Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Canít run antivirus, computer doesnít startup properly, black screen i


  • Please log in to reply

#46
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,923 posts
  • MVP

That's great.  Never had one that was that hard to change before.

 

Let's see a new FRST scan with Addition.txt checked.  See if there is anything else unhappy.


  • 0

Advertisements


#47
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (30-06-2020 16:37:03)
Running from C:\Users\TingTing\Downloads
Loaded Profiles: TingTing & Administrator
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe <2>
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <33>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe <2>
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe <2>
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe <2>
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe <2>
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe <2>
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe <2>
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7657984 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-500\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3314272 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-688974935-4124263328-645016171-500\Software\Microsoft\Internet Explorer\Main,Start Page = www.dell.com
HKU\S-1-5-21-688974935-4124263328-645016171-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-06-30]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-01-29] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-01-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Users\Administrator\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2020-06-28] (CPUID -> CPUID) <==== ATTENTION
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Techporch Incorporated -> Dell Computer Corporation)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3497240 2015-03-23] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-30 16:36 - 2020-06-30 16:36 - 002291712 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64.exe
2020-06-30 15:40 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2020-06-28 10:10 - 2020-06-28 10:10 - 000745446 _____ C:\Users\Administrator\Desktop\WINDOWS-I6D372C.txt
2020-06-27 13:03 - 2020-06-27 13:03 - 000255928 _____ (Malwarebytes) C:\windows\system32\Drivers\6321B570.sys
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\Users\Administrator\Desktop\mbar
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-06-27 13:02 - 2020-06-27 13:02 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.10.3.1001.exe
2020-06-27 12:33 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2020-06-27 12:33 - 2020-06-27 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Apple
2020-06-27 11:59 - 2020-06-27 11:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-06-27 11:58 - 2020-06-27 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2020-06-27 11:57 - 2020-06-27 11:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2020-06-27 11:56 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Power2Go8
2020-06-27 11:55 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2020-06-27 11:52 - 2020-06-27 11:52 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2020-06-27 11:51 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-06-27 11:51 - 2020-06-27 11:51 - 000001440 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-06-27 11:50 - 2020-06-28 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-06-27 11:50 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator
2020-06-27 11:50 - 2020-06-27 11:50 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2020-06-27 11:50 - 2015-03-04 06:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-06-26 21:50 - 2020-06-26 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-26 13:55 - 2020-06-26 13:55 - 000001276 _____ C:\Users\TingTing\Downloads\fixlist.txt
2020-06-25 23:47 - 2020-06-25 23:47 - 000497284 _____ C:\Users\TingTing\Downloads\bfe.reg
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-06-24 12:55 - 2020-06-24 12:55 - 000069892 _____ C:\ProgramData\agent.uninstall.1593017731.bdinstall.v2.bin
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-06-30 16:21 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:15 - 2020-06-28 04:31 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-06-30 16:33 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:37 - 2020-06-22 01:40 - 000051955 _____ C:\Users\TingTing\Downloads\Addition.txt
2020-06-22 01:36 - 2020-06-30 16:40 - 000035415 _____ C:\Users\TingTing\Downloads\FRST.txt
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-30 16:38 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-06-30 16:21 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-06-30 16:21 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-06-30 16:21 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-06-30 16:21 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-30 16:21 - 2018-02-20 19:59 - 000003492 _____ C:\windows\system32\Tasks\Motorola Device Manager Update
2020-06-30 16:21 - 2018-02-20 19:59 - 000003300 _____ C:\windows\system32\Tasks\Motorola Device Manager Initial Update
2020-06-30 16:21 - 2016-04-06 18:56 - 000003920 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-06-30 16:21 - 2016-04-06 18:56 - 000003684 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-06-30 16:21 - 2015-05-21 07:46 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-06-30 16:21 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-06-30 16:21 - 2015-02-09 10:52 - 000003334 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-30 16:21 - 2015-02-09 10:52 - 000003206 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-30 16:21 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-06-30 16:21 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-06-30 16:21 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLVDLauncher
2020-06-30 16:21 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLMLSvc_P2G8
2020-06-30 16:21 - 2014-12-03 13:53 - 000003592 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-500
2020-06-30 16:15 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-06-30 16:15 - 2014-12-14 04:03 - 000000000 ___DO C:\Users\TingTing\OneDrive
2020-06-30 16:15 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-06-30 16:14 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-30 15:31 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-06-30 15:28 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-06-30 15:06 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-06-30 15:03 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness
2020-06-30 08:10 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-30 08:10 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-27 15:01 - 2014-12-09 12:39 - 000003596 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-06-27 13:02 - 2015-05-01 23:32 - 000192952 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2020-06-26 21:51 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-25 09:17 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-25 01:45 - 2017-04-25 13:58 - 000000000 ____D C:\Users\TingTing\Downloads\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us
2020-06-25 01:37 - 2015-03-03 02:28 - 000000000 ____D C:\Users\TingTing\Downloads\Microsoft Office Pro 2013
2020-06-24 18:13 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-06-24 12:52 - 2013-08-22 11:36 - 000000000 ___HD C:\windows\ELAMBKUP
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-23 22:36 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 22:33 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-21 20:49 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2020-05-31 18:56 - 2016-11-16 15:34 - 000000000 ____D C:\Users\TingTing\Saved Documents
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
 
 
 
Addition.txt
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by TingTing (30-06-2020 16:44:02)
Running from C:\Users\TingTing\Downloads
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 100.4.409 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-500_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{956A7DE6-C628-4A4C-8DDE-0150522EEB5F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{9D8C616E-441C-4251-9B5B-C031BFE6FDC3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EA7E19AC-E0BF-48E1-8FEB-BE0B385BDA73}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE6EBDD5-24A0-44BE-9A89-4C3CB760BDEE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{84B667A0-7CD9-47CE-BFB7-8E926F66F69D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
26-06-2020 12:54:13 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (06/30/2020 09:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3469
 
Error: (06/30/2020 09:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3469
 
Error: (06/30/2020 09:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/30/2020 08:09:37 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (06/30/2020 03:17:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19828
 
Error: (06/30/2020 03:17:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19828
 
Error: (06/30/2020 03:17:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/30/2020 03:17:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18563
 
 
System errors:
=============
Error: (06/30/2020 03:30:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (06/30/2020 03:30:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (06/30/2020 03:29:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (06/30/2020 03:29:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Error: (06/30/2020 03:05:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (06/30/2020 03:05:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (06/30/2020 02:54:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (06/30/2020 02:54:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A07 01/23/2015
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 37%
Total physical RAM: 12168.96 MB
Available physical RAM: 7609.63 MB
Total Virtual: 18824.96 MB
Available Virtual: 13372.55 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:485.62 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#48
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,923 posts
  • MVP

Go in to services.msc

find

Windows Presentation Foundation Font Cache 3.0.0.0 service

right click on it and select Properties.  Change the Startup Type: to Manual.

 

Uninstall Bonjour.  It's not working.  You will get a new one if you update itunes.

 

Uninstall Origin.  This is associated with some game from Electronic Arts.  It's not working.

 

I think that should stop all of your alarms.  We can clear the events with a fixlist:

 

Attached File  fixlist.txt   170bytes   2 downloads

 

Should be real quick but it will want to reboot.  Once it reboots rerun the FRST scan with Addition.txt checked.

 

 


  • 0

#49
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Origin is associated with the game the Sims that I have. I open it and it says I need to update it. I think I need it to run the game and game save on it. Can I leave it, will it cause problems on my computer?

Edited by tingtingz, 30 June 2020 - 05:16 PM.

  • 0

#50
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,923 posts
  • MVP

I think Sims is asking for an update because Origin is not working.  Origin is some kind of anti-pirate software.  Perhaps the Sims site has a newer version or some way of fixing Origin.

 

You can keep it of course.  It's not working correctly but probably just causes some minor delay on boot because of the error.


  • 0

#51
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (01-07-2020 07:51:03)
Running from C:\Users\TingTing\Desktop\FRST64 new
Loaded Profiles: TingTing
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <2>
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7657984 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3314272 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-07-01]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-01-29] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-01-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Users\Administrator\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2020-06-28] (CPUID -> CPUID) <==== ATTENTION
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Techporch Incorporated -> Dell Computer Corporation)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3497240 2015-03-23] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-01 07:35 - 2020-07-01 07:51 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64 new
2020-06-30 15:40 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2020-06-28 10:10 - 2020-06-28 10:10 - 000745446 _____ C:\Users\Administrator\Desktop\WINDOWS-I6D372C.txt
2020-06-27 13:03 - 2020-06-27 13:03 - 000255928 _____ (Malwarebytes) C:\windows\system32\Drivers\6321B570.sys
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\Users\Administrator\Desktop\mbar
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-06-27 13:02 - 2020-06-27 13:02 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.10.3.1001.exe
2020-06-27 12:33 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2020-06-27 12:33 - 2020-06-27 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Apple
2020-06-27 11:59 - 2020-06-27 11:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-06-27 11:58 - 2020-06-27 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2020-06-27 11:57 - 2020-06-27 11:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2020-06-27 11:56 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Power2Go8
2020-06-27 11:55 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2020-06-27 11:52 - 2020-06-27 11:52 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2020-06-27 11:51 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-06-27 11:51 - 2020-06-27 11:51 - 000001440 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-06-27 11:50 - 2020-06-28 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-06-27 11:50 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator
2020-06-27 11:50 - 2020-06-27 11:50 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2020-06-27 11:50 - 2015-03-04 06:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-06-26 21:50 - 2020-06-26 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-26 13:55 - 2020-06-26 13:55 - 000001276 _____ C:\Users\TingTing\Downloads\fixlist.txt
2020-06-25 23:47 - 2020-06-25 23:47 - 000497284 _____ C:\Users\TingTing\Downloads\bfe.reg
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-06-24 12:55 - 2020-06-24 12:55 - 000069892 _____ C:\ProgramData\agent.uninstall.1593017731.bdinstall.v2.bin
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-06-30 16:21 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:15 - 2020-06-28 04:31 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-07-01 07:36 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-01 07:58 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-07-01 07:52 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-07-01 07:49 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-07-01 07:49 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-07-01 07:48 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-01 07:48 - 2014-12-14 04:03 - 000000000 __RDO C:\Users\TingTing\OneDrive
2020-07-01 07:46 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-01 07:46 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-07-01 07:46 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-07-01 07:45 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-07-01 07:42 - 2014-12-09 12:39 - 000003594 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-07-01 04:14 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-06-30 16:21 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-06-30 16:21 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-30 16:21 - 2018-02-20 19:59 - 000003492 _____ C:\windows\system32\Tasks\Motorola Device Manager Update
2020-06-30 16:21 - 2018-02-20 19:59 - 000003300 _____ C:\windows\system32\Tasks\Motorola Device Manager Initial Update
2020-06-30 16:21 - 2016-04-06 18:56 - 000003920 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-06-30 16:21 - 2016-04-06 18:56 - 000003684 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-06-30 16:21 - 2015-05-21 07:46 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-06-30 16:21 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-06-30 16:21 - 2015-02-09 10:52 - 000003334 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-30 16:21 - 2015-02-09 10:52 - 000003206 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-30 16:21 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-06-30 16:21 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLVDLauncher
2020-06-30 16:21 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLMLSvc_P2G8
2020-06-30 16:21 - 2014-12-03 13:53 - 000003592 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-500
2020-06-30 16:14 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-30 15:03 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness
2020-06-30 08:10 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-30 08:10 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-27 13:02 - 2015-05-01 23:32 - 000192952 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2020-06-26 21:51 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-25 09:17 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-25 01:45 - 2017-04-25 13:58 - 000000000 ____D C:\Users\TingTing\Downloads\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us
2020-06-25 01:37 - 2015-03-03 02:28 - 000000000 ____D C:\Users\TingTing\Downloads\Microsoft Office Pro 2013
2020-06-24 12:52 - 2013-08-22 11:36 - 000000000 ___HD C:\windows\ELAMBKUP
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-23 22:36 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 22:33 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-21 20:49 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
 
 
 
Addition.txt
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by TingTing (01-07-2020 08:01:26)
Running from C:\Users\TingTing\Desktop\FRST64 new
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 100.4.409 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{956A7DE6-C628-4A4C-8DDE-0150522EEB5F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
26-06-2020 12:54:13 Scheduled Checkpoint
01-07-2020 07:38:05 Removed Bonjour
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
 
System errors:
=============
Error: (07/01/2020 07:47:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (07/01/2020 07:47:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (07/01/2020 07:47:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (07/01/2020 07:47:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Error: (07/01/2020 07:43:49 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.
 
Error: (07/01/2020 07:42:51 AM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 07:42:50 AM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A07 01/23/2015
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 22%
Total physical RAM: 12168.96 MB
Available physical RAM: 9428.11 MB
Total Virtual: 18824.96 MB
Available Virtual: 16262.32 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:484.46 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
 
 
Fixlog.txt
 
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by TingTing (01-07-2020 07:39:47) Run:6
Running from C:\Users\TingTing\Desktop\FRST64 new
Loaded Profiles: TingTing & Administrator
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
*****************
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log DebugChannel. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation.
Failed to clear log Microsoft-RMS-MSIPC/Debug. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation.
Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 07:42:21 ====

  • 0

#52
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,923 posts
  • MVP

Did you do this:

 

Go in to services.msc

find

Windows Presentation Foundation Font Cache 3.0.0.0 service

right click on it and select Properties.  Change the Startup Type: to Manual.

 

 

 

Origin is still causing errors.


  • 0

#53
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

I did not change the startup type for Windows Presentation Foundation Font Cache 3.0.0.0 service because it was already set to Manual. Did the FRST scan say it is not set to Manual?


  • 0

#54
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,923 posts
  • MVP

Scan doesn't show Microsoft services unless you turn off whitelisting.

 

If it is set to manual then we need to clean out the .dat files

 

https://www.thewindo...che-in-windows/

 

Usually the above doesn't work so it's probably faster to do a fixlist:

 

Attached File  fixlist.txt   1.04KB   2 downloads

 

Close all browsers before hitting Fix

 

System will reboot.

 

Do a FRST scan with addition.txt when done.

 

 


  • 0

#55
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (01-07-2020 11:12:00)
Running from C:\Users\TingTing\Desktop\FRST64 new
Loaded Profiles: TingTing
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvBugReport.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7657984 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3313760 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Profile: C:\Users\TingTing\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-07-01]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2509616 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3460912 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-03-19] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Users\Administrator\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2020-06-28] (CPUID -> CPUID) <==== ATTENTION
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Techporch Incorporated -> Dell Computer Corporation)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3497240 2015-03-23] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-01 07:35 - 2020-07-01 11:12 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64 new
2020-06-30 15:40 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2020-06-28 10:10 - 2020-06-28 10:10 - 000745446 _____ C:\Users\Administrator\Desktop\WINDOWS-I6D372C.txt
2020-06-27 13:03 - 2020-06-27 13:03 - 000255928 _____ (Malwarebytes) C:\windows\system32\Drivers\6321B570.sys
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\Users\Administrator\Desktop\mbar
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-06-27 13:02 - 2020-06-27 13:02 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.10.3.1001.exe
2020-06-27 12:33 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2020-06-27 12:33 - 2020-06-27 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Apple
2020-06-27 11:59 - 2020-06-27 11:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-06-27 11:58 - 2020-06-27 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2020-06-27 11:57 - 2020-06-27 11:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2020-06-27 11:56 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Power2Go8
2020-06-27 11:55 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2020-06-27 11:52 - 2020-06-27 11:52 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2020-06-27 11:51 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-06-27 11:51 - 2020-06-27 11:51 - 000001440 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-06-27 11:50 - 2020-06-28 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-06-27 11:50 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator
2020-06-27 11:50 - 2020-06-27 11:50 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2020-06-27 11:50 - 2015-03-04 06:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-06-26 21:50 - 2020-06-26 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-25 23:47 - 2020-06-25 23:47 - 000497284 _____ C:\Users\TingTing\Downloads\bfe.reg
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-06-24 12:55 - 2020-06-24 12:55 - 000069892 _____ C:\ProgramData\agent.uninstall.1593017731.bdinstall.v2.bin
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-07-01 09:43 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:15 - 2020-06-28 04:31 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-07-01 07:36 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-07-01 10:33 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-01 11:17 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-07-01 11:16 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-07-01 11:15 - 2014-12-09 12:39 - 000003594 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-07-01 11:13 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-07-01 11:12 - 2014-12-14 04:03 - 000000000 __RDO C:\Users\TingTing\OneDrive
2020-07-01 11:09 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-01 11:09 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-07-01 11:08 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-07-01 10:48 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-01 10:42 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-07-01 10:23 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-07-01 10:09 - 2017-01-29 22:19 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Origin
2020-07-01 10:09 - 2017-01-29 22:14 - 000000000 ____D C:\ProgramData\Origin
2020-07-01 10:08 - 2017-01-29 22:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-07-01 10:07 - 2017-01-29 22:17 - 000000000 ____D C:\Program Files (x86)\Origin
2020-07-01 10:07 - 2017-01-29 22:14 - 000000000 ____D C:\Users\TingTing\AppData\Local\Origin
2020-07-01 09:43 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-07-01 09:43 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-07-01 09:43 - 2018-02-20 19:59 - 000003492 _____ C:\windows\system32\Tasks\Motorola Device Manager Update
2020-07-01 09:43 - 2018-02-20 19:59 - 000003300 _____ C:\windows\system32\Tasks\Motorola Device Manager Initial Update
2020-07-01 09:43 - 2016-04-06 18:56 - 000003920 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-01 09:43 - 2016-04-06 18:56 - 000003684 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-07-01 09:43 - 2015-05-21 07:46 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-07-01 09:43 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-07-01 09:43 - 2015-02-09 10:52 - 000003334 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-01 09:43 - 2015-02-09 10:52 - 000003206 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-01 09:43 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-07-01 09:43 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-07-01 09:43 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLVDLauncher
2020-07-01 09:43 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLMLSvc_P2G8
2020-07-01 09:43 - 2014-12-03 13:53 - 000003592 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-500
2020-07-01 08:28 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-07-01 08:01 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-06-30 16:14 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-30 15:03 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness
2020-06-30 08:10 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-30 08:10 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-27 13:02 - 2015-05-01 23:32 - 000192952 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2020-06-26 21:51 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-25 09:17 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-25 01:45 - 2017-04-25 13:58 - 000000000 ____D C:\Users\TingTing\Downloads\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us
2020-06-25 01:37 - 2015-03-03 02:28 - 000000000 ____D C:\Users\TingTing\Downloads\Microsoft Office Pro 2013
2020-06-24 12:52 - 2013-08-22 11:36 - 000000000 ___HD C:\windows\ELAMBKUP
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-21 20:49 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
 
Addition.txt
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by TingTing (01-07-2020 11:20:21)
Running from C:\Users\TingTing\Desktop\FRST64 new
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 100.4.409 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.74.41754 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2017-01-29 22:17 - 2020-07-01 10:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-01-29 22:17 - 2020-07-01 10:05 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{956A7DE6-C628-4A4C-8DDE-0150522EEB5F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
26-06-2020 12:54:13 Scheduled Checkpoint
01-07-2020 07:38:05 Removed Bonjour
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/01/2020 11:15:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 10d0
 
Start Time: 01d64fb9aef93d80
 
Termination Time: 4294967295
 
Application Path: C:\windows\system32\backgroundTaskHost.exe
 
Report Id: a3facd7c-bbad-11ea-8368-6057185e76ac
 
Faulting package full name: Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
 
System errors:
=============
Error: (07/01/2020 11:14:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A07 01/23/2015
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 17%
Total physical RAM: 12168.96 MB
Available physical RAM: 9993.34 MB
Total Virtual: 18824.96 MB
Available Virtual: 16569.69 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:483.52 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
 
 
Fixlog.txt
 
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by TingTing (01-07-2020 11:06:12) Run:7
Running from C:\Users\TingTing\Desktop\FRST64 new
Loaded Profiles: TingTing
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
sc stop FontCache
sc stop FontCache3.0.0.0
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\FontCache-FontSet-S-1-5-18.dat
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\FontCache-S-1-5-18.dat
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\*.dat
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
*****************
 
sc stop FontCache => Error: No automatic fix found for this entry.
sc stop FontCache3.0.0.0 => Error: No automatic fix found for this entry.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat => moved successfully
"C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\FontCache-FontSet-S-1-5-18.dat" => not found
"C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\FontCache-S-1-5-18.dat" => not found
"C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts" => not found
 
=========== "C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\*.dat" ==========
 
not found
 
========= End -> "C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\*.dat" ========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log DebugChannel. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation.
Failed to clear log Microsoft-RMS-MSIPC/Debug. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation.
Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 11:07:09 ====

  • 0

Advertisements


#56
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,923 posts
  • MVP

Looks like it worked.

 

 
Error: (07/01/2020 11:14:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.

 

 

This is part of

Intel® Management Engine Components

which is only used in big company networks.  Don't know if you need a newer version or if you can just uninstall it. 

https://www.shouldir...27-program.aspx

https://www.howtogee...nside-your-cpu/

Might check with your PC maker's website.

 

Error: (07/01/2020 11:15:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Not sure what causes this error.  Might be because of the intel error.    I do not have backgroundTaskHost running on my PC.  Go to Settings, Update & Security, Check for Updates.  See if that works.

  • 0

#57
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
I checked the action center problem list, the error for backgroundTaskHost is from Alarms.
 
Here are the details to the error
 
Source
Alarms
 
Summary
Stopped responding and was closed
 
Date
‎7/‎1/‎2020 11:15 AM
 
Status
Report sent
 
Description
A problem caused this program to stop interacting with Windows.
Faulting Application Path: C:\Windows\System32\backgroundTaskHost.exe
 
Problem signature
Problem Event Name: MoAppHang
Package Full Name: Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe
Application Name: praid:App
Application Version: 6.3.9600.17415
Application Timestamp: 545042b7
Hang Signature: 67ad
Hang Type: 8388608
OS Version: 6.3.9600.2.0.0.768.101
Locale ID: 1033
Additional Hang Signature 1: 67ad30cc3beafa7f6b551ae428c8c759
Additional Hang Signature 2: 9ee1
Additional Hang Signature 3: 9ee133046b07cb2c9de558fc36d42af7
Additional Hang Signature 4: 67ad
Additional Hang Signature 5: 67ad30cc3beafa7f6b551ae428c8c759
Additional Hang Signature 6: 9ee1
Additional Hang Signature 7: 9ee133046b07cb2c9de558fc36d42af7
 
Extra information about the problem
Bucket ID: f22365815df5ad7675146707cd64e1c1 (98882779855)
 
I checked for solution but no solution was found. I went to Setting, Update & Security, my computer did a windows update today before the scan.
 
I download and install the Intel Management Engine driver from dell website. Did this stop the error Event ID: 7022? According to the log that was generated after installation,  the version of the driver just installed is the same as the one that was previously installed. It skipped uninstall of previous driver. 
 
I am not sure if I can uninstall the Intel Management Engine. Will this system error cause problem if I just leave it alone?
 
Can I uninstall the driver and install it again?
 
 
I did the FRST scan and here are the logs
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (01-07-2020 18:30:05)
Running from C:\Users\TingTing\Desktop\FRST64 new
Loaded Profiles: TingTing & Administrator
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <2>
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <27>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe\time.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7657984 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-500\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3313760 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-688974935-4124263328-645016171-500\Software\Microsoft\Internet Explorer\Main,Start Page = www.dell.com
HKU\S-1-5-21-688974935-4124263328-645016171-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Profile: C:\Users\TingTing\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-07-01]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [344184 2016-06-28] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-10-24] (Intel® Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2509616 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3460912 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-10-24] (Intel® Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Users\Administrator\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2020-06-28] (CPUID -> CPUID) <==== ATTENTION
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [41608 2020-01-03] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3521032 2017-10-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-01 17:47 - 2020-07-01 17:47 - 012669600 _____ (Igor Pavlov) C:\Users\TingTing\Downloads\Inspiron_5447_A13.exe
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\ProgramData\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2020-07-01 17:30 - 000000000 ____D C:\Users\TingTing\Dell update
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files\Common Files\Intel
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files (x86)\Cisco
2020-07-01 17:24 - 2020-07-01 17:32 - 000000000 ____D C:\windows\LastGood.Tmp
2020-07-01 17:18 - 2020-07-01 17:19 - 158002168 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-Wi-Fi-Driver_5TJF1_WIN_20.10.1.1190_A00.EXE
2020-07-01 17:18 - 2020-07-01 17:18 - 065319192 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Chipset_Driver_9M49M_WN_9.5.22.1760_A00 (1).EXE
2020-07-01 17:18 - 2020-07-01 17:18 - 027788560 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-8260-8265-Bluetooth-Driver_39C26_WIN_20.60.0_A01.EXE
2020-07-01 17:14 - 2020-07-01 17:14 - 000000000 _____ C:\windows\invcol.tmp
2020-07-01 17:12 - 2020-07-01 17:56 - 000000000 ____D C:\Users\TingTing\AppData\Local\Dell Inc
2020-07-01 17:12 - 2020-07-01 17:12 - 000000000 ____D C:\ProgramData\Dell Inc
2020-07-01 17:11 - 2020-07-01 17:11 - 000521360 _____ (Dell Inc.) C:\Users\TingTing\Downloads\SupportAssistLauncher.exe
2020-07-01 07:35 - 2020-07-01 18:30 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64 new
2020-06-30 15:40 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2020-06-28 10:10 - 2020-06-28 10:10 - 000745446 _____ C:\Users\Administrator\Desktop\WINDOWS-I6D372C.txt
2020-06-27 13:03 - 2020-06-27 13:03 - 000255928 _____ (Malwarebytes) C:\windows\system32\Drivers\6321B570.sys
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\Users\Administrator\Desktop\mbar
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-06-27 13:02 - 2020-06-27 13:02 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.10.3.1001.exe
2020-06-27 12:33 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2020-06-27 12:33 - 2020-06-27 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Apple
2020-06-27 11:59 - 2020-06-27 11:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-06-27 11:58 - 2020-06-27 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2020-06-27 11:57 - 2020-06-27 11:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2020-06-27 11:56 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Power2Go8
2020-06-27 11:55 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2020-06-27 11:52 - 2020-06-27 11:52 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2020-06-27 11:51 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-06-27 11:51 - 2020-06-27 11:51 - 000001440 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-06-27 11:50 - 2020-06-28 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-06-27 11:50 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator
2020-06-27 11:50 - 2020-06-27 11:50 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2020-06-27 11:50 - 2015-03-04 06:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-06-26 21:50 - 2020-06-26 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-25 23:47 - 2020-06-25 23:47 - 000497284 _____ C:\Users\TingTing\Downloads\bfe.reg
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-06-24 12:55 - 2020-06-24 12:55 - 000069892 _____ C:\ProgramData\agent.uninstall.1593017731.bdinstall.v2.bin
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-07-01 09:43 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:15 - 2020-06-28 04:31 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-07-01 07:36 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-07-01 10:33 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-01 18:31 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-07-01 18:10 - 2014-12-09 12:39 - 000003594 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-07-01 18:08 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-07-01 18:07 - 2014-12-14 04:03 - 000000000 ___DO C:\Users\TingTing\OneDrive
2020-07-01 18:07 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-07-01 18:05 - 2015-03-25 16:33 - 000016272 _____ C:\windows\system32\results.xml
2020-07-01 18:04 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-01 18:04 - 2015-03-25 16:33 - 000000401 _____ C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-07-01 18:04 - 2015-03-25 16:33 - 000000000 __SHD C:\Users\TingTing\IntelGraphicsProfiles
2020-07-01 18:04 - 2014-12-03 15:41 - 000000000 ____D C:\Intel
2020-07-01 18:04 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-07-01 18:03 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-07-01 17:57 - 2015-05-31 14:04 - 000000000 ____D C:\ProgramData\PCDr
2020-07-01 17:57 - 2014-12-03 14:41 - 000000000 ____D C:\Program Files\Dell
2020-07-01 17:57 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-07-01 17:56 - 2014-12-03 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-07-01 17:48 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-01 17:33 - 2015-03-25 16:16 - 000000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-07-01 17:30 - 2014-12-03 13:54 - 000866884 _____ C:\windows\system32\PerfStringBackup.INI
2020-07-01 17:29 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Intel
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\Program Files (x86)\Intel
2020-07-01 17:26 - 2014-12-03 15:41 - 000000000 ____D C:\Program Files\Intel
2020-07-01 17:19 - 2015-03-25 16:28 - 000000000 ____D C:\Users\TingTing\AppData\LocalLow\Intel
2020-07-01 17:14 - 2014-12-03 14:27 - 000000000 ____D C:\dell
2020-07-01 17:13 - 2014-12-03 14:41 - 000000000 ____D C:\ProgramData\Dell
2020-07-01 17:12 - 2013-08-22 11:36 - 000000000 ____D C:\windows\registration
2020-07-01 17:11 - 2015-04-23 17:03 - 000000000 ____D C:\Program Files (x86)\Dell
2020-07-01 17:08 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-07-01 17:01 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-07-01 10:23 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-07-01 10:09 - 2017-01-29 22:19 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Origin
2020-07-01 10:09 - 2017-01-29 22:14 - 000000000 ____D C:\ProgramData\Origin
2020-07-01 10:08 - 2017-01-29 22:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-07-01 10:07 - 2017-01-29 22:17 - 000000000 ____D C:\Program Files (x86)\Origin
2020-07-01 10:07 - 2017-01-29 22:14 - 000000000 ____D C:\Users\TingTing\AppData\Local\Origin
2020-07-01 09:43 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-07-01 09:43 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-07-01 09:43 - 2018-02-20 19:59 - 000003492 _____ C:\windows\system32\Tasks\Motorola Device Manager Update
2020-07-01 09:43 - 2018-02-20 19:59 - 000003300 _____ C:\windows\system32\Tasks\Motorola Device Manager Initial Update
2020-07-01 09:43 - 2016-04-06 18:56 - 000003920 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-01 09:43 - 2016-04-06 18:56 - 000003684 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-07-01 09:43 - 2015-05-21 07:46 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-07-01 09:43 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-07-01 09:43 - 2015-02-09 10:52 - 000003334 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-01 09:43 - 2015-02-09 10:52 - 000003206 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-01 09:43 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-07-01 09:43 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLVDLauncher
2020-07-01 09:43 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLMLSvc_P2G8
2020-07-01 09:43 - 2014-12-03 13:53 - 000003592 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-500
2020-07-01 08:28 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-07-01 08:01 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-06-30 15:03 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness
2020-06-30 08:10 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-30 08:10 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-27 13:02 - 2015-05-01 23:32 - 000192952 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2020-06-26 21:51 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-25 09:17 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-25 01:45 - 2017-04-25 13:58 - 000000000 ____D C:\Users\TingTing\Downloads\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us
2020-06-25 01:37 - 2015-03-03 02:28 - 000000000 ____D C:\Users\TingTing\Downloads\Microsoft Office Pro 2013
2020-06-24 12:52 - 2013-08-22 11:36 - 000000000 ___HD C:\windows\ELAMBKUP
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by TingTing (01-07-2020 18:33:40)
Running from C:\Users\TingTing\Desktop\FRST64 new
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 100.4.409 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4414 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f5f8f8e-11d9-4c64-b002-b60607ac3a29}) (Version: 20.10.1 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.74.41754 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2017-01-29 22:17 - 2020-07-01 10:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-01-29 22:17 - 2020-07-01 10:05 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8D7CDFB8-319B-45EA-B13B-D0C770162257}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
 
==================== Restore Points =========================
 
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
26-06-2020 12:54:13 Scheduled Checkpoint
01-07-2020 07:38:05 Removed Bonjour
01-07-2020 17:23:20 Installed Intel® Wireless Bluetooth®
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/01/2020 05:47:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program quickset.exe version 10.16.7.3 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 784
 
Start Time: 01d64fb9bec53395
 
Termination Time: 2
 
Application Path: C:\Program Files\Dell\QuickSet\quickset.exe
 
Report Id: 819adb01-bbe4-11ea-8368-6057185e76ac
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/01/2020 05:27:52 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "select * from CIntelWLANEvent" could not be reactivated in namespace "//./ROOT/default" because of error 0x80041010. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (07/01/2020 11:15:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 10d0
 
Start Time: 01d64fb9aef93d80
 
Termination Time: 4294967295
 
Application Path: C:\windows\system32\backgroundTaskHost.exe
 
Report Id: a3facd7c-bbad-11ea-8368-6057185e76ac
 
Faulting package full name: Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
 
System errors:
=============
Error: (07/01/2020 11:14:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A13 05/27/2019
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 31%
Total physical RAM: 12168.96 MB
Available physical RAM: 8294.12 MB
Total Virtual: 18824.96 MB
Available Virtual: 14527.63 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:481.67 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

Edited by tingtingz, 01 July 2020 - 07:13 PM.

  • 0

#58
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,923 posts
  • MVP

Try Method 2 on

https://answers.micr...21-93f9491d4444


  • 0

#59
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
I tried method 2 and rebooted. I did a FRST scan, here are the logs.
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (02-07-2020 00:54:49)
Running from C:\Users\TingTing\Desktop\FRST64 new
Loaded Profiles: TingTing
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvLaunch.exe
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7657984 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3313760 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Profile: C:\Users\TingTing\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-07-01]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [344184 2016-06-28] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-10-24] (Intel® Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2509616 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3460912 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-10-24] (Intel® Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Users\Administrator\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2020-06-28] (CPUID -> CPUID) <==== ATTENTION
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [41608 2020-01-03] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3521032 2017-10-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-01 17:47 - 2020-07-01 17:47 - 012669600 _____ (Igor Pavlov) C:\Users\TingTing\Downloads\Inspiron_5447_A13.exe
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\ProgramData\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2020-07-01 17:30 - 000000000 ____D C:\Users\TingTing\Dell update
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files\Common Files\Intel
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files (x86)\Cisco
2020-07-01 17:24 - 2020-07-01 17:32 - 000000000 ____D C:\windows\LastGood.Tmp
2020-07-01 17:18 - 2020-07-01 17:19 - 158002168 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-Wi-Fi-Driver_5TJF1_WIN_20.10.1.1190_A00.EXE
2020-07-01 17:18 - 2020-07-01 17:18 - 027788560 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-8260-8265-Bluetooth-Driver_39C26_WIN_20.60.0_A01.EXE
2020-07-01 17:14 - 2020-07-01 17:14 - 000000000 _____ C:\windows\invcol.tmp
2020-07-01 17:12 - 2020-07-01 17:56 - 000000000 ____D C:\Users\TingTing\AppData\Local\Dell Inc
2020-07-01 17:12 - 2020-07-01 17:12 - 000000000 ____D C:\ProgramData\Dell Inc
2020-07-01 17:11 - 2020-07-01 17:11 - 000521360 _____ (Dell Inc.) C:\Users\TingTing\Downloads\SupportAssistLauncher.exe
2020-07-01 07:35 - 2020-07-02 00:54 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64 new
2020-06-30 15:40 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2020-06-28 10:10 - 2020-06-28 10:10 - 000745446 _____ C:\Users\Administrator\Desktop\WINDOWS-I6D372C.txt
2020-06-27 13:03 - 2020-06-27 13:03 - 000255928 _____ (Malwarebytes) C:\windows\system32\Drivers\6321B570.sys
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\Users\Administrator\Desktop\mbar
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-06-27 13:02 - 2020-06-27 13:02 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.10.3.1001.exe
2020-06-27 12:33 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2020-06-27 12:33 - 2020-06-27 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Apple
2020-06-27 11:59 - 2020-06-27 11:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-06-27 11:58 - 2020-06-27 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2020-06-27 11:57 - 2020-06-27 11:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2020-06-27 11:56 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Power2Go8
2020-06-27 11:55 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2020-06-27 11:52 - 2020-06-27 11:52 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2020-06-27 11:51 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-06-27 11:51 - 2020-06-27 11:51 - 000001440 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-06-27 11:50 - 2020-06-28 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-06-27 11:50 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator
2020-06-27 11:50 - 2020-06-27 11:50 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2020-06-27 11:50 - 2015-03-04 06:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-06-26 21:50 - 2020-06-26 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-25 23:47 - 2020-06-25 23:47 - 000497284 _____ C:\Users\TingTing\Downloads\bfe.reg
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-06-24 12:55 - 2020-06-24 12:55 - 000069892 _____ C:\ProgramData\agent.uninstall.1593017731.bdinstall.v2.bin
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-07-01 22:27 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:15 - 2020-06-28 04:31 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-07-01 07:36 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-07-01 10:33 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-02 00:56 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-07-02 00:54 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-07-02 00:53 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-02 00:53 - 2014-12-14 04:03 - 000000000 __RDO C:\Users\TingTing\OneDrive
2020-07-02 00:53 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-07-01 23:48 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-01 23:34 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-07-01 23:31 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-07-01 23:10 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-07-01 22:56 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness
2020-07-01 22:44 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-07-01 22:44 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-07-01 22:44 - 2018-02-20 19:59 - 000003492 _____ C:\windows\system32\Tasks\Motorola Device Manager Update
2020-07-01 22:44 - 2018-02-20 19:59 - 000003300 _____ C:\windows\system32\Tasks\Motorola Device Manager Initial Update
2020-07-01 22:44 - 2016-04-06 18:56 - 000003920 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-01 22:44 - 2016-04-06 18:56 - 000003684 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-07-01 22:44 - 2015-05-21 07:46 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-07-01 22:44 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-07-01 22:44 - 2015-02-09 10:52 - 000003334 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-01 22:44 - 2015-02-09 10:52 - 000003206 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-01 22:44 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-07-01 22:44 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLVDLauncher
2020-07-01 22:44 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLMLSvc_P2G8
2020-07-01 22:44 - 2014-12-03 13:53 - 000003592 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-500
2020-07-01 20:41 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-07-01 20:31 - 2015-03-25 16:33 - 000000000 __SHD C:\Users\TingTing\IntelGraphicsProfiles
2020-07-01 20:28 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-07-01 20:27 - 2015-03-25 16:28 - 000000000 ____D C:\Users\TingTing\AppData\LocalLow\Intel
2020-07-01 18:42 - 2014-12-09 12:39 - 000003596 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-07-01 18:05 - 2015-03-25 16:33 - 000016272 _____ C:\windows\system32\results.xml
2020-07-01 18:04 - 2015-03-25 16:33 - 000000401 _____ C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-07-01 18:04 - 2014-12-03 15:41 - 000000000 ____D C:\Intel
2020-07-01 17:57 - 2015-05-31 14:04 - 000000000 ____D C:\ProgramData\PCDr
2020-07-01 17:57 - 2014-12-03 14:41 - 000000000 ____D C:\Program Files\Dell
2020-07-01 17:57 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-07-01 17:56 - 2014-12-03 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-07-01 17:33 - 2015-03-25 16:16 - 000000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-07-01 17:30 - 2014-12-03 13:54 - 000866884 _____ C:\windows\system32\PerfStringBackup.INI
2020-07-01 17:29 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Intel
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\Program Files (x86)\Intel
2020-07-01 17:26 - 2014-12-03 15:41 - 000000000 ____D C:\Program Files\Intel
2020-07-01 17:14 - 2014-12-03 14:27 - 000000000 ____D C:\dell
2020-07-01 17:13 - 2014-12-03 14:41 - 000000000 ____D C:\ProgramData\Dell
2020-07-01 17:12 - 2013-08-22 11:36 - 000000000 ____D C:\windows\registration
2020-07-01 17:11 - 2015-04-23 17:03 - 000000000 ____D C:\Program Files (x86)\Dell
2020-07-01 10:09 - 2017-01-29 22:19 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Origin
2020-07-01 10:09 - 2017-01-29 22:14 - 000000000 ____D C:\ProgramData\Origin
2020-07-01 10:08 - 2017-01-29 22:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-07-01 10:07 - 2017-01-29 22:17 - 000000000 ____D C:\Program Files (x86)\Origin
2020-07-01 10:07 - 2017-01-29 22:14 - 000000000 ____D C:\Users\TingTing\AppData\Local\Origin
2020-07-01 08:28 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-07-01 08:01 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-06-30 08:10 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-30 08:10 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-27 13:02 - 2015-05-01 23:32 - 000192952 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2020-06-26 21:51 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-25 09:17 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-25 01:45 - 2017-04-25 13:58 - 000000000 ____D C:\Users\TingTing\Downloads\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us
2020-06-25 01:37 - 2015-03-03 02:28 - 000000000 ____D C:\Users\TingTing\Downloads\Microsoft Office Pro 2013
2020-06-24 12:52 - 2013-08-22 11:36 - 000000000 ___HD C:\windows\ELAMBKUP
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by TingTing (02-07-2020 00:58:36)
Running from C:\Users\TingTing\Desktop\FRST64 new
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 100.4.409 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4414 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f5f8f8e-11d9-4c64-b002-b60607ac3a29}) (Version: 20.10.1 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.74.41754 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2017-01-29 22:17 - 2020-07-01 10:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-01-29 22:17 - 2020-07-01 10:05 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8D7CDFB8-319B-45EA-B13B-D0C770162257}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
 
==================== Restore Points =========================
 
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
26-06-2020 12:54:13 Scheduled Checkpoint
01-07-2020 07:38:05 Removed Bonjour
01-07-2020 17:23:20 Installed Intel® Wireless Bluetooth®
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/01/2020 05:47:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program quickset.exe version 10.16.7.3 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 784
 
Start Time: 01d64fb9bec53395
 
Termination Time: 2
 
Application Path: C:\Program Files\Dell\QuickSet\quickset.exe
 
Report Id: 819adb01-bbe4-11ea-8368-6057185e76ac
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/01/2020 05:27:52 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "select * from CIntelWLANEvent" could not be reactivated in namespace "//./ROOT/default" because of error 0x80041010. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (07/01/2020 11:15:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 10d0
 
Start Time: 01d64fb9aef93d80
 
Termination Time: 4294967295
 
Application Path: C:\windows\system32\backgroundTaskHost.exe
 
Report Id: a3facd7c-bbad-11ea-8368-6057185e76ac
 
Faulting package full name: Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
 
System errors:
=============
Error: (07/01/2020 11:30:41 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 11:30:41 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 08:35:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
Error: (07/01/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
The service has not been started.
 
Error: (07/01/2020 11:14:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A13 05/27/2019
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 18%
Total physical RAM: 12168.96 MB
Available physical RAM: 9963.57 MB
Total Virtual: 18824.96 MB
Available Virtual: 16822.91 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:481.1 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

Edited by tingtingz, 01 July 2020 - 11:07 PM.

  • 0

#60
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,923 posts
  • MVP

Is Windows Alarms & Clocks something you use?

 

You can try uninstalling it.  Just go to Apps then right click on it then Uninstall.  If that doesn't work then:

 

To uninstall Alarm and Clock app follow the below steps:

1. Type Windows in the search box and right click on Windows PowerShell and select Run as administrator.

2. Type get-appxpackage *Microsoft.WindowsAlarms* | remove-appxpackage  on the PowerShell and hit Enter.

 

This will uninstall the Alarm and Clock app.

 

If it's something you use then you can reinstall it:

 

B. Reinstall (MS Store app must be closed)
Windows Key+X > Click Windows Powershell (Admin) > Copy the below command and right click in Powershell to paste > Enter

Get-AppxPackage -allusers Microsoft.WindowsAlarms | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\AppXManifest.xml”}

(If there is a problem in reinstall, you can always reinstall from MS Store)


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP