672 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000032576 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32job.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000055104 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32service.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000064320 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000023376 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000021840 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000022864 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000066400 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000025440 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000152384 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 003863880 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2018-06-06 12:34 - 2018-06-04 15:50 - 000091448 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\sip.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 001798464 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 001959232 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000035136 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32ts.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 000155472 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 000521544 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 000051024 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 000043336 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 000131400 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 000219984 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 000204104 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000067392 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32print.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000054616 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000030528 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\win32profile.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000022880 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000022368 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000021856 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000022368 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000027496 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000355648 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2018-06-06 12:34 - 2018-06-04 15:51 - 000023904 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000025432 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2018-06-06 12:33 - 2018-06-04 15:48 - 000036312 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\librsync.dll
2018-06-06 12:34 - 2018-06-04 15:51 - 000021856 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000181064 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2018-06-06 12:34 - 2018-06-04 15:51 - 000030544 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2018-06-06 12:33 - 2018-06-04 15:49 - 000024384 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\libEGL.DLL
2018-06-06 12:33 - 2018-06-04 15:49 - 001638208 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2018-06-06 12:34 - 2018-06-04 15:51 - 000026464 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 000546632 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2018-06-06 12:33 - 2018-06-04 15:50 - 000359744 _____ () C:\Users\lenovo\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2018-05-24 15:07 - 2018-05-24 15:07 - 000025704 ____C () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2018-05-24 15:07 - 2018-05-24 15:07 - 000017512 ____C () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll
2018-05-24 15:07 - 2018-05-24 15:07 - 000037480 ____C () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll
2018-05-17 12:22 - 2018-05-17 12:22 - 000632024 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll
2008-10-31 16:30 - 2008-10-31 16:30 - 000036938 ____C () C:\Program Files\Investintech.com Inc\Able2Extract Professional 6.0\RNERR.dll
2008-10-31 16:30 - 2018-06-24 16:26 - 000073728 ____C () C:\Program Files\Investintech.com Inc\Able2Extract Professional 6.0\AMPLM.dll
2017-09-16 16:55 - 2017-09-16 16:55 - 000169984 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\e2b79cf5a34865688d688e0a44a2e96e\IsdiInterop.ni.dll
2012-01-25 22:08 - 2011-01-12 17:56 - 000058880 _____ () C:\Program Files\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2018-06-29 15:38 - 2018-06-29 15:38 - 005843088 _____ () C:\Program Files\AVAST Software\Avast\defs\18062900\algo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\ncodesolutions.com -> hxxps://sign.ncodesolutions.com
IE trusted site: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 07:34 - 2018-06-29 15:14 - 000000063 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.225.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: Change Modem Device Service => 2
MSCONFIG\Services: doyyloadrwyownloadpr => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: Tally License Server 6.0 => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WifiSrv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^lenovo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^lenovo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: Dropbox Update => "C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Energy Management => C:\Program Files\Lenovo\Energy Management\Energy Management.exe
MSCONFIG\startupreg: EnergyUtility => C:\Program Files\Lenovo\Energy Management\Utility.exe
MSCONFIG\startupreg: ePass2003_std => C:\Program Files\Feitian\ePass2003\ePassCertd_2003.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\lenovo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: StatusAlerts => "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: UpdatePRCShortCut => " "C:\PROGRAM FILES\LENOVO\ONEKEY APP\ONEKEY RECOVERY" UPDATEWITHCREATEONCE "SOFTWARE\LENOVO\ONEKEY APP\ONEKEY RECOVERY"
MSCONFIG\startupreg: uTorrent => "C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{415AF8EB-E6F0-4CD2-B482-6E8458964C92}C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8FFECD74-F5A0-4FD7-98A8-90316BD57E6E}C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{4D28356D-8A3A-4A2D-B69B-11B088491812}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9CF559F-B535-45D3-9829-BF8946329317}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{B21E602B-D1D8-46BC-BF64-962E0924FA44}C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{38260746-BD4B-4AD0-858B-9E7E0063B881}C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{E6A7FF0A-731D-4AFB-96E1-52D4606CDDCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A1F0C030-8FB4-4369-B6CD-77416BB48673}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F38EEA13-2B1C-4B1E-B449-C7B9E739F50F}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{0452AC7C-46EE-46A6-92AD-B73044B61A0B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Users\lenovo\AppData\Roaming\icr-20-jan.exe] => Enabled:Windows Messanger
StandardProfile\AuthorizedApplications: [C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/28/2018 06:34:50 PM) (Source: Google Update) (EventID: 20) (User: lenovo-PC)
Description: Event-ID 20
Error: (06/28/2018 03:34:49 PM) (Source: Google Update) (EventID: 20) (User: lenovo-PC)
Description: Event-ID 20
Error: (06/28/2018 12:34:47 PM) (Source: Google Update) (EventID: 20) (User: lenovo-PC)
Description: Event-ID 20
Error: (06/28/2018 10:56:23 AM) (Source: Google Update) (EventID: 20) (User: lenovo-PC)
Description: Event-ID 20
Error: (06/25/2018 06:34:57 PM) (Source: Google Update) (EventID: 20) (User: lenovo-PC)
Description: Event-ID 20
Error: (06/25/2018 05:51:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPLaserJetService.exe, version: 9.33.905.0, time stamp: 0x50be3855
Faulting module name: ntdll.dll, version: 6.1.7601.23915, time stamp: 0x59b94a7d
Exception code: 0xc0000005
Fault offset: 0x00031dca
Faulting process id: 0x%9
Faulting application start time: 0xHPLaserJetService.exe0
Faulting application path: HPLaserJetService.exe1
Faulting module path: HPLaserJetService.exe2
Report Id: HPLaserJetService.exe3
Error: (06/18/2018 06:35:10 PM) (Source: Google Update) (EventID: 20) (User: lenovo-PC)
Description: Event-ID 20
Error: (06/15/2018 06:34:59 PM) (Source: Google Update) (EventID: 20) (User: lenovo-PC)
Description: Event-ID 20
System errors:
=============
Error: (06/29/2018 02:40:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (06/29/2018 02:32:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:39:47 PM on 6/28/2018 was unexpected.
Error: (06/25/2018 06:05:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (06/25/2018 05:56:59 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Diagnostics Tracking Service service did not shut down properly after receiving a preshutdown control.
Error: (06/25/2018 05:54:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP LaserJet Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/25/2018 05:53:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
Error: (06/25/2018 05:49:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (120000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Error: (06/24/2018 06:04:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
==================== Memory info ===========================
Processor: Intel® Core i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 81%
Total physical RAM: 1985.86 MB
Available physical RAM: 358.05 MB
Total Virtual: 3971.72 MB
Available Virtual: 1962.57 MB
==================== Drives ================================
Drive c: © (Fixed) (Total:78.03 GB) (Free:4.07 GB) NTFS
Drive d: () (Fixed) (Total:126.95 GB) (Free:8.56 GB) NTFS
Drive e: () (Fixed) (Total:126.95 GB) (Free:3.81 GB) NTFS
Drive g: () (Fixed) (Total:133.73 GB) (Free:29.14 GB) NTFS
\\?\Volume{5eb61dc4-47e2-11e1-bd41-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=260.7 GB) - (Type=0F Extended)
==================== End of Addition.txt ============================