Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Canít run antivirus, computer doesnít startup properly, black screen i


  • Please log in to reply

#1
tingtingz

tingtingz

    Member

  • Member
  • PipPip
  • 44 posts

My computer turned off on its own with 80% battery while streaming video. None of my normal startup programs starts after turning on. I try to open Bitdefender but receive a message stating Bitdefender service are currently not available telling me to restart computer. Malwarebyte is unresponsive. I can't open chrome in normal mode but I can open chrome in safe mode with network. I downloaded avast but can't locate desktop icon or open it after installation in safe mode with network.  I try to restarted computer in normal mode to run an antivirus scan with avast but computer started into black screen after avast installation. I can restart into safe mode with network no black screen. Can anyone help?

 

I ran the FRST scan, here are the logs

 

FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (23-06-2020 13:13:37)
Running from C:\Users\TingTing\Desktop\FRST64
Loaded Profiles: TingTing
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Farbar) [File not signed] C:\Users\TingTing\Downloads\FRST64 (1).exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <40>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7916032 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\RunOnce: [AvRepair] => C:\Program Files\Avast Software\Avast\setup\instup.exe [1754264 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-16] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C74E863-9DF3-4A95-A19B-5E21449933D9} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [489272 2019-08-07] (Bitdefender SRL -> Bitdefender)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {5A66E741-8261-43C5-8027-1CB7AD0D4734} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\Avast Emergency Update.job => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-06-23]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2020-04-09] (Bitdefender SRL -> Bitdefender)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
S2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-01-29] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-01-29] (Electronic Arts, Inc. -> Electronic Arts)
S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1296560 2019-08-07] (Bitdefender SRL -> Bitdefender)
S2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [242024 2020-04-09] (Bitdefender SRL -> Bitdefender)
S2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [539720 2020-06-11] (Bitdefender SRL -> Bitdefender)
S2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [242024 2020-04-09] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S1 atc; C:\windows\System32\DRIVERS\atc.sys [2106424 2020-05-18] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
S2 BdDci; C:\windows\system32\DRIVERS\bddci.sys [796200 2020-05-28] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\windows\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Techporch Incorporated -> Dell Computer Corporation)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
S1 Gemma; C:\windows\System32\DRIVERS\gemma.sys [453344 2020-05-13] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3497240 2015-03-23] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S2 trufos; C:\windows\System32\drivers\trufos.sys [638368 2020-02-20] (Bitdefender SRL -> Bitdefender)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 vlflt; C:\windows\System32\DRIVERS\vlflt.sys [379048 2020-05-18] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-23 13:13 - 2020-06-23 13:13 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:37 - 2020-06-22 01:40 - 000051955 _____ C:\Users\TingTing\Downloads\Addition.txt
2020-06-22 01:36 - 2020-06-22 01:40 - 000035061 _____ C:\Users\TingTing\Downloads\FRST.txt
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 22:29 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000000342 ____H C:\windows\Tasks\Avast Emergency Update.job
2020-06-21 21:38 - 2020-06-21 21:38 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 21:09 - 2020-06-21 21:09 - 000070644 _____ C:\ProgramData\agent.update.1592788158.bdinstall.v2.bin
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2020-06-09 22:50 - 2020-06-09 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-09 14:58 - 2020-06-09 14:58 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-09 14:58 - 2020-06-09 14:58 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-09 14:58 - 2020-06-09 14:58 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-09 14:58 - 2020-06-09 14:58 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-05-30 14:30 - 2020-05-30 14:30 - 000312507 _____ C:\Users\TingTing\Downloads\Action_Required_-_NYS_DOL_Certification_for_B.zip
2020-05-30 14:29 - 2020-05-30 14:29 - 000391068 _____ C:\Users\TingTing\Downloads\Action_Required_-_NYS_DOL_Certification_for_B.pdf
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-23 13:16 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-06-23 13:06 - 2015-05-01 23:14 - 001096584 _____ C:\windows\ntbtlog.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 22:36 - 2019-12-15 02:15 - 000003648 _____ C:\windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-06-21 22:36 - 2019-12-15 02:15 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2020-06-21 22:34 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-06-21 22:33 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-06-21 22:32 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:48 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-06-21 21:38 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-21 21:09 - 2019-12-15 02:13 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-06-21 20:49 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-06-21 16:06 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-06-20 14:14 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-16 19:21 - 2014-12-09 12:39 - 000003596 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-06-16 18:46 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-16 18:46 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-14 11:34 - 2014-12-14 04:03 - 000000000 ___DO C:\Users\TingTing\OneDrive
2020-06-14 11:29 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-06-14 11:27 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-06-14 11:15 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-13 17:25 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-12 08:09 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 22:50 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-09 13:50 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-06-09 08:37 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-09 08:37 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2020-05-31 18:56 - 2016-11-16 15:34 - 000000000 ____D C:\Users\TingTing\Saved Documents
2020-05-28 18:37 - 2019-12-15 02:29 - 000796200 _____ (Bitdefender) C:\windows\system32\Drivers\bddci.sys
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2018-10-03 15:04 - 000000000 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== FLock ==============================
 
2014-12-03 15:42 C:\System Recovery
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2020
Ran by TingTing (22-06-2020 01:37:56)
Running from C:\Users\TingTing\Downloads
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Disabled)
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.16.146 - Bitdefender)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 99.4.501 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{956A7DE6-C628-4A4C-8DDE-0150522EEB5F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{9D8C616E-441C-4251-9B5B-C031BFE6FDC3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EA7E19AC-E0BF-48E1-8FEB-BE0B385BDA73}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE6EBDD5-24A0-44BE-9A89-4C3CB760BDEE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{84B667A0-7CD9-47CE-BFB7-8E926F66F69D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
30-05-2020 10:39:36 Scheduled Checkpoint
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
Name: Intel® Serial IO I2C Host Controller - 9C62
Description: Intel® Serial IO I2C Host Controller - 9C62
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: iaLPSS_I2C
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (06/21/2020 08:58:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070013, The media is write protected.
.
 
Error: (06/21/2020 08:58:33 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
]
 
Error: (06/21/2020 08:58:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070013, The media is write protected.
.
 
Error: (06/21/2020 08:58:33 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
]
 
Error: (06/21/2020 10:24:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005).
 
Error: (06/21/2020 10:07:49 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (06/21/2020 09:58:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.22013 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2130
 
Start Time: 01d6476e5f863d6a
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 39f1dc36-b3c7-11ea-8346-6057185e76ac
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (06/21/2020 12:56:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12968
 
 
System errors:
=============
Error: (06/22/2020 01:38:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (06/22/2020 01:38:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (06/22/2020 01:38:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (06/22/2020 01:38:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (06/22/2020 01:38:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (06/22/2020 01:38:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (06/22/2020 01:38:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (06/22/2020 01:38:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
 
CodeIntegrity:
===================================
 
Date: 2020-06-14 11:22:08.651
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-14 11:22:07.635
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-12 09:02:18.725
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-12 09:02:16.908
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-11 09:10:39.715
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-11 09:10:37.660
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-04 12:53:20.981
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-04 12:53:19.102
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A07 01/23/2015
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 33%
Total physical RAM: 12168.96 MB
Available physical RAM: 8069.35 MB
Total Virtual: 18824.96 MB
Available Virtual: 13831.17 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:491.16 GB) NTFS
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

Edited by tingtingz, 23 June 2020 - 11:25 AM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

Your FRST log is missing the top half.  Could you repost it?

 

Your Event log shows a problem with a driver.  Don't know how important it is since I don't have any intel PCs.

 

Name: Intel® Serial IO I2C Host Controller - 9C62
Description: Intel® Serial IO I2C Host Controller - 9C62
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: iaLPSS_I2C
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 

Assume that's this software:

Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
 

 

 

Search for

device manager

hit Enter

find your bad driver (should have a yellow flag) and right click and Uninstall then reboot.

(do not let it remove unused drivers if it asks) 

 

then go back into Device Manager and see if it the yellow flag is gone.

 

I see you have Speccy.  Can you  attach a Speccy log?

 

Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


 


  • 0

#3
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

I have updated the FRST log with the missing top half. I uninstalled the Intel® Serial IO I2C Host Controller - 9C62 then rebooted into safe mode with network. The yellow flag did not go away after reboot. The message left was Windows cannot initialize the device driver for this hardware. (Code 37) The driver was not loaded because the system is booting into safe mode.

 

Your FRST log is missing the top half.  Could you repost it?

 

Your Event log shows a problem with a driver.  Don't know how important it is since I don't have any intel PCs.

 

Name: Intel® Serial IO I2C Host Controller - 9C62
Description: Intel® Serial IO I2C Host Controller - 9C62
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: iaLPSS_I2C
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 

Assume that's this software:

Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
 

 

 

Search for

device manager

hit Enter

find your bad driver (should have a yellow flag) and right click and Uninstall then reboot.

(do not let it remove unused drivers if it asks) 

 

then go back into Device Manager and see if it the yellow flag is gone.

 

I see you have Speccy.  Can you  attach a Speccy log?

 

Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


 

 

Attached Files


Edited by tingtingz, 23 June 2020 - 02:09 PM.

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

No sign of a virus.  Speccy says the hard drive is OK. 

Doesn't show the temp tho.  I see you have speedfan.  What temp does it show?

 

 

See if you can do a diagnostic boot:

 

search for

msconfig

hit Enter

 

Click on Diagnostic Startup.  Apply.  Click on Boot then uncheck Safe Mode.  OK

and reboot.

 

Does it boot into regular mode?

 

Will it let you uninstall Avast?

 

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html

(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)


Once you have an elevated command prompt:

Type:

 DISM  /Online  /Cleanup-Image  /RestoreHealth

 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):

sfc  /scannow



This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get the last result then type:
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt


Hit Enter.  Then type::


notepad %UserProfile%\desktop\junk.txt

Hit Enter.

 Copy the text from notepad and paste it into a reply.


After you finish SFC, regardless of the result:



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)


 


  • 0

#5
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
I can not open SPEEDFAN. An error <SPEEDFAN Driver Not Installed> Is SPEEDFAN service started? popped up. I tried uninstalling SPEEDFAN then download it and reinstalling it again. Same error showed up.

Diagnostic startup
I think it booted into regular mode since there is no safe mode written on desktop. There is no network. My cursor did not show up. I did the diagnostic startup again. The cursor is still missing. I am not sure if this is normal.

It does not let me uninstall Avast because it says I do not have sufficient access to uninstall Avast free Antivirus.

The DISM /Online /Cleanup-Image /RestoreHealth came back with an error: 1058 The service cannot be started either because it is disabled or because it has no enabled devices associated with it. I typed the command with one space in between where there is two spaces shown.

Edited by tingtingz, 24 June 2020 - 12:29 AM.

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

Go back into msconfig and check normal Startup then got to Boot and select Safe Mode and Network then OK and reboot

Get AvastClear from

https://www.avast.co...install-utility

download, save then right click and run as admin.

Does that work?

If not try it again after unchecking Network OK and Reboot.

 

After it uninstalls can you go to regular mode?

 

If not or it didn't uninstall

go back to msconfig

on the General page, click Selective startup

uncheck Load Startup Items

go to Services tab click on Hide Microsoft Services,

uncheck all remaining services ok and reboot.

Does it boot into regular mode?

If you do not have networking, go back in and check Zero Config Service and also any service that starts with "i" then OK and reboot.

See if you can uninstall Avast now.  If not try AvastClear

If AvastClear doesn't work I can try to remove Avast with a FRST fixlist.  May take several tries.


  • 0

#7
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

I tried a normal startup without safe mode and networking to see if I can boot normal without the black screen. It boot into regular mode, the startup programs was able to load, and the avast antivirus finished its installation. I think my computer is back to normal but I don't know what fixed it.

 

I am able to run the SPEEDFAN and the temperature for h0 is 33C, core0 is 32C, core1 is 30C.

 

Bitdefender antivirus did not start. I am not sure if it is due to avast antivirus. 

 

Should I uninstall Bitdefender antivirus? 

 

Do you want me still to remove the avast antivirus?

 

Should I run a FRST scan again to see if the drivers or programs run normal?


Edited by tingtingz, 24 June 2020 - 08:43 AM.

  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

That's good.  No idea why it started to work but we will take it.  If Avast has installed that's another good sign.  You might want to uninstall BitDefender for now.  Avast doesn't like to run if another anti-virus is already there plus two anti-virus programs will fight each other and each time you open a file both of them will want to check it so things will slow down a lot.  If you paid for it I hope you have the license info saved somewhere so you can reinstall it.

 

Let's see a new FRST scan.  Maybe that will give us a clue.


  • 0

#9
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Here are the new logs from the FRST scan

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (24-06-2020 10:39:35)
Running from C:\Users\TingTing\Desktop\FRST64
Loaded Profiles: TingTing
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <50>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe <2>
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7916032 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C74E863-9DF3-4A95-A19B-5E21449933D9} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [490808 2020-03-27] (Bitdefender SRL -> Bitdefender)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3314272 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-06-24]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S4 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2020-04-09] (Bitdefender SRL -> Bitdefender)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-01-29] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-01-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1352120 2020-03-27] (Bitdefender SRL -> Bitdefender)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S4 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [242024 2020-04-09] (Bitdefender SRL -> Bitdefender)
S4 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [539720 2020-06-11] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [242024 2020-04-09] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 atc; C:\windows\System32\DRIVERS\atc.sys [2106424 2020-05-18] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
S2 BdDci; C:\windows\system32\DRIVERS\bddci.sys [796200 2020-05-28] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\windows\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Techporch Incorporated -> Dell Computer Corporation)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\windows\System32\DRIVERS\gemma.sys [453344 2020-05-13] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3497240 2015-03-23] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R2 trufos; C:\windows\System32\drivers\trufos.sys [638368 2020-02-20] (Bitdefender SRL -> Bitdefender)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R0 vlflt; C:\windows\System32\DRIVERS\vlflt.sys [379048 2020-05-18] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-06-24 09:24 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:15 - 2020-06-23 22:15 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-06-24 10:39 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:37 - 2020-06-22 01:40 - 000051955 _____ C:\Users\TingTing\Downloads\Addition.txt
2020-06-22 01:36 - 2020-06-22 01:40 - 000035061 _____ C:\Users\TingTing\Downloads\FRST.txt
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2020-06-09 22:50 - 2020-06-09 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-09 14:58 - 2020-06-09 14:58 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-09 14:58 - 2020-06-09 14:58 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-09 14:58 - 2020-06-09 14:58 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-09 14:58 - 2020-06-09 14:58 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-05-30 14:30 - 2020-05-30 14:30 - 000312507 _____ C:\Users\TingTing\Downloads\Action_Required_-_NYS_DOL_Certification_for_B.zip
2020-05-30 14:29 - 2020-05-30 14:29 - 000391068 _____ C:\Users\TingTing\Downloads\Action_Required_-_NYS_DOL_Certification_for_B.pdf
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-24 10:40 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:11 - 2014-12-09 12:39 - 000003594 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-06-24 10:08 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-24 09:48 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-06-24 09:36 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-06-24 09:34 - 2019-12-15 02:15 - 000003648 _____ C:\windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-06-24 09:33 - 2014-12-14 04:03 - 000000000 ___DO C:\Users\TingTing\OneDrive
2020-06-24 09:33 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-06-24 09:32 - 2019-12-15 02:13 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-06-24 09:32 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-06-24 09:29 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-06-24 09:29 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-06-24 09:28 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-06-24 09:24 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-06-24 09:23 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-06-23 22:36 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-06-23 22:32 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 22:36 - 2019-12-15 02:15 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2020-06-21 22:33 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-21 20:49 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-06-20 14:14 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-20 14:14 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-12 08:09 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 22:50 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-09 13:50 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-06-09 08:37 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-09 08:37 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2020-05-31 18:56 - 2016-11-16 15:34 - 000000000 ____D C:\Users\TingTing\Saved Documents
2020-05-28 18:37 - 2019-12-15 02:29 - 000796200 _____ (Bitdefender) C:\windows\system32\Drivers\bddci.sys
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-06-2020
Ran by TingTing (24-06-2020 10:46:41)
Running from C:\Users\TingTing\Desktop\FRST64
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Disabled)
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Antimalware (Disabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Bitdefender Antivirus Free Antimalware (Disabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.16.146 - Bitdefender)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 99.4.501 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2019-12-19 05:48 - 2020-06-24 09:34 - 000192512 _____ () [File not signed] C:\Users\TingTing\AppData\Local\Temp\sfamcc00001.dll
2019-12-19 07:20 - 2020-06-24 10:31 - 000192512 _____ () [File not signed] C:\Users\TingTing\AppData\Local\Temp\sfamcc00002.dll
2020-06-24 09:34 - 2020-06-24 09:34 - 000158720 _____ () [File not signed] C:\Users\TingTing\AppData\Local\Temp\sfareca00001.dll
2019-12-19 07:20 - 2020-06-24 10:31 - 000158720 _____ () [File not signed] C:\Users\TingTing\AppData\Local\Temp\sfareca00002.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2013-08-27 15:57 - 2013-08-27 15:57 - 001199104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\iCLS Client\LIBEAY32.dll
2013-08-27 15:57 - 2013-08-27 15:57 - 000302592 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\iCLS Client\ssleay32.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
MpsSvc => Firewall Service is not running.
bfe => Firewall Service is not running.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{956A7DE6-C628-4A4C-8DDE-0150522EEB5F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{9D8C616E-441C-4251-9B5B-C031BFE6FDC3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EA7E19AC-E0BF-48E1-8FEB-BE0B385BDA73}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE6EBDD5-24A0-44BE-9A89-4C3CB760BDEE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{84B667A0-7CD9-47CE-BFB7-8E926F66F69D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
30-05-2020 10:39:36 Scheduled Checkpoint
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (06/24/2020 10:20:58 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (06/23/2020 09:46:21 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (06/23/2020 04:08:46 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (06/23/2020 04:08:45 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (06/23/2020 04:06:37 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (06/23/2020 03:58:37 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (06/23/2020 03:52:37 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (06/23/2020 03:52:37 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
 
System errors:
=============
Error: (06/24/2020 09:31:24 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.
 
Error: (06/24/2020 09:31:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (06/24/2020 09:31:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (06/24/2020 09:29:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (06/24/2020 09:29:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Error: (06/24/2020 09:29:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The BdDci Service service depends on the Base Filtering Engine service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (06/24/2020 09:28:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (06/24/2020 09:23:41 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
Access is denied.
 
 
CodeIntegrity:
===================================
 
Date: 2020-06-24 09:30:39.077
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-24 09:30:38.218
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-23 22:35:40.631
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-23 22:35:39.803
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-23 22:07:22.232
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-23 22:07:21.435
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-14 11:22:08.651
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-06-14 11:22:07.635
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\connectagent.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A07 01/23/2015
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 54%
Total physical RAM: 12168.96 MB
Available physical RAM: 5505.88 MB
Total Virtual: 18824.96 MB
Available Virtual: 11017.23 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:489.51 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

Firewall is broken:

 

bfe => Firewall Service is not running.

 

 
 
Probably because it's turned off in msconfig:

==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: BFE => 2

 

 

Go back in to msconfig and see if you can find BFE (Base Filtering Engine) and check it then OK and Apply.  Alternatively I think if you check Normal Startup on the General page of msconfig then OK and Reboot it will do the same thing.

 

I can have FRST do dism & sfc if you like.  This will check your system files:

 

Takes about 25 minutes for it to run:

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   414bytes   16 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 

Now that you have AVAST running I would have it do a boot-time scan.  Can take several hours so I usually let it run while I sleep:

 

Click on the Avast ball.  Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan.  Click on Install Special Definitions.  Click on Run on Next PC Reboot.

  Reboot and let it run a scan.  It may take hours.
Once it finishes it should load windows.   Mute your speakers so it doesn't wake you up when Windows boots.

When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:

http://www.howtogeek...-windows-vista/

Copy and paste the text from the log to a Reply when done.




 


  • 0

Advertisements


#11
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

FRST scan 

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (24-06-2020 18:51:05)
Running from C:\Users\TingTing\Desktop\FRST64
Loaded Profiles: TingTing
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7916032 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3314272 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-06-24]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-01-29] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-01-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Techporch Incorporated -> Dell Computer Corporation)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3497240 2015-03-23] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-24 12:55 - 2020-06-24 12:55 - 000069892 _____ C:\ProgramData\agent.uninstall.1593017731.bdinstall.v2.bin
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-06-24 09:24 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:15 - 2020-06-23 22:15 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-06-24 18:51 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:37 - 2020-06-22 01:40 - 000051955 _____ C:\Users\TingTing\Downloads\Addition.txt
2020-06-22 01:36 - 2020-06-22 01:40 - 000035061 _____ C:\Users\TingTing\Downloads\FRST.txt
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2020-06-09 22:50 - 2020-06-09 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-09 14:58 - 2020-06-09 14:58 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-09 14:58 - 2020-06-09 14:58 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-09 14:58 - 2020-06-09 14:58 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-09 14:58 - 2020-06-09 14:58 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-05-30 14:30 - 2020-05-30 14:30 - 000312507 _____ C:\Users\TingTing\Downloads\Action_Required_-_NYS_DOL_Certification_for_B.zip
2020-05-30 14:29 - 2020-05-30 14:29 - 000391068 _____ C:\Users\TingTing\Downloads\Action_Required_-_NYS_DOL_Certification_for_B.pdf
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-24 18:55 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-06-24 18:48 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-06-24 18:48 - 2014-12-14 04:03 - 000000000 ___DO C:\Users\TingTing\OneDrive
2020-06-24 18:48 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-06-24 18:47 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-06-24 18:44 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-06-24 18:44 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-06-24 18:43 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-06-24 18:43 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-06-24 18:42 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-06-24 18:13 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-06-24 13:21 - 2014-12-09 12:39 - 000003596 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-06-24 12:52 - 2013-08-22 11:36 - 000000000 ___HD C:\windows\ELAMBKUP
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:08 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-24 09:32 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-06-23 22:36 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-06-23 22:32 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 22:33 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-21 20:49 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-06-20 14:14 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-20 14:14 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 22:50 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-09 13:50 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-06-09 08:37 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-09 08:37 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2020-05-31 18:56 - 2016-11-16 15:34 - 000000000 ____D C:\Users\TingTing\Saved Documents
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-06-2020
Ran by TingTing (24-06-2020 18:58:04)
Running from C:\Users\TingTing\Desktop\FRST64
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Disabled)
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 99.4.501 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
MpsSvc => Firewall Service is not running.
bfe => Firewall Service is not running.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{956A7DE6-C628-4A4C-8DDE-0150522EEB5F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{9D8C616E-441C-4251-9B5B-C031BFE6FDC3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EA7E19AC-E0BF-48E1-8FEB-BE0B385BDA73}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE6EBDD5-24A0-44BE-9A89-4C3CB760BDEE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{84B667A0-7CD9-47CE-BFB7-8E926F66F69D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
30-05-2020 10:39:36 Scheduled Checkpoint
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
 
System errors:
=============
Error: (06/24/2020 06:44:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (06/24/2020 06:44:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Error: (06/24/2020 06:43:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A07 01/23/2015
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 17%
Total physical RAM: 12168.96 MB
Available physical RAM: 10070.6 MB
Total Virtual: 18824.96 MB
Available Virtual: 16356.25 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:489.35 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
 

 

 

Avast boot time scan aswBoot.txt

 

06/24/2020 21:24
Scan of C:
 
Scan of *STARTUP
 
File C:\$Recycle.Bin\S-1-5-21-688974935-4124263328-645016171-1001\$RQ7ZQV3.ipsw|>048-40327-062.dmg Error 42110 {The file is a decompression bomb.}
File C:\$Recycle.Bin\S-1-5-21-688974935-4124263328-645016171-1001\$RQ7ZQV3.ipsw|>048-40310-062.dmg Error 42110 {The file is a decompression bomb.}
File C:\FRST\Quarantine\C\Users\TingTing\AppData\Local\AutoSoftware\ihfznabx\nbouwe.dll is infected by Win64:Adware-gen [Adw], Moved to chest
File C:\ProgramData\Adobe\ARM\Acrobat_11.0.07\AcrobatUpd11010.msp|>PCW_CAB_ACR1101|>d6.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>D6Flex.swf Error 42125 {ZIP archive is corrupted.}
File C:\ProgramData\Adobe\ARM\Acrobat_11.0.07\AcrobatUpd11010.msp|>PCW_CAB_ACR1101|>p6.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>AAM Registration Notifier.exe Error 42125 {ZIP archive is corrupted.}
File C:\ProgramData\Adobe\ARM\Acrobat_11.0.07\AcrobatUpd11010.msp|>PCW_CAB_ACR1101|>pdapp.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>AAMCustomHook.exe Error 42125 {ZIP archive is corrupted.}
File C:\ProgramData\Adobe\ARM\Acrobat_11.0.07\AcrobatUpd11010.msp|>PCW_CAB_ACR1101|>FormsCentralTemplates.zip|>templates\assets\-AaqERnIeJ3cyv4to36iuQ.png Error 42125 {ZIP archive is corrupted.}
File C:\ProgramData\Adobe\ARM\Acrobat_11.0.07\AcrobatUpd11011.msp|>PCW_CAB_ACR11011|>d6.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>D6Flex.swf Error 42125 {ZIP archive is corrupted.}
File C:\ProgramData\Adobe\ARM\Acrobat_11.0.07\AcrobatUpd11011.msp|>PCW_CAB_ACR11011|>p6.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>AAM Registration Notifier.exe Error 42125 {ZIP archive is corrupted.}
File C:\ProgramData\Adobe\ARM\Acrobat_11.0.07\AcrobatUpd11011.msp|>PCW_CAB_ACR11011|>pdapp.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>AAMCustomHook.exe Error 42125 {ZIP archive is corrupted.}
File C:\ProgramData\Adobe\ARM\Acrobat_11.0.07\AcrobatUpd11011.msp|>PCW_CAB_ACR11011|>FormsCentralTemplates.zip|>templates\assets\-AaqERnIeJ3cyv4to36iuQ.png Error 42125 {ZIP archive is corrupted.}
File C:\Users\TingTing\AppData\Roaming\Apple Computer\MobileSync\Backup\caeaec1a501276053a0593c6d3b704cc1e1cceb2\3c\3cf2a8858544b8151c653900732aa187895d9d98|>dist\style.css Error 42125 {ZIP archive is corrupted.}
File C:\Users\TingTing\AppData\Roaming\Apple Computer\MobileSync\Backup\caeaec1a501276053a0593c6d3b704cc1e1cceb2-20190110-231857\3c\3cf2a8858544b8151c653900732aa187895d9d98|>dist\style.css Error 42125 {ZIP archive is corrupted.}
File C:\Users\TingTing\AppData\Roaming\Apple Computer\MobileSync\Backup\caeaec1a501276053a0593c6d3b704cc1e1cceb2-20190111-020035\3c\3cf2a8858544b8151c653900732aa187895d9d98|>dist\style.css Error 42125 {ZIP archive is corrupted.}
File C:\Users\TingTing\AppData\Roaming\Bibliotheca\cloudLibrary\PROD\crashReports\cloudLibrary-crashReport.zip|>crashdump.dmp|>META-INF\rights.xml Error 42125 {ZIP archive is corrupted.}
File C:\Users\TingTing\AppData\Roaming\Bibliotheca\cloudLibrary\PROD\temp\f37e1ea6-b79c-4440-b293-299f18ffda25\crashdump.dmp|>META-INF\rights.xml Error 42125 {ZIP archive is corrupted.}
File C:\Users\TingTing\AppData\Roaming\Bibliotheca\cloudLibrary\PROD\temp\f37e1ea6-b79c-4440-b293-299f18ffda25.zip|>crashdump.dmp|>META-INF\rights.xml Error 42125 {ZIP archive is corrupted.}
File C:\Users\TingTing\Downloads\Microsoft Office Pro 2013\KMSpico.exe|>{app}\Service_KMS.exe is infected by Win32:PUP-gen [PUP], Moved to chest
File C:\Users\TingTing\Downloads\Microsoft Office Professional Plus 2013 -32-64 Bit(Activator).rar|>KMSpico.exe|>{app}\Service_KMS.exe is infected by Win32:PUP-gen [PUP], Delete: Error 42010 {File is not packed.}
File C:\Users\TingTing\Downloads\Adobe Acrobat XI Pro\Adobe Acrobat XI\AcrobatUpd11007.msp|>PCW_CAB_ACR11007|>d6.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>D6Flex.swf Error 42125 {ZIP archive is corrupted.}
File C:\Users\TingTing\Downloads\Adobe Acrobat XI Pro\Adobe Acrobat XI\AcrobatUpd11007.msp|>PCW_CAB_ACR11007|>p6.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>AAM Registration Notifier.exe Error 42125 {ZIP archive is corrupted.}
File C:\Users\TingTing\Downloads\Adobe Acrobat XI Pro\Adobe Acrobat XI\AcrobatUpd11007.msp|>PCW_CAB_ACR11007|>pdapp.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>AAMCustomHook.exe Error 42125 {ZIP archive is corrupted.}
File C:\Users\TingTing\Downloads\Adobe Acrobat XI Pro\Adobe Acrobat XI\AcrobatUpd11007.msp|>PCW_CAB_ACR11007|>FormsCentralTemplates.zip|>templates\assets\-AaqERnIeJ3cyv4to36iuQ.png Error 42125 {ZIP archive is corrupted.}
File C:\Users\TingTing\Downloads\Adobe Premiere Pro CC 2017 v11.0.2 (x64)\Adobe Premiere Pro CC 2017 v11.0.2 (x64) + Crack [SadeemPC]\Crack.rar|>Crack\Adobe CC 2015.5 XFORCE Activation\Keygen_XF-adobecc2015.exe|>[UPX] is infected by Win32:Evo-gen [Susp], Moved to chest
File C:\Users\TingTing\Downloads\Adobe Premiere Pro CC 2017 v11.0.2 (x64)\Crack\Adobe CC 2017 XFORCE Activation\Adobe CC 2015.5 XFORCE Activation\Keygen_XF-adobecc2015.exe|>[UPX] is infected by Win32:Evo-gen [Susp], Moved to chest
File C:\Users\TingTing\Downloads\Adobe Premiere Pro CC 2017 v11.0.2 (x64)\Crack\Adobe CC 2017 XFORCE Activation.zip|>Adobe CC 2015.5 XFORCE Activation\Keygen_XF-adobecc2015.exe|>[UPX] is infected by Win32:Evo-gen [Susp], Delete: Error 42010 {File is not packed.}
File C:\Users\TingTing\Downloads\Adobe Premiere Pro CC 2017 v11.0.2 (x64)\Crack\Crack\Adobe CC 2015.5 XFORCE Activation\Keygen_XF-adobecc2015.exe|>[UPX] is infected by Win32:Evo-gen [Susp], Moved to chest
File C:\Users\TingTing\Downloads\Adobe Premiere Pro CC 2017 v11.0.2 (x64)\Crack\Crack.rar|>Crack\Adobe CC 2015.5 XFORCE Activation\Keygen_XF-adobecc2015.exe|>[UPX] is infected by Win32:Evo-gen [Susp], Delete: Error 42010 {File is not packed.}
File C:\Users\TingTing\Downloads\Adobe Premiere Pro CC 2017 v11.0.2 (x64)\PR Setup\Adobe Premiere Pro CC 2017 v11.0.2 (x64) + Crack [SadeemPC]\Crack.rar|>Crack\Adobe CC 2015.5 XFORCE Activation\Keygen_XF-adobecc2015.exe|>[UPX] is infected by Win32:Evo-gen [Susp], Moved to chest
File C:\Users\TingTing\Downloads\Adobe Premiere Pro CC 2017 v11.0.2 (x64)\PR Setup.zip|>Adobe Premiere Pro CC 2017 v11.0.2 (x64) + Crack [SadeemPC]\Crack.rar|>Crack\Adobe CC 2015.5 XFORCE Activation\Keygen_XF-adobecc2015.exe|>[UPX] is infected by Win32:Evo-gen [Susp], Delete: Error 42010 {File is not packed.}
File C:\Users\TingTing\Downloads\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us\flstudio_10.0.exe|>$0\$PLUGINSDIR\OCSetupHlp.dll is infected by Win32:OpenCandy-D [PUP], Moved to chest
File C:\Windows\Installer\47c3e290.msp|>PCW_CAB_ACR11007|>d6.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>D6Flex.swf Error 42125 {ZIP archive is corrupted.}
File C:\Windows\Installer\47c3e290.msp|>PCW_CAB_ACR11007|>p6.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>AAM Registration Notifier.exe Error 42125 {ZIP archive is corrupted.}
File C:\Windows\Installer\47c3e290.msp|>PCW_CAB_ACR11007|>pdapp.pima.196A45B3_0387_4DF9_9420_597B6F2F9ADD|>AAMCustomHook.exe Error 42125 {ZIP archive is corrupted.}
File C:\Windows\Installer\47c3e290.msp|>PCW_CAB_ACR11007|>FormsCentralTemplates.zip|>templates\assets\-AaqERnIeJ3cyv4to36iuQ.png Error 42125 {ZIP archive is corrupted.}
Number of searched folders: 82120
Number of tested files: 3295752
Number of infected files: 11

  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

Did you run the fixlist?

 

BFE is still not running.  Search for

services.msc

hit Enter

Find Base Filtering Engine.  Right lcikc and select Properties.  Change the Startup Type: to Automatic.  Apply.  Try to Start the service.  Do you get an error?


  • 0

#13
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

I ran the fixlist. It ran for close to an hour. Do you want me to run fixlist again?

 

After I click apply for the Base Filtering Engine, a pop-up says access denied.


Edited by tingtingz, 25 June 2020 - 09:29 PM.

  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

No need to run the fixlist again but I would like to see the fixlog.

 

Download the attached bfe.reg. 

Attached File  bfe.reg   485.63KB   8 downloads

Save then right click and MERGE.  Ignore the warning.

 

Try starting the Base Filtering Engine service again.

 

If that doesn't help then fire up FRST, put

bfe.dll

in the Search box and Search Files.  You will get one log please post


  • 0

#15
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Here is the fixlog.txt

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-06-2020
Ran by TingTing (24-06-2020 17:30:57) Run:2
Running from C:\Users\TingTing\Desktop\FRST64
Loaded Profiles: TingTing
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
 
========= DISM /Online /Cleanup-Image /RestoreHealth =========
 
 
Deployment Image Servicing and Management tool
Version: 6.3.9600.19408
 
Image Version: 6.3.9600.19397
 
The restore operation completed successfully. The component store corruption was repaired.
The operation completed successfully.
 
========= End of CMD: =========
 
 
========= SFC /scannow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
Verification 0% complete.Verification 0% complete.Verification 0% complete.Verification 1% complete.Verification 1% complete.Verification 1% complete.Verification 2% complete.Verification 2% complete.Verification 2% complete.Verification 3% complete.Verification 3% complete.Verification 3% complete.Verification 4% complete.Verification 4% complete.Verification 4% complete.Verification 5% complete.Verification 5% complete.Verification 5% complete.Verification 6% complete.Verification 6% complete.Verification 6% complete.Verification 7% complete.Verification 7% complete.Verification 7% complete.Verification 8% complete.Verification 8% complete.Verification 8% complete.Verification 9% complete.Verification 9% complete.Verification 9% complete.Verification 10% complete.Verification 10% complete.Verification 10% complete.Verification 11% complete.Verification 11% complete.Verification 11% complete.Verification 11% complete.Verification 12% complete.Verification 12% complete.Verification 12% complete.Verification 13% complete.Verification 13% complete.Verification 13% complete.Verification 14% complete.Verification 14% complete.Verification 14% complete.Verification 15% complete.Verification 15% complete.Verification 15% complete.Verification 16% complete.Verification 16% complete.Verification 16% complete.Verification 17% complete.Verification 17% complete.Verification 17% complete.Verification 18% complete.Verification 18% complete.Verification 18% complete.Verification 19% complete.Verification 19% complete.Verification 19% complete.Verification 20% complete.Verification 20% complete.Verification 20% complete.Verification 21% complete.Verification 21% complete.Verification 21% complete.Verification 22% complete.Verification 22% complete.Verification 22% complete.Verification 22% complete.Verification 23% complete.Verification 23% complete.Verification 23% complete.Verification 24% complete.Verification 24% complete.Verification 24% complete.Verification 25% complete.Verification 25% complete.Verification 25% complete.Verification 26% complete.Verification 26% complete.Verification 26% complete.Verification 27% complete.Verification 27% complete.Verification 27% complete.Verification 28% complete.Verification 28% complete.Verification 28% complete.Verification 29% complete.Verification 29% complete.Verification 29% complete.Verification 30% complete.Verification 30% complete.Verification 30% complete.Verification 31% complete.Verification 31% complete.Verification 31% complete.Verification 32% complete.Verification 32% complete.Verification 32% complete.Verification 33% complete.Verification 33% complete.Verification 33% complete.Verification 33% complete.Verification 34% complete.Verification 34% complete.Verification 34% complete.Verification 35% complete.Verification 35% complete.Verification 35% complete.Verification 36% complete.Verification 36% complete.Verification 36% complete.Verification 37% complete.Verification 37% complete.Verification 37% complete.Verification 38% complete.Verification 38% complete.Verification 38% complete.Verification 39% complete.Verification 39% complete.Verification 39% complete.Verification 40% complete.Verification 40% complete.Verification 40% complete.Verification 41% complete.Verification 41% complete.Verification 41% complete.Verification 42% complete.Verification 42% complete.Verification 42% complete.Verification 43% complete.Verification 43% complete.Verification 43% complete.Verification 44% complete.Verification 44% complete.Verification 44% complete.Verification 44% complete.Verification 45% complete.Verification 45% complete.Verification 45% complete.Verification 46% complete.Verification 46% complete.Verification 46% complete.Verification 47% complete.Verification 47% complete.Verification 47% complete.Verification 48% complete.Verification 48% complete.Verification 48% complete.Verification 49% complete.Verification 49% complete.Verification 49% complete.Verification 50% complete.Verification 50% complete.Verification 50% complete.Verification 51% complete.Verification 51% complete.Verification 51% complete.Verification 52% complete.Verification 52% complete.Verification 52% complete.Verification 53% complete.Verification 53% complete.Verification 53% complete.Verification 54% complete.Verification 54% complete.Verification 54% complete.Verification 55% complete.Verification 55% complete.Verification 55% complete.Verification 55% complete.Verification 56% complete.Verification 56% complete.Verification 56% complete.Verification 57% complete.Verification 57% complete.Verification 57% complete.Verification 58% complete.Verification 58% complete.Verification 58% complete.Verification 59% complete.Verification 59% complete.Verification 59% complete.Verification 60% complete.Verification 60% complete.Verification 60% complete.Verification 61% complete.Verification 61% complete.Verification 61% complete.Verification 62% complete.Verification 62% complete.Verification 62% complete.Verification 63% complete.Verification 63% complete.Verification 63% complete.Verification 64% complete.Verification 64% complete.Verification 64% complete.Verification 65% complete.Verification 65% complete.Verification 65% complete.Verification 66% complete.Verification 66% complete.Verification 66% complete.Verification 66% complete.Verification 67% complete.Verification 67% complete.Verification 67% complete.Verification 68% complete.Verification 68% complete.Verification 68% complete.Verification 69% complete.Verification 69% complete.Verification 69% complete.Verification 70% complete.Verification 70% complete.Verification 70% complete.Verification 71% complete.Verification 71% complete.Verification 71% complete.Verification 72% complete.Verification 72% complete.Verification 72% complete.Verification 73% complete.Verification 73% complete.Verification 73% complete.Verification 74% complete.Verification 74% complete.Verification 74% complete.Verification 75% complete.Verification 75% complete.Verification 75% complete.Verification 76% complete.Verification 76% complete.Verification 76% complete.Verification 77% complete.Verification 77% complete.Verification 77% complete.Verification 77% complete.Verification 78% complete.Verification 78% complete.Verification 78% complete.Verification 79% complete.Verification 79% complete.Verification 79% complete.Verification 80% complete.Verification 80% complete.Verification 80% complete.Verification 81% complete.Verification 81% complete.Verification 81% complete.Verification 82% complete.Verification 82% complete.Verification 82% complete.Verification 83% complete.Verification 83% complete.Verification 83% complete.Verification 84% complete.Verification 84% complete.Verification 84% complete.Verification 85% complete.Verification 85% complete.Verification 85% complete.Verification 86% complete.Verification 86% complete.Verification 86% complete.Verification 87% complete.Verification 87% complete.Verification 87% complete.Verification 88% complete.Verification 88% complete.Verification 88% complete.Verification 88% complete.Verification 89% complete.Verification 89% complete.Verification 89% complete.Verification 90% complete.Verification 90% complete.Verification 90% complete.Verification 91% complete.Verification 91% complete.Verification 91% complete.Verification 92% complete.Verification 92% complete.Verification 92% complete.Verification 93% complete.Verification 93% complete.Verification 93% complete.Verification 94% complete.Verification 94% complete.Verification 94% complete.Verification 95% complete.Verification 95% complete.Verification 95% complete.Verification 96% complete.Verification 96% complete.Verification 96% complete.Verification 97% complete.Verification 97% complete.Verification 97% complete.Verification 98% complete.Verification 98% complete.Verification 98% complete.Verification 99% complete.Verification 99% complete.Verification 99% complete.Verification 99% complete.Verification 100% complete.
 
 
Windows Resource Protection did not find any integrity violations.
 
 
========= End of CMD: =========
 
 
========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========
 
2020-06-24 18:13:42, Info                  CSI    00000012 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:42, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:43, Info                  CSI    00000014 [SR] Verify complete
2020-06-24 18:13:43, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:43, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:45, Info                  CSI    00000017 [SR] Verify complete
2020-06-24 18:13:45, Info                  CSI    00000018 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:45, Info                  CSI    00000019 [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:46, Info                  CSI    0000001a [SR] Verify complete
2020-06-24 18:13:46, Info                  CSI    0000001b [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:46, Info                  CSI    0000001c [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:48, Info                  CSI    0000001d [SR] Verify complete
2020-06-24 18:13:48, Info                  CSI    0000001e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:48, Info                  CSI    0000001f [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:49, Info                  CSI    00000020 [SR] Verify complete
2020-06-24 18:13:49, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:49, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:50, Info                  CSI    00000023 [SR] Verify complete
2020-06-24 18:13:51, Info                  CSI    00000024 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:51, Info                  CSI    00000025 [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:52, Info                  CSI    00000026 [SR] Verify complete
2020-06-24 18:13:52, Info                  CSI    00000027 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:52, Info                  CSI    00000028 [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:53, Info                  CSI    00000029 [SR] Verify complete
2020-06-24 18:13:53, Info                  CSI    0000002a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:53, Info                  CSI    0000002b [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:55, Info                  CSI    0000002c [SR] Verify complete
2020-06-24 18:13:55, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:55, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:56, Info                  CSI    0000002f [SR] Verify complete
2020-06-24 18:13:56, Info                  CSI    00000030 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:56, Info                  CSI    00000031 [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:58, Info                  CSI    00000032 [SR] Verify complete
2020-06-24 18:13:58, Info                  CSI    00000033 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:58, Info                  CSI    00000034 [SR] Beginning Verify and Repair transaction
2020-06-24 18:13:59, Info                  CSI    00000035 [SR] Verify complete
2020-06-24 18:13:59, Info                  CSI    00000036 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:13:59, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:01, Info                  CSI    00000038 [SR] Verify complete
2020-06-24 18:14:01, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:01, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:02, Info                  CSI    0000003b [SR] Verify complete
2020-06-24 18:14:02, Info                  CSI    0000003c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:02, Info                  CSI    0000003d [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:03, Info                  CSI    0000003e [SR] Verify complete
2020-06-24 18:14:03, Info                  CSI    0000003f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:03, Info                  CSI    00000040 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:05, Info                  CSI    00000041 [SR] Verify complete
2020-06-24 18:14:05, Info                  CSI    00000042 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:05, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:06, Info                  CSI    00000044 [SR] Verify complete
2020-06-24 18:14:06, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:06, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:08, Info                  CSI    00000047 [SR] Verify complete
2020-06-24 18:14:08, Info                  CSI    00000048 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:08, Info                  CSI    00000049 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:09, Info                  CSI    0000004a [SR] Verify complete
2020-06-24 18:14:09, Info                  CSI    0000004b [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:09, Info                  CSI    0000004c [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:10, Info                  CSI    0000004d [SR] Verify complete
2020-06-24 18:14:10, Info                  CSI    0000004e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:10, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:12, Info                  CSI    00000050 [SR] Verify complete
2020-06-24 18:14:12, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:12, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:13, Info                  CSI    00000053 [SR] Verify complete
2020-06-24 18:14:13, Info                  CSI    00000054 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:13, Info                  CSI    00000055 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:15, Info                  CSI    00000056 [SR] Verify complete
2020-06-24 18:14:15, Info                  CSI    00000057 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:15, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:16, Info                  CSI    00000059 [SR] Verify complete
2020-06-24 18:14:16, Info                  CSI    0000005a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:16, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:17, Info                  CSI    0000005c [SR] Verify complete
2020-06-24 18:14:18, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:18, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:19, Info                  CSI    0000005f [SR] Verify complete
2020-06-24 18:14:19, Info                  CSI    00000060 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:19, Info                  CSI    00000061 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:20, Info                  CSI    00000062 [SR] Verify complete
2020-06-24 18:14:20, Info                  CSI    00000063 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:20, Info                  CSI    00000064 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:22, Info                  CSI    00000065 [SR] Verify complete
2020-06-24 18:14:22, Info                  CSI    00000066 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:22, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:23, Info                  CSI    00000068 [SR] Verify complete
2020-06-24 18:14:23, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:23, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:24, Info                  CSI    0000006b [SR] Verify complete
2020-06-24 18:14:25, Info                  CSI    0000006c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:25, Info                  CSI    0000006d [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:26, Info                  CSI    0000006e [SR] Verify complete
2020-06-24 18:14:26, Info                  CSI    0000006f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:26, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:27, Info                  CSI    00000071 [SR] Verify complete
2020-06-24 18:14:27, Info                  CSI    00000072 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:27, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:29, Info                  CSI    00000074 [SR] Verify complete
2020-06-24 18:14:29, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:29, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:30, Info                  CSI    00000077 [SR] Verify complete
2020-06-24 18:14:30, Info                  CSI    00000078 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:30, Info                  CSI    00000079 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:31, Info                  CSI    0000007a [SR] Verify complete
2020-06-24 18:14:32, Info                  CSI    0000007b [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:32, Info                  CSI    0000007c [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:33, Info                  CSI    0000007d [SR] Verify complete
2020-06-24 18:14:33, Info                  CSI    0000007e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:33, Info                  CSI    0000007f [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:34, Info                  CSI    00000080 [SR] Verify complete
2020-06-24 18:14:34, Info                  CSI    00000081 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:34, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:36, Info                  CSI    00000083 [SR] Verify complete
2020-06-24 18:14:36, Info                  CSI    00000084 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:36, Info                  CSI    00000085 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:37, Info                  CSI    00000086 [SR] Verify complete
2020-06-24 18:14:37, Info                  CSI    00000087 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:37, Info                  CSI    00000088 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:39, Info                  CSI    00000089 [SR] Verify complete
2020-06-24 18:14:39, Info                  CSI    0000008a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:39, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:40, Info                  CSI    0000008c [SR] Verify complete
2020-06-24 18:14:40, Info                  CSI    0000008d [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:40, Info                  CSI    0000008e [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:42, Info                  CSI    0000008f [SR] Verify complete
2020-06-24 18:14:42, Info                  CSI    00000090 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:42, Info                  CSI    00000091 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:43, Info                  CSI    00000092 [SR] Verify complete
2020-06-24 18:14:43, Info                  CSI    00000093 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:43, Info                  CSI    00000094 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:45, Info                  CSI    00000095 [SR] Verify complete
2020-06-24 18:14:45, Info                  CSI    00000096 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:45, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:46, Info                  CSI    00000098 [SR] Verify complete
2020-06-24 18:14:46, Info                  CSI    00000099 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:46, Info                  CSI    0000009a [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:48, Info                  CSI    0000009b [SR] Verify complete
2020-06-24 18:14:48, Info                  CSI    0000009c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:48, Info                  CSI    0000009d [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:49, Info                  CSI    0000009e [SR] Verify complete
2020-06-24 18:14:49, Info                  CSI    0000009f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:49, Info                  CSI    000000a0 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:50, Info                  CSI    000000a1 [SR] Verify complete
2020-06-24 18:14:50, Info                  CSI    000000a2 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:50, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:52, Info                  CSI    000000a4 [SR] Verify complete
2020-06-24 18:14:52, Info                  CSI    000000a5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:52, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:53, Info                  CSI    000000a7 [SR] Verify complete
2020-06-24 18:14:53, Info                  CSI    000000a8 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:53, Info                  CSI    000000a9 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:55, Info                  CSI    000000aa [SR] Verify complete
2020-06-24 18:14:55, Info                  CSI    000000ab [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:55, Info                  CSI    000000ac [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:56, Info                  CSI    000000ad [SR] Verify complete
2020-06-24 18:14:56, Info                  CSI    000000ae [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:56, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:57, Info                  CSI    000000b0 [SR] Verify complete
2020-06-24 18:14:58, Info                  CSI    000000b1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:58, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2020-06-24 18:14:59, Info                  CSI    000000b3 [SR] Verify complete
2020-06-24 18:14:59, Info                  CSI    000000b4 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:14:59, Info                  CSI    000000b5 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:00, Info                  CSI    000000b6 [SR] Verify complete
2020-06-24 18:15:00, Info                  CSI    000000b7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:00, Info                  CSI    000000b8 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:02, Info                  CSI    000000b9 [SR] Verify complete
2020-06-24 18:15:02, Info                  CSI    000000ba [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:02, Info                  CSI    000000bb [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:03, Info                  CSI    000000bc [SR] Verify complete
2020-06-24 18:15:03, Info                  CSI    000000bd [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:03, Info                  CSI    000000be [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:05, Info                  CSI    000000bf [SR] Verify complete
2020-06-24 18:15:05, Info                  CSI    000000c0 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:05, Info                  CSI    000000c1 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:06, Info                  CSI    000000c2 [SR] Verify complete
2020-06-24 18:15:06, Info                  CSI    000000c3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:06, Info                  CSI    000000c4 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:07, Info                  CSI    000000c5 [SR] Verify complete
2020-06-24 18:15:07, Info                  CSI    000000c6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:07, Info                  CSI    000000c7 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:09, Info                  CSI    000000c8 [SR] Verify complete
2020-06-24 18:15:09, Info                  CSI    000000c9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:09, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:10, Info                  CSI    000000cb [SR] Verify complete
2020-06-24 18:15:10, Info                  CSI    000000cc [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:10, Info                  CSI    000000cd [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:11, Info                  CSI    000000ce [SR] Verify complete
2020-06-24 18:15:12, Info                  CSI    000000cf [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:12, Info                  CSI    000000d0 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:13, Info                  CSI    000000d1 [SR] Verify complete
2020-06-24 18:15:13, Info                  CSI    000000d2 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:13, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:14, Info                  CSI    000000d4 [SR] Verify complete
2020-06-24 18:15:14, Info                  CSI    000000d5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:14, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:16, Info                  CSI    000000d7 [SR] Verify complete
2020-06-24 18:15:16, Info                  CSI    000000d8 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:16, Info                  CSI    000000d9 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:17, Info                  CSI    000000da [SR] Verify complete
2020-06-24 18:15:17, Info                  CSI    000000db [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:17, Info                  CSI    000000dc [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:18, Info                  CSI    000000dd [SR] Verify complete
2020-06-24 18:15:18, Info                  CSI    000000de [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:18, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:20, Info                  CSI    000000e0 [SR] Verify complete
2020-06-24 18:15:20, Info                  CSI    000000e1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:20, Info                  CSI    000000e2 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:21, Info                  CSI    000000e3 [SR] Verify complete
2020-06-24 18:15:21, Info                  CSI    000000e4 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:21, Info                  CSI    000000e5 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:22, Info                  CSI    000000e6 [SR] Verify complete
2020-06-24 18:15:22, Info                  CSI    000000e7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:22, Info                  CSI    000000e8 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:24, Info                  CSI    000000e9 [SR] Verify complete
2020-06-24 18:15:24, Info                  CSI    000000ea [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:24, Info                  CSI    000000eb [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:25, Info                  CSI    000000ec [SR] Verify complete
2020-06-24 18:15:25, Info                  CSI    000000ed [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:25, Info                  CSI    000000ee [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:26, Info                  CSI    000000ef [SR] Verify complete
2020-06-24 18:15:27, Info                  CSI    000000f0 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:27, Info                  CSI    000000f1 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:28, Info                  CSI    000000f2 [SR] Verify complete
2020-06-24 18:15:28, Info                  CSI    000000f3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:28, Info                  CSI    000000f4 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:29, Info                  CSI    000000f5 [SR] Verify complete
2020-06-24 18:15:29, Info                  CSI    000000f6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:29, Info                  CSI    000000f7 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:31, Info                  CSI    000000f8 [SR] Verify complete
2020-06-24 18:15:31, Info                  CSI    000000f9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:31, Info                  CSI    000000fa [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:32, Info                  CSI    000000fb [SR] Verify complete
2020-06-24 18:15:32, Info                  CSI    000000fc [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:32, Info                  CSI    000000fd [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:34, Info                  CSI    000000fe [SR] Verify complete
2020-06-24 18:15:34, Info                  CSI    000000ff [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:34, Info                  CSI    00000100 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:35, Info                  CSI    00000101 [SR] Verify complete
2020-06-24 18:15:35, Info                  CSI    00000102 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:35, Info                  CSI    00000103 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:37, Info                  CSI    00000104 [SR] Verify complete
2020-06-24 18:15:37, Info                  CSI    00000105 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:37, Info                  CSI    00000106 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:38, Info                  CSI    00000107 [SR] Verify complete
2020-06-24 18:15:38, Info                  CSI    00000108 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:38, Info                  CSI    00000109 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:39, Info                  CSI    0000010a [SR] Verify complete
2020-06-24 18:15:40, Info                  CSI    0000010b [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:40, Info                  CSI    0000010c [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:41, Info                  CSI    0000010d [SR] Verify complete
2020-06-24 18:15:41, Info                  CSI    0000010e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:41, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:42, Info                  CSI    00000110 [SR] Verify complete
2020-06-24 18:15:42, Info                  CSI    00000111 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:42, Info                  CSI    00000112 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:44, Info                  CSI    00000113 [SR] Verify complete
2020-06-24 18:15:44, Info                  CSI    00000114 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:44, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:45, Info                  CSI    00000116 [SR] Verify complete
2020-06-24 18:15:45, Info                  CSI    00000117 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:45, Info                  CSI    00000118 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:46, Info                  CSI    00000119 [SR] Verify complete
2020-06-24 18:15:46, Info                  CSI    0000011a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:46, Info                  CSI    0000011b [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:48, Info                  CSI    0000011c [SR] Verify complete
2020-06-24 18:15:48, Info                  CSI    0000011d [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:48, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:49, Info                  CSI    0000011f [SR] Verify complete
2020-06-24 18:15:49, Info                  CSI    00000120 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:49, Info                  CSI    00000121 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:51, Info                  CSI    00000122 [SR] Verify complete
2020-06-24 18:15:51, Info                  CSI    00000123 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:51, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:52, Info                  CSI    00000125 [SR] Verify complete
2020-06-24 18:15:52, Info                  CSI    00000126 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:52, Info                  CSI    00000127 [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:54, Info                  CSI    00000128 [SR] Verify complete
2020-06-24 18:15:54, Info                  CSI    00000129 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:54, Info                  CSI    0000012a [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:56, Info                  CSI    0000012b [SR] Verify complete
2020-06-24 18:15:56, Info                  CSI    0000012c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:56, Info                  CSI    0000012d [SR] Beginning Verify and Repair transaction
2020-06-24 18:15:58, Info                  CSI    0000012e [SR] Verify complete
2020-06-24 18:15:58, Info                  CSI    0000012f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:15:58, Info                  CSI    00000130 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:00, Info                  CSI    00000131 [SR] Verify complete
2020-06-24 18:16:00, Info                  CSI    00000132 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:00, Info                  CSI    00000133 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:02, Info                  CSI    00000134 [SR] Verify complete
2020-06-24 18:16:02, Info                  CSI    00000135 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:02, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:04, Info                  CSI    00000137 [SR] Verify complete
2020-06-24 18:16:04, Info                  CSI    00000138 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:04, Info                  CSI    00000139 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:06, Info                  CSI    0000013a [SR] Verify complete
2020-06-24 18:16:07, Info                  CSI    0000013b [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:07, Info                  CSI    0000013c [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:08, Info                  CSI    0000013d [SR] Verify complete
2020-06-24 18:16:09, Info                  CSI    0000013e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:09, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:11, Info                  CSI    00000140 [SR] Verify complete
2020-06-24 18:16:11, Info                  CSI    00000141 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:11, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:13, Info                  CSI    00000143 [SR] Verify complete
2020-06-24 18:16:13, Info                  CSI    00000144 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:13, Info                  CSI    00000145 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:15, Info                  CSI    00000146 [SR] Verify complete
2020-06-24 18:16:15, Info                  CSI    00000147 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:15, Info                  CSI    00000148 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:17, Info                  CSI    00000149 [SR] Verify complete
2020-06-24 18:16:17, Info                  CSI    0000014a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:17, Info                  CSI    0000014b [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:19, Info                  CSI    0000014c [SR] Verify complete
2020-06-24 18:16:19, Info                  CSI    0000014d [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:19, Info                  CSI    0000014e [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:21, Info                  CSI    0000014f [SR] Verify complete
2020-06-24 18:16:21, Info                  CSI    00000150 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:21, Info                  CSI    00000151 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:23, Info                  CSI    00000152 [SR] Verify complete
2020-06-24 18:16:23, Info                  CSI    00000153 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:23, Info                  CSI    00000154 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:25, Info                  CSI    00000156 [SR] Verify complete
2020-06-24 18:16:26, Info                  CSI    00000157 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:26, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:28, Info                  CSI    00000159 [SR] Verify complete
2020-06-24 18:16:28, Info                  CSI    0000015a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:28, Info                  CSI    0000015b [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:30, Info                  CSI    0000015c [SR] Verify complete
2020-06-24 18:16:30, Info                  CSI    0000015d [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:30, Info                  CSI    0000015e [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:32, Info                  CSI    0000015f [SR] Verify complete
2020-06-24 18:16:32, Info                  CSI    00000160 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:32, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:34, Info                  CSI    00000162 [SR] Verify complete
2020-06-24 18:16:34, Info                  CSI    00000163 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:34, Info                  CSI    00000164 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:36, Info                  CSI    00000165 [SR] Verify complete
2020-06-24 18:16:36, Info                  CSI    00000166 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:36, Info                  CSI    00000167 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:39, Info                  CSI    00000168 [SR] Verify complete
2020-06-24 18:16:39, Info                  CSI    00000169 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:39, Info                  CSI    0000016a [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:41, Info                  CSI    0000016b [SR] Verify complete
2020-06-24 18:16:41, Info                  CSI    0000016c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:41, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:43, Info                  CSI    0000016e [SR] Verify complete
2020-06-24 18:16:43, Info                  CSI    0000016f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:43, Info                  CSI    00000170 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:45, Info                  CSI    00000171 [SR] Verify complete
2020-06-24 18:16:45, Info                  CSI    00000172 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:45, Info                  CSI    00000173 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:47, Info                  CSI    00000174 [SR] Verify complete
2020-06-24 18:16:47, Info                  CSI    00000175 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:47, Info                  CSI    00000176 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:48, Info                  CSI    00000177 [SR] Verify complete
2020-06-24 18:16:48, Info                  CSI    00000178 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:48, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:49, Info                  CSI    0000017a [SR] Verify complete
2020-06-24 18:16:49, Info                  CSI    0000017b [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:49, Info                  CSI    0000017c [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:51, Info                  CSI    0000017d [SR] Verify complete
2020-06-24 18:16:51, Info                  CSI    0000017e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:51, Info                  CSI    0000017f [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:52, Info                  CSI    00000180 [SR] Verify complete
2020-06-24 18:16:52, Info                  CSI    00000181 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:52, Info                  CSI    00000182 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:53, Info                  CSI    00000183 [SR] Verify complete
2020-06-24 18:16:54, Info                  CSI    00000184 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:54, Info                  CSI    00000185 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:55, Info                  CSI    00000186 [SR] Verify complete
2020-06-24 18:16:55, Info                  CSI    00000187 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:55, Info                  CSI    00000188 [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:56, Info                  CSI    00000189 [SR] Verify complete
2020-06-24 18:16:56, Info                  CSI    0000018a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:56, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:58, Info                  CSI    0000018c [SR] Verify complete
2020-06-24 18:16:58, Info                  CSI    0000018d [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:58, Info                  CSI    0000018e [SR] Beginning Verify and Repair transaction
2020-06-24 18:16:59, Info                  CSI    0000018f [SR] Verify complete
2020-06-24 18:16:59, Info                  CSI    00000190 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:16:59, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:00, Info                  CSI    00000192 [SR] Verify complete
2020-06-24 18:17:00, Info                  CSI    00000193 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:00, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:02, Info                  CSI    00000195 [SR] Verify complete
2020-06-24 18:17:02, Info                  CSI    00000196 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:02, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:03, Info                  CSI    00000198 [SR] Verify complete
2020-06-24 18:17:03, Info                  CSI    00000199 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:03, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:05, Info                  CSI    0000019b [SR] Verify complete
2020-06-24 18:17:05, Info                  CSI    0000019c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:05, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:06, Info                  CSI    0000019e [SR] Verify complete
2020-06-24 18:17:06, Info                  CSI    0000019f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:06, Info                  CSI    000001a0 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:07, Info                  CSI    000001a1 [SR] Verify complete
2020-06-24 18:17:07, Info                  CSI    000001a2 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:07, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:09, Info                  CSI    000001a4 [SR] Verify complete
2020-06-24 18:17:09, Info                  CSI    000001a5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:09, Info                  CSI    000001a6 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:10, Info                  CSI    000001a7 [SR] Verify complete
2020-06-24 18:17:10, Info                  CSI    000001a8 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:10, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:11, Info                  CSI    000001aa [SR] Verify complete
2020-06-24 18:17:11, Info                  CSI    000001ab [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:11, Info                  CSI    000001ac [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:13, Info                  CSI    000001ad [SR] Verify complete
2020-06-24 18:17:13, Info                  CSI    000001ae [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:13, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:14, Info                  CSI    000001b0 [SR] Verify complete
2020-06-24 18:17:14, Info                  CSI    000001b1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:14, Info                  CSI    000001b2 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:15, Info                  CSI    000001b3 [SR] Verify complete
2020-06-24 18:17:16, Info                  CSI    000001b4 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:16, Info                  CSI    000001b5 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:17, Info                  CSI    000001b6 [SR] Verify complete
2020-06-24 18:17:17, Info                  CSI    000001b7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:17, Info                  CSI    000001b8 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:18, Info                  CSI    000001b9 [SR] Verify complete
2020-06-24 18:17:18, Info                  CSI    000001ba [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:18, Info                  CSI    000001bb [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:20, Info                  CSI    000001bc [SR] Verify complete
2020-06-24 18:17:20, Info                  CSI    000001bd [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:20, Info                  CSI    000001be [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:21, Info                  CSI    000001bf [SR] Verify complete
2020-06-24 18:17:21, Info                  CSI    000001c0 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:21, Info                  CSI    000001c1 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:22, Info                  CSI    000001c2 [SR] Verify complete
2020-06-24 18:17:22, Info                  CSI    000001c3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:22, Info                  CSI    000001c4 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:24, Info                  CSI    000001c5 [SR] Verify complete
2020-06-24 18:17:24, Info                  CSI    000001c6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:24, Info                  CSI    000001c7 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:25, Info                  CSI    000001c8 [SR] Verify complete
2020-06-24 18:17:25, Info                  CSI    000001c9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:25, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:26, Info                  CSI    000001cb [SR] Verify complete
2020-06-24 18:17:27, Info                  CSI    000001cc [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:27, Info                  CSI    000001cd [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:28, Info                  CSI    000001ce [SR] Verify complete
2020-06-24 18:17:28, Info                  CSI    000001cf [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:28, Info                  CSI    000001d0 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:29, Info                  CSI    000001d1 [SR] Verify complete
2020-06-24 18:17:29, Info                  CSI    000001d2 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:29, Info                  CSI    000001d3 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:31, Info                  CSI    000001d4 [SR] Verify complete
2020-06-24 18:17:31, Info                  CSI    000001d5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:31, Info                  CSI    000001d6 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:32, Info                  CSI    000001d7 [SR] Verify complete
2020-06-24 18:17:32, Info                  CSI    000001d8 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:32, Info                  CSI    000001d9 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:33, Info                  CSI    000001da [SR] Verify complete
2020-06-24 18:17:33, Info                  CSI    000001db [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:33, Info                  CSI    000001dc [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:35, Info                  CSI    000001dd [SR] Verify complete
2020-06-24 18:17:35, Info                  CSI    000001de [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:35, Info                  CSI    000001df [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:37, Info                  CSI    000001e0 [SR] Verify complete
2020-06-24 18:17:37, Info                  CSI    000001e1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:37, Info                  CSI    000001e2 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:39, Info                  CSI    000001e3 [SR] Verify complete
2020-06-24 18:17:39, Info                  CSI    000001e4 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:39, Info                  CSI    000001e5 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:41, Info                  CSI    000001e6 [SR] Verify complete
2020-06-24 18:17:41, Info                  CSI    000001e7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:41, Info                  CSI    000001e8 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:43, Info                  CSI    000001e9 [SR] Verify complete
2020-06-24 18:17:43, Info                  CSI    000001ea [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:43, Info                  CSI    000001eb [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:45, Info                  CSI    000001ec [SR] Verify complete
2020-06-24 18:17:45, Info                  CSI    000001ed [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:45, Info                  CSI    000001ee [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:47, Info                  CSI    000001ef [SR] Verify complete
2020-06-24 18:17:47, Info                  CSI    000001f0 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:47, Info                  CSI    000001f1 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:49, Info                  CSI    000001f2 [SR] Verify complete
2020-06-24 18:17:49, Info                  CSI    000001f3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:49, Info                  CSI    000001f4 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:51, Info                  CSI    000001f5 [SR] Verify complete
2020-06-24 18:17:51, Info                  CSI    000001f6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:51, Info                  CSI    000001f7 [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:53, Info                  CSI    000001f8 [SR] Verify complete
2020-06-24 18:17:53, Info                  CSI    000001f9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:53, Info                  CSI    000001fa [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:56, Info                  CSI    000001fb [SR] Verify complete
2020-06-24 18:17:56, Info                  CSI    000001fc [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:56, Info                  CSI    000001fd [SR] Beginning Verify and Repair transaction
2020-06-24 18:17:59, Info                  CSI    000001fe [SR] Verify complete
2020-06-24 18:17:59, Info                  CSI    000001ff [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:17:59, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:01, Info                  CSI    00000201 [SR] Verify complete
2020-06-24 18:18:01, Info                  CSI    00000202 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:01, Info                  CSI    00000203 [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:04, Info                  CSI    00000204 [SR] Verify complete
2020-06-24 18:18:04, Info                  CSI    00000205 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:04, Info                  CSI    00000206 [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:08, Info                  CSI    00000220 [SR] Verify complete
2020-06-24 18:18:08, Info                  CSI    00000221 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:08, Info                  CSI    00000222 [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:13, Info                  CSI    00000229 [SR] Verify complete
2020-06-24 18:18:13, Info                  CSI    0000022a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:13, Info                  CSI    0000022b [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:17, Info                  CSI    0000022e [SR] Verify complete
2020-06-24 18:18:17, Info                  CSI    0000022f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:17, Info                  CSI    00000230 [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:20, Info                  CSI    0000023b [SR] Verify complete
2020-06-24 18:18:20, Info                  CSI    0000023c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:20, Info                  CSI    0000023d [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:24, Info                  CSI    00000241 [SR] Verify complete
2020-06-24 18:18:24, Info                  CSI    00000242 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:24, Info                  CSI    00000243 [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:26, Info                  CSI    00000244 [SR] Verify complete
2020-06-24 18:18:26, Info                  CSI    00000245 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:26, Info                  CSI    00000246 [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:31, Info                  CSI    00000258 [SR] Verify complete
2020-06-24 18:18:31, Info                  CSI    00000259 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:31, Info                  CSI    0000025a [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:36, Info                  CSI    0000026b [SR] Verify complete
2020-06-24 18:18:36, Info                  CSI    0000026c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:36, Info                  CSI    0000026d [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:41, Info                  CSI    00000293 [SR] Verify complete
2020-06-24 18:18:41, Info                  CSI    00000294 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:41, Info                  CSI    00000295 [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:44, Info                  CSI    0000029d [SR] Verify complete
2020-06-24 18:18:44, Info                  CSI    0000029e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:44, Info                  CSI    0000029f [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:49, Info                  CSI    000002af [SR] Verify complete
2020-06-24 18:18:49, Info                  CSI    000002b0 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:49, Info                  CSI    000002b1 [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:52, Info                  CSI    000002c2 [SR] Verify complete
2020-06-24 18:18:52, Info                  CSI    000002c3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:52, Info                  CSI    000002c4 [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:55, Info                  CSI    000002ca [SR] Verify complete
2020-06-24 18:18:55, Info                  CSI    000002cb [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:55, Info                  CSI    000002cc [SR] Beginning Verify and Repair transaction
2020-06-24 18:18:58, Info                  CSI    000002cd [SR] Verify complete
2020-06-24 18:18:58, Info                  CSI    000002ce [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:18:58, Info                  CSI    000002cf [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:01, Info                  CSI    000002d5 [SR] Verify complete
2020-06-24 18:19:01, Info                  CSI    000002d6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:01, Info                  CSI    000002d7 [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:06, Info                  CSI    000002f4 [SR] Verify complete
2020-06-24 18:19:06, Info                  CSI    000002f5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:06, Info                  CSI    000002f6 [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:12, Info                  CSI    00000329 [SR] Verify complete
2020-06-24 18:19:12, Info                  CSI    0000032a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:12, Info                  CSI    0000032b [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:21, Info                  CSI    0000034b [SR] Verify complete
2020-06-24 18:19:21, Info                  CSI    0000034c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:21, Info                  CSI    0000034d [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:28, Info                  CSI    00000353 [SR] Verify complete
2020-06-24 18:19:28, Info                  CSI    00000354 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:28, Info                  CSI    00000355 [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:31, Info                  CSI    00000360 [SR] Verify complete
2020-06-24 18:19:31, Info                  CSI    00000361 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:31, Info                  CSI    00000362 [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:36, Info                  CSI    0000037b [SR] Verify complete
2020-06-24 18:19:36, Info                  CSI    0000037c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:36, Info                  CSI    0000037d [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:38, Info                  CSI    00000382 [SR] Verify complete
2020-06-24 18:19:38, Info                  CSI    00000383 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:38, Info                  CSI    00000384 [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:41, Info                  CSI    00000385 [SR] Verify complete
2020-06-24 18:19:41, Info                  CSI    00000386 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:41, Info                  CSI    00000387 [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:44, Info                  CSI    00000393 [SR] Verify complete
2020-06-24 18:19:45, Info                  CSI    00000394 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:45, Info                  CSI    00000395 [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:47, Info                  CSI    00000396 [SR] Verify complete
2020-06-24 18:19:47, Info                  CSI    00000397 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:47, Info                  CSI    00000398 [SR] Beginning Verify and Repair transaction
2020-06-24 18:19:52, Info                  CSI    0000040f [SR] Verify complete
2020-06-24 18:19:52, Info                  CSI    00000410 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:19:52, Info                  CSI    00000411 [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:00, Info                  CSI    00000418 [SR] Verify complete
2020-06-24 18:20:00, Info                  CSI    00000419 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:00, Info                  CSI    0000041a [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:04, Info                  CSI    00000429 [SR] Verify complete
2020-06-24 18:20:04, Info                  CSI    0000042a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:04, Info                  CSI    0000042b [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:11, Info                  CSI    00000445 [SR] Verify complete
2020-06-24 18:20:11, Info                  CSI    00000446 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:11, Info                  CSI    00000447 [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:17, Info                  CSI    0000044d [SR] Verify complete
2020-06-24 18:20:17, Info                  CSI    0000044e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:17, Info                  CSI    0000044f [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:22, Info                  CSI    00000458 [SR] Verify complete
2020-06-24 18:20:22, Info                  CSI    00000459 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:22, Info                  CSI    0000045a [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:25, Info                  CSI    0000045e [SR] Verify complete
2020-06-24 18:20:25, Info                  CSI    0000045f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:25, Info                  CSI    00000460 [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:34, Info                  CSI    00000480 [SR] Verify complete
2020-06-24 18:20:34, Info                  CSI    00000481 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:34, Info                  CSI    00000482 [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:37, Info                  CSI    00000487 [SR] Verify complete
2020-06-24 18:20:37, Info                  CSI    00000488 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:37, Info                  CSI    00000489 [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:39, Info                  CSI    0000048f [SR] Verify complete
2020-06-24 18:20:39, Info                  CSI    00000490 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:39, Info                  CSI    00000491 [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:46, Info                  CSI    0000049b [SR] Verify complete
2020-06-24 18:20:46, Info                  CSI    0000049c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:46, Info                  CSI    0000049d [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:49, Info                  CSI    000004cc [SR] Verify complete
2020-06-24 18:20:49, Info                  CSI    000004cd [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:49, Info                  CSI    000004ce [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:51, Info                  CSI    000004cf [SR] Verify complete
2020-06-24 18:20:52, Info                  CSI    000004d0 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:52, Info                  CSI    000004d1 [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:54, Info                  CSI    000004de [SR] Verify complete
2020-06-24 18:20:54, Info                  CSI    000004df [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:54, Info                  CSI    000004e0 [SR] Beginning Verify and Repair transaction
2020-06-24 18:20:57, Info                  CSI    000004f1 [SR] Verify complete
2020-06-24 18:20:57, Info                  CSI    000004f2 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:20:57, Info                  CSI    000004f3 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:00, Info                  CSI    00000501 [SR] Verify complete
2020-06-24 18:21:00, Info                  CSI    00000502 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:00, Info                  CSI    00000503 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:03, Info                  CSI    0000050e [SR] Verify complete
2020-06-24 18:21:03, Info                  CSI    0000050f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:03, Info                  CSI    00000510 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:06, Info                  CSI    00000515 [SR] Verify complete
2020-06-24 18:21:06, Info                  CSI    00000516 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:06, Info                  CSI    00000517 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:08, Info                  CSI    00000519 [SR] Verify complete
2020-06-24 18:21:08, Info                  CSI    0000051a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:08, Info                  CSI    0000051b [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:12, Info                  CSI    00000521 [SR] Verify complete
2020-06-24 18:21:12, Info                  CSI    00000522 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:12, Info                  CSI    00000523 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:15, Info                  CSI    00000530 [SR] Verify complete
2020-06-24 18:21:15, Info                  CSI    00000531 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:15, Info                  CSI    00000532 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:17, Info                  CSI    00000534 [SR] Verify complete
2020-06-24 18:21:17, Info                  CSI    00000535 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:17, Info                  CSI    00000536 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:20, Info                  CSI    0000053b [SR] Verify complete
2020-06-24 18:21:20, Info                  CSI    0000053c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:20, Info                  CSI    0000053d [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:23, Info                  CSI    0000054a [SR] Verify complete
2020-06-24 18:21:23, Info                  CSI    0000054b [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:23, Info                  CSI    0000054c [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:27, Info                  CSI    0000054f [SR] Verify complete
2020-06-24 18:21:27, Info                  CSI    00000550 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:27, Info                  CSI    00000551 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:35, Info                  CSI    00000587 [SR] Verify complete
2020-06-24 18:21:35, Info                  CSI    00000588 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:35, Info                  CSI    00000589 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:40, Info                  CSI    00000591 [SR] Verify complete
2020-06-24 18:21:40, Info                  CSI    00000592 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:40, Info                  CSI    00000593 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:44, Info                  CSI    00000598 [SR] Verify complete
2020-06-24 18:21:44, Info                  CSI    00000599 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:44, Info                  CSI    0000059a [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:49, Info                  CSI    0000059e [SR] Verify complete
2020-06-24 18:21:49, Info                  CSI    0000059f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:49, Info                  CSI    000005a0 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:53, Info                  CSI    000005a1 [SR] Verify complete
2020-06-24 18:21:53, Info                  CSI    000005a2 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:53, Info                  CSI    000005a3 [SR] Beginning Verify and Repair transaction
2020-06-24 18:21:57, Info                  CSI    000005a7 [SR] Verify complete
2020-06-24 18:21:57, Info                  CSI    000005a8 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:21:57, Info                  CSI    000005a9 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:02, Info                  CSI    000005ae [SR] Verify complete
2020-06-24 18:22:02, Info                  CSI    000005af [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:02, Info                  CSI    000005b0 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:07, Info                  CSI    000005c1 [SR] Verify complete
2020-06-24 18:22:07, Info                  CSI    000005c2 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:07, Info                  CSI    000005c3 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:11, Info                  CSI    000005c9 [SR] Verify complete
2020-06-24 18:22:12, Info                  CSI    000005ca [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:12, Info                  CSI    000005cb [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:16, Info                  CSI    000005dd [SR] Verify complete
2020-06-24 18:22:16, Info                  CSI    000005de [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:16, Info                  CSI    000005df [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:20, Info                  CSI    000005ee [SR] Verify complete
2020-06-24 18:22:20, Info                  CSI    000005ef [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:20, Info                  CSI    000005f0 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:23, Info                  CSI    000005f2 [SR] Verify complete
2020-06-24 18:22:23, Info                  CSI    000005f3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:23, Info                  CSI    000005f4 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:27, Info                  CSI    000005f5 [SR] Verify complete
2020-06-24 18:22:27, Info                  CSI    000005f6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:27, Info                  CSI    000005f7 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:31, Info                  CSI    00000612 [SR] Verify complete
2020-06-24 18:22:32, Info                  CSI    00000613 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:32, Info                  CSI    00000614 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:35, Info                  CSI    00000632 [SR] Verify complete
2020-06-24 18:22:35, Info                  CSI    00000633 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:35, Info                  CSI    00000634 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:38, Info                  CSI    00000645 [SR] Verify complete
2020-06-24 18:22:38, Info                  CSI    00000646 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:38, Info                  CSI    00000647 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:40, Info                  CSI    00000648 [SR] Verify complete
2020-06-24 18:22:40, Info                  CSI    00000649 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:40, Info                  CSI    0000064a [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:43, Info                  CSI    0000064b [SR] Verify complete
2020-06-24 18:22:43, Info                  CSI    0000064c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:43, Info                  CSI    0000064d [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:46, Info                  CSI    0000064f [SR] Verify complete
2020-06-24 18:22:46, Info                  CSI    00000650 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:46, Info                  CSI    00000651 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:49, Info                  CSI    00000652 [SR] Verify complete
2020-06-24 18:22:49, Info                  CSI    00000653 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:49, Info                  CSI    00000654 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:53, Info                  CSI    00000655 [SR] Verify complete
2020-06-24 18:22:53, Info                  CSI    00000656 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:53, Info                  CSI    00000657 [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:55, Info                  CSI    00000658 [SR] Verify complete
2020-06-24 18:22:56, Info                  CSI    00000659 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:56, Info                  CSI    0000065a [SR] Beginning Verify and Repair transaction
2020-06-24 18:22:58, Info                  CSI    0000065b [SR] Verify complete
2020-06-24 18:22:58, Info                  CSI    0000065c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:22:58, Info                  CSI    0000065d [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:00, Info                  CSI    0000065e [SR] Verify complete
2020-06-24 18:23:00, Info                  CSI    0000065f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:00, Info                  CSI    00000660 [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:02, Info                  CSI    00000661 [SR] Verify complete
2020-06-24 18:23:02, Info                  CSI    00000662 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:02, Info                  CSI    00000663 [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:04, Info                  CSI    00000664 [SR] Verify complete
2020-06-24 18:23:04, Info                  CSI    00000665 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:04, Info                  CSI    00000666 [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:07, Info                  CSI    00000685 [SR] Verify complete
2020-06-24 18:23:07, Info                  CSI    00000686 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:07, Info                  CSI    00000687 [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:08, Info                  CSI    00000688 [SR] Verify complete
2020-06-24 18:23:09, Info                  CSI    00000689 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:09, Info                  CSI    0000068a [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:11, Info                  CSI    0000068d [SR] Verify complete
2020-06-24 18:23:11, Info                  CSI    0000068e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:11, Info                  CSI    0000068f [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:14, Info                  CSI    00000690 [SR] Verify complete
2020-06-24 18:23:14, Info                  CSI    00000691 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:14, Info                  CSI    00000692 [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:16, Info                  CSI    00000693 [SR] Verify complete
2020-06-24 18:23:16, Info                  CSI    00000694 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:16, Info                  CSI    00000695 [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:18, Info                  CSI    00000696 [SR] Verify complete
2020-06-24 18:23:18, Info                  CSI    00000697 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:18, Info                  CSI    00000698 [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:20, Info                  CSI    00000699 [SR] Verify complete
2020-06-24 18:23:20, Info                  CSI    0000069a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:20, Info                  CSI    0000069b [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:25, Info                  CSI    0000069c [SR] Verify complete
2020-06-24 18:23:25, Info                  CSI    0000069d [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:25, Info                  CSI    0000069e [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:29, Info                  CSI    000006a9 [SR] Verify complete
2020-06-24 18:23:29, Info                  CSI    000006aa [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:29, Info                  CSI    000006ab [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:32, Info                  CSI    000006ac [SR] Verify complete
2020-06-24 18:23:32, Info                  CSI    000006ad [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:32, Info                  CSI    000006ae [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:36, Info                  CSI    0000071b [SR] Verify complete
2020-06-24 18:23:36, Info                  CSI    0000071c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:36, Info                  CSI    0000071d [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:39, Info                  CSI    00000721 [SR] Verify complete
2020-06-24 18:23:39, Info                  CSI    00000722 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:39, Info                  CSI    00000723 [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:42, Info                  CSI    00000724 [SR] Verify complete
2020-06-24 18:23:42, Info                  CSI    00000725 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:42, Info                  CSI    00000726 [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:45, Info                  CSI    00000727 [SR] Verify complete
2020-06-24 18:23:45, Info                  CSI    00000728 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:45, Info                  CSI    00000729 [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:47, Info                  CSI    0000072a [SR] Verify complete
2020-06-24 18:23:48, Info                  CSI    0000072b [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:48, Info                  CSI    0000072c [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:50, Info                  CSI    0000072d [SR] Verify complete
2020-06-24 18:23:50, Info                  CSI    0000072e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:50, Info                  CSI    0000072f [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:53, Info                  CSI    00000730 [SR] Verify complete
2020-06-24 18:23:54, Info                  CSI    00000731 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:54, Info                  CSI    00000732 [SR] Beginning Verify and Repair transaction
2020-06-24 18:23:57, Info                  CSI    00000743 [SR] Verify complete
2020-06-24 18:23:58, Info                  CSI    00000744 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:23:58, Info                  CSI    00000745 [SR] Beginning Verify and Repair transaction
2020-06-24 18:24:02, Info                  CSI    0000075a [SR] Verify complete
2020-06-24 18:24:02, Info                  CSI    0000075b [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:24:02, Info                  CSI    0000075c [SR] Beginning Verify and Repair transaction
2020-06-24 18:24:10, Info                  CSI    0000076d [SR] Verify complete
2020-06-24 18:24:10, Info                  CSI    0000076e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:24:10, Info                  CSI    0000076f [SR] Beginning Verify and Repair transaction
2020-06-24 18:24:13, Info                  CSI    00000771 [SR] Verify complete
2020-06-24 18:24:13, Info                  CSI    00000772 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:24:13, Info                  CSI    00000773 [SR] Beginning Verify and Repair transaction
2020-06-24 18:24:15, Info                  CSI    00000774 [SR] Verify complete
2020-06-24 18:24:15, Info                  CSI    00000775 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:24:15, Info                  CSI    00000776 [SR] Beginning Verify and Repair transaction
2020-06-24 18:24:21, Info                  CSI    00000783 [SR] Verify complete
2020-06-24 18:24:21, Info                  CSI    00000784 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:24:21, Info                  CSI    00000785 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:00, Info                  CSI    00000787 [SR] Verify complete
2020-06-24 18:39:00, Info                  CSI    00000788 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:00, Info                  CSI    00000789 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:04, Info                  CSI    000007ab [SR] Verify complete
2020-06-24 18:39:04, Info                  CSI    000007ac [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:04, Info                  CSI    000007ad [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:07, Info                  CSI    000007b7 [SR] Verify complete
2020-06-24 18:39:07, Info                  CSI    000007b8 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:07, Info                  CSI    000007b9 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:11, Info                  CSI    000007c6 [SR] Verify complete
2020-06-24 18:39:11, Info                  CSI    000007c7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:11, Info                  CSI    000007c8 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:15, Info                  CSI    000007ec [SR] Verify complete
2020-06-24 18:39:15, Info                  CSI    000007ed [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:15, Info                  CSI    000007ee [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:20, Info                  CSI    00000835 [SR] Verify complete
2020-06-24 18:39:20, Info                  CSI    00000836 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:20, Info                  CSI    00000837 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:22, Info                  CSI    00000838 [SR] Verify complete
2020-06-24 18:39:22, Info                  CSI    00000839 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:22, Info                  CSI    0000083a [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:25, Info                  CSI    0000083b [SR] Verify complete
2020-06-24 18:39:25, Info                  CSI    0000083c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:25, Info                  CSI    0000083d [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:27, Info                  CSI    00000841 [SR] Verify complete
2020-06-24 18:39:27, Info                  CSI    00000842 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:27, Info                  CSI    00000843 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:31, Info                  CSI    0000085d [SR] Verify complete
2020-06-24 18:39:31, Info                  CSI    0000085e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:31, Info                  CSI    0000085f [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:36, Info                  CSI    00000886 [SR] Verify complete
2020-06-24 18:39:36, Info                  CSI    00000887 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:36, Info                  CSI    00000888 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:38, Info                  CSI    00000889 [SR] Verify complete
2020-06-24 18:39:38, Info                  CSI    0000088a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:38, Info                  CSI    0000088b [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:40, Info                  CSI    00000893 [SR] Verify complete
2020-06-24 18:39:40, Info                  CSI    00000894 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:40, Info                  CSI    00000895 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:43, Info                  CSI    00000897 [SR] Verify complete
2020-06-24 18:39:43, Info                  CSI    00000898 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:43, Info                  CSI    00000899 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:46, Info                  CSI    000008a5 [SR] Verify complete
2020-06-24 18:39:46, Info                  CSI    000008a6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:46, Info                  CSI    000008a7 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:50, Info                  CSI    000008c6 [SR] Verify complete
2020-06-24 18:39:50, Info                  CSI    000008c7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:50, Info                  CSI    000008c8 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:54, Info                  CSI    000008df [SR] Verify complete
2020-06-24 18:39:54, Info                  CSI    000008e0 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:54, Info                  CSI    000008e1 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:56, Info                  CSI    000008e2 [SR] Verify complete
2020-06-24 18:39:56, Info                  CSI    000008e3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:56, Info                  CSI    000008e4 [SR] Beginning Verify and Repair transaction
2020-06-24 18:39:59, Info                  CSI    000008e6 [SR] Verify complete
2020-06-24 18:39:59, Info                  CSI    000008e7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:39:59, Info                  CSI    000008e8 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:02, Info                  CSI    000008f2 [SR] Verify complete
2020-06-24 18:40:02, Info                  CSI    000008f3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:02, Info                  CSI    000008f4 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:06, Info                  CSI    0000090d [SR] Verify complete
2020-06-24 18:40:06, Info                  CSI    0000090e [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:06, Info                  CSI    0000090f [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:08, Info                  CSI    00000911 [SR] Verify complete
2020-06-24 18:40:08, Info                  CSI    00000912 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:08, Info                  CSI    00000913 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:13, Info                  CSI    00000935 [SR] Verify complete
2020-06-24 18:40:14, Info                  CSI    00000936 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:14, Info                  CSI    00000937 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:16, Info                  CSI    0000093e [SR] Verify complete
2020-06-24 18:40:16, Info                  CSI    0000093f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:16, Info                  CSI    00000940 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:22, Info                  CSI    0000094b [SR] Verify complete
2020-06-24 18:40:22, Info                  CSI    0000094c [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:22, Info                  CSI    0000094d [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:24, Info                  CSI    0000096e [SR] Verify complete
2020-06-24 18:40:24, Info                  CSI    0000096f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:24, Info                  CSI    00000970 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:26, Info                  CSI    00000979 [SR] Verify complete
2020-06-24 18:40:27, Info                  CSI    0000097a [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:27, Info                  CSI    0000097b [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:29, Info                  CSI    00000985 [SR] Verify complete
2020-06-24 18:40:29, Info                  CSI    00000986 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:29, Info                  CSI    00000987 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:30, Info                  CSI    0000098c [SR] Verify complete
2020-06-24 18:40:30, Info                  CSI    0000098d [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:30, Info                  CSI    0000098e [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:33, Info                  CSI    00000990 [SR] Verify complete
2020-06-24 18:40:33, Info                  CSI    00000991 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:33, Info                  CSI    00000992 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:36, Info                  CSI    00000998 [SR] Verify complete
2020-06-24 18:40:36, Info                  CSI    00000999 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:36, Info                  CSI    0000099a [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:38, Info                  CSI    0000099e [SR] Verify complete
2020-06-24 18:40:38, Info                  CSI    0000099f [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:38, Info                  CSI    000009a0 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:40, Info                  CSI    000009a3 [SR] Verify complete
2020-06-24 18:40:40, Info                  CSI    000009a4 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:40, Info                  CSI    000009a5 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:42, Info                  CSI    000009aa [SR] Verify complete
2020-06-24 18:40:42, Info                  CSI    000009ab [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:42, Info                  CSI    000009ac [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:45, Info                  CSI    000009ae [SR] Verify complete
2020-06-24 18:40:45, Info                  CSI    000009af [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:45, Info                  CSI    000009b0 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:47, Info                  CSI    000009b9 [SR] Verify complete
2020-06-24 18:40:47, Info                  CSI    000009ba [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:47, Info                  CSI    000009bb [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:50, Info                  CSI    000009bf [SR] Verify complete
2020-06-24 18:40:50, Info                  CSI    000009c0 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:50, Info                  CSI    000009c1 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:54, Info                  CSI    000009c2 [SR] Verify complete
2020-06-24 18:40:54, Info                  CSI    000009c3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:54, Info                  CSI    000009c4 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:57, Info                  CSI    000009c6 [SR] Verify complete
2020-06-24 18:40:57, Info                  CSI    000009c7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:57, Info                  CSI    000009c8 [SR] Beginning Verify and Repair transaction
2020-06-24 18:40:59, Info                  CSI    000009c9 [SR] Verify complete
2020-06-24 18:40:59, Info                  CSI    000009ca [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:40:59, Info                  CSI    000009cb [SR] Beginning Verify and Repair transaction
2020-06-24 18:41:03, Info                  CSI    000009cc [SR] Verify complete
2020-06-24 18:41:04, Info                  CSI    000009cd [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:41:04, Info                  CSI    000009ce [SR] Beginning Verify and Repair transaction
2020-06-24 18:41:06, Info                  CSI    000009cf [SR] Verify complete
2020-06-24 18:41:06, Info                  CSI    000009d0 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:41:06, Info                  CSI    000009d1 [SR] Beginning Verify and Repair transaction
2020-06-24 18:41:09, Info                  CSI    000009d2 [SR] Verify complete
2020-06-24 18:41:09, Info                  CSI    000009d3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-24 18:41:09, Info                  CSI    000009d4 [SR] Beginning Verify and Repair transaction
2020-06-24 18:41:12, Info                  CSI    000009d7 [SR] Verify complete
2020-06-24 18:41:12, Info                  CSI    000009d8 [SR] Verifying 8 components
2020-06-24 18:41:12, Info                  CSI    000009d9 [SR] Beginning Verify and Repair transaction
2020-06-24 18:41:12, Info                  CSI    000009da [SR] Verify complete
2020-06-24 18:41:12, Info                  CSI    000009db [SR] Repairing 0 components
2020-06-24 18:41:12, Info                  CSI    000009dc [SR] Beginning Verify and Repair transaction
2020-06-24 18:41:12, Info                  CSI    000009dd [SR] Repair complete
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log DebugChannel. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation.
Failed to clear log Microsoft-RMS-MSIPC/Debug. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation.
Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 18:42:31 ====

 

 

Here is the search.txt log for bfe.dll

 

 

Farbar Recovery Scan Tool (x64) Version: 24-06-2020
Ran by TingTing (25-06-2020 23:51:46)
Running from C:\Users\TingTing\Desktop\FRST64
Boot Mode: Normal
 
================== Search Files: "bfe.dll" =============
 
C:\Windows\WinSxS\Temp\InFlight\1d7767b6a329d5017c060000ec028039\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.3.9600.18895_none_bdd8dc3ffe8938ca\BFE.DLL
[2018-01-09 11:04][2018-01-02 00:33] 000845312 _____ (Microsoft Corporation) 4BA5C192E77375B62D603B38B9D99128 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.3.9600.19646_none_be0fd191fe5fe5bf\BFE.DLL
[2020-03-10 15:28][2020-02-01 12:57] 000845312 _____ (Microsoft Corporation) 2CEFC683C0ADEB2934C2C1D1446BC073 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.3.9600.19344_none_be0dcb4bfe61bb9c\BFE.DLL
[2018-01-09 11:04][2020-04-26 14:18] 000000398 _____ () 9B7F91A749718457837C00AD2910A20E [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.3.9600.18405_none_be3a23f3fe4048b5\BFE.DLL
[2016-04-13 13:53][2019-06-23 05:50] 000026536 _____ () 195BB0D135FAAFA986B0B4FD50B5769B [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.3.9600.18307_none_be3c22a1fe3e7e3c\BFE.DLL
[2016-04-13 13:53][2016-02-05 11:11] 000845312 _____ (Microsoft Corporation) 5059D93764340D4EAEDF49C47133118F [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.3.9600.17415_none_be2f6acffe484b05\BFE.DLL
[2015-04-21 23:26][2017-01-08 07:47] 000012207 _____ () 6AF95C0EE7E13033CDB5C40375F8BD05 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.3.9600.17111_none_be2b63f5fe4bee34\BFE.DLL
[2014-12-12 11:37][2015-04-26 23:59] 000135088 _____ () 129C5E9FFF7162184BBD2B25BF877D11 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.3.9600.17042_none_be0bf295fe635e37\BFE.DLL
[2014-12-09 13:50][2014-12-17 18:14] 000010226 _____ () 1F6DF50894915305B6BF787F50086029 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.3.9600.16427_none_be26b23ffe4e8003\BFE.DLL
[2014-12-03 13:52][2014-12-17 18:14] 000110858 _____ () 31ABB589E3F8F9B516E9535E08AE3417 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.3.9600.16408_none_be3d5261fe3d6178\BFE.DLL
[2014-12-03 13:53][2014-12-17 18:14] 000110853 _____ () 2DA29319ED537628628FEF6C6E83B11C [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.3.9600.16384_none_bde2cff3fe81de7d\BFE.DLL
[2013-08-22 05:56][2014-12-17 18:14] 000112879 _____ () A935A7B33476422DE7F3B73F5CC6DD32 [File not signed]
 
C:\Windows\System32\BFE.DLL
[2020-03-10 15:28][2020-02-01 12:57] 000845312 _____ (Microsoft Corporation) 2CEFC683C0ADEB2934C2C1D1446BC073 [File is digitally signed]
 
 
====== End of Search ======
 
 
When I try to merge the bfe.reg file, a pop-up saying "cannot import C:\Users\TingTing\Downloads\bfe.reg: Not all data was successfully written to the registry. Some keys are open by he system or other processes, or you have insufficient privileges to perform this operation" appears.

Edited by tingtingz, 25 June 2020 - 10:08 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP