Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Canít run antivirus, computer doesnít startup properly, black screen i


  • Please log in to reply

#61
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

I have uninstall and reinstall the alarm app. 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (02-07-2020 10:04:08)
Running from C:\Users\TingTing\Desktop\FRST64 new
Loaded Profiles: TingTing
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <2>
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7657984 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3313760 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Profile: C:\Users\TingTing\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-07-02]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [344184 2016-06-28] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-10-24] (Intel® Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2509616 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3460912 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-10-24] (Intel® Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Users\Administrator\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2020-06-28] (CPUID -> CPUID) <==== ATTENTION
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [41608 2020-01-03] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3521032 2017-10-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-01 17:47 - 2020-07-01 17:47 - 012669600 _____ (Igor Pavlov) C:\Users\TingTing\Downloads\Inspiron_5447_A13.exe
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\ProgramData\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2020-07-01 17:30 - 000000000 ____D C:\Users\TingTing\Dell update
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files\Common Files\Intel
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files (x86)\Cisco
2020-07-01 17:24 - 2020-07-01 17:32 - 000000000 ____D C:\windows\LastGood.Tmp
2020-07-01 17:18 - 2020-07-01 17:19 - 158002168 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-Wi-Fi-Driver_5TJF1_WIN_20.10.1.1190_A00.EXE
2020-07-01 17:18 - 2020-07-01 17:18 - 027788560 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-8260-8265-Bluetooth-Driver_39C26_WIN_20.60.0_A01.EXE
2020-07-01 17:14 - 2020-07-01 17:14 - 000000000 _____ C:\windows\invcol.tmp
2020-07-01 17:12 - 2020-07-01 17:56 - 000000000 ____D C:\Users\TingTing\AppData\Local\Dell Inc
2020-07-01 17:12 - 2020-07-01 17:12 - 000000000 ____D C:\ProgramData\Dell Inc
2020-07-01 17:11 - 2020-07-01 17:11 - 000521360 _____ (Dell Inc.) C:\Users\TingTing\Downloads\SupportAssistLauncher.exe
2020-07-01 07:35 - 2020-07-02 10:04 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64 new
2020-06-30 15:40 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2020-06-28 10:10 - 2020-06-28 10:10 - 000745446 _____ C:\Users\Administrator\Desktop\WINDOWS-I6D372C.txt
2020-06-27 13:03 - 2020-06-27 13:03 - 000255928 _____ (Malwarebytes) C:\windows\system32\Drivers\6321B570.sys
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\Users\Administrator\Desktop\mbar
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-06-27 13:02 - 2020-06-27 13:02 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.10.3.1001.exe
2020-06-27 12:33 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2020-06-27 12:33 - 2020-06-27 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Apple
2020-06-27 11:59 - 2020-06-27 11:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-06-27 11:58 - 2020-06-27 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2020-06-27 11:57 - 2020-06-27 11:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2020-06-27 11:56 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Power2Go8
2020-06-27 11:55 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2020-06-27 11:52 - 2020-06-27 11:52 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2020-06-27 11:51 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-06-27 11:51 - 2020-06-27 11:51 - 000001440 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-06-27 11:50 - 2020-06-28 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-06-27 11:50 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator
2020-06-27 11:50 - 2020-06-27 11:50 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2020-06-27 11:50 - 2015-03-04 06:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-06-26 21:50 - 2020-06-26 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-25 23:47 - 2020-06-25 23:47 - 000497284 _____ C:\Users\TingTing\Downloads\bfe.reg
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-06-24 12:55 - 2020-06-24 12:55 - 000069892 _____ C:\ProgramData\agent.uninstall.1593017731.bdinstall.v2.bin
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-07-01 22:27 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:15 - 2020-06-28 04:31 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-07-01 07:36 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-07-01 10:33 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-02 10:04 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-07-02 08:59 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness
2020-07-02 08:57 - 2014-12-09 12:39 - 000003596 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-07-02 08:54 - 2014-12-09 12:34 - 000000000 ____D C:\Users\TingTing\AppData\Local\PackageStaging
2020-07-02 08:54 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-07-02 08:48 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-02 08:33 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-07-02 08:33 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-07-02 08:32 - 2015-03-25 16:33 - 000000000 __SHD C:\Users\TingTing\IntelGraphicsProfiles
2020-07-02 08:32 - 2014-12-14 04:03 - 000000000 ___DO C:\Users\TingTing\OneDrive
2020-07-02 08:30 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-02 08:30 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-07-02 08:30 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-07-02 08:29 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-07-02 07:51 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-07-02 01:33 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-07-02 01:33 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-07-01 22:44 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-07-01 22:44 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-07-01 22:44 - 2018-02-20 19:59 - 000003492 _____ C:\windows\system32\Tasks\Motorola Device Manager Update
2020-07-01 22:44 - 2018-02-20 19:59 - 000003300 _____ C:\windows\system32\Tasks\Motorola Device Manager Initial Update
2020-07-01 22:44 - 2016-04-06 18:56 - 000003920 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-01 22:44 - 2016-04-06 18:56 - 000003684 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-07-01 22:44 - 2015-05-21 07:46 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-07-01 22:44 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-07-01 22:44 - 2015-02-09 10:52 - 000003334 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-01 22:44 - 2015-02-09 10:52 - 000003206 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-01 22:44 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-07-01 22:44 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLVDLauncher
2020-07-01 22:44 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLMLSvc_P2G8
2020-07-01 22:44 - 2014-12-03 13:53 - 000003592 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-500
2020-07-01 20:41 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-07-01 20:27 - 2015-03-25 16:28 - 000000000 ____D C:\Users\TingTing\AppData\LocalLow\Intel
2020-07-01 18:05 - 2015-03-25 16:33 - 000016272 _____ C:\windows\system32\results.xml
2020-07-01 18:04 - 2015-03-25 16:33 - 000000401 _____ C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-07-01 18:04 - 2014-12-03 15:41 - 000000000 ____D C:\Intel
2020-07-01 17:57 - 2015-05-31 14:04 - 000000000 ____D C:\ProgramData\PCDr
2020-07-01 17:57 - 2014-12-03 14:41 - 000000000 ____D C:\Program Files\Dell
2020-07-01 17:57 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-07-01 17:56 - 2014-12-03 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-07-01 17:33 - 2015-03-25 16:16 - 000000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-07-01 17:30 - 2014-12-03 13:54 - 000866884 _____ C:\windows\system32\PerfStringBackup.INI
2020-07-01 17:29 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Intel
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\Program Files (x86)\Intel
2020-07-01 17:26 - 2014-12-03 15:41 - 000000000 ____D C:\Program Files\Intel
2020-07-01 17:14 - 2014-12-03 14:27 - 000000000 ____D C:\dell
2020-07-01 17:13 - 2014-12-03 14:41 - 000000000 ____D C:\ProgramData\Dell
2020-07-01 17:12 - 2013-08-22 11:36 - 000000000 ____D C:\windows\registration
2020-07-01 17:11 - 2015-04-23 17:03 - 000000000 ____D C:\Program Files (x86)\Dell
2020-07-01 10:09 - 2017-01-29 22:19 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Origin
2020-07-01 10:09 - 2017-01-29 22:14 - 000000000 ____D C:\ProgramData\Origin
2020-07-01 10:08 - 2017-01-29 22:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-07-01 10:07 - 2017-01-29 22:17 - 000000000 ____D C:\Program Files (x86)\Origin
2020-07-01 10:07 - 2017-01-29 22:14 - 000000000 ____D C:\Users\TingTing\AppData\Local\Origin
2020-07-01 08:28 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-06-27 13:02 - 2015-05-01 23:32 - 000192952 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2020-06-26 21:51 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-25 09:17 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-25 01:45 - 2017-04-25 13:58 - 000000000 ____D C:\Users\TingTing\Downloads\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us
2020-06-25 01:37 - 2015-03-03 02:28 - 000000000 ____D C:\Users\TingTing\Downloads\Microsoft Office Pro 2013
2020-06-24 12:52 - 2013-08-22 11:36 - 000000000 ___HD C:\windows\ELAMBKUP
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by TingTing (02-07-2020 10:05:13)
Running from C:\Users\TingTing\Desktop\FRST64 new
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 100.4.409 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4414 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f5f8f8e-11d9-4c64-b002-b60607ac3a29}) (Version: 20.10.1 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.74.41754 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2017-01-29 22:17 - 2020-07-01 10:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-01-29 22:17 - 2020-07-01 10:05 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8D7CDFB8-319B-45EA-B13B-D0C770162257}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
 
==================== Restore Points =========================
 
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
26-06-2020 12:54:13 Scheduled Checkpoint
01-07-2020 07:38:05 Removed Bonjour
01-07-2020 17:23:20 Installed Intel® Wireless Bluetooth®
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/02/2020 01:03:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/01/2020 05:47:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program quickset.exe version 10.16.7.3 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 784
 
Start Time: 01d64fb9bec53395
 
Termination Time: 2
 
Application Path: C:\Program Files\Dell\QuickSet\quickset.exe
 
Report Id: 819adb01-bbe4-11ea-8368-6057185e76ac
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/01/2020 05:27:52 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "select * from CIntelWLANEvent" could not be reactivated in namespace "//./ROOT/default" because of error 0x80041010. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (07/01/2020 11:15:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 10d0
 
Start Time: 01d64fb9aef93d80
 
Termination Time: 4294967295
 
Application Path: C:\windows\system32\backgroundTaskHost.exe
 
Report Id: a3facd7c-bbad-11ea-8368-6057185e76ac
 
Faulting package full name: Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
 
System errors:
=============
Error: (07/01/2020 11:30:41 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 11:30:41 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 08:35:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
Error: (07/01/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
The service has not been started.
 
Error: (07/01/2020 11:14:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A13 05/27/2019
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 32%
Total physical RAM: 12168.96 MB
Available physical RAM: 8239.12 MB
Total Virtual: 18824.96 MB
Available Virtual: 14484.5 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:480.61 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

Advertisements


#62
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

Looks like it worked or did you not reboot after reinstalling?

 

Only error I see from today is

 
Error: (07/02/2020 01:03:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

 

 

 

This appears to be  a common problem that can be ignored as long as Office works OK:

 

https://answers.micr...4ff68dd5?page=1

 

FRST is showing your D: drive as the CD/DVD now as it should.  Is the DVD working OK now?


  • 0

#63
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

I think the DVD should be working fine but I haven't use it. I don't use it often.

 

Here is the FRST scan after reboot

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (02-07-2020 12:04:33)
Running from C:\Users\TingTing\Desktop\FRST64 new
Loaded Profiles: TingTing
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\setup\instup.exe
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7657984 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3313760 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Profile: C:\Users\TingTing\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-07-02]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [344184 2016-06-28] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-10-24] (Intel® Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2509616 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3460912 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-10-24] (Intel® Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Users\Administrator\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2020-06-28] (CPUID -> CPUID) <==== ATTENTION
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [41608 2020-01-03] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3521032 2017-10-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-01 17:47 - 2020-07-01 17:47 - 012669600 _____ (Igor Pavlov) C:\Users\TingTing\Downloads\Inspiron_5447_A13.exe
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\ProgramData\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2020-07-01 17:30 - 000000000 ____D C:\Users\TingTing\Dell update
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files\Common Files\Intel
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files (x86)\Cisco
2020-07-01 17:24 - 2020-07-01 17:32 - 000000000 ____D C:\windows\LastGood.Tmp
2020-07-01 17:18 - 2020-07-01 17:19 - 158002168 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-Wi-Fi-Driver_5TJF1_WIN_20.10.1.1190_A00.EXE
2020-07-01 17:18 - 2020-07-01 17:18 - 027788560 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-8260-8265-Bluetooth-Driver_39C26_WIN_20.60.0_A01.EXE
2020-07-01 17:14 - 2020-07-01 17:14 - 000000000 _____ C:\windows\invcol.tmp
2020-07-01 17:12 - 2020-07-01 17:56 - 000000000 ____D C:\Users\TingTing\AppData\Local\Dell Inc
2020-07-01 17:12 - 2020-07-01 17:12 - 000000000 ____D C:\ProgramData\Dell Inc
2020-07-01 17:11 - 2020-07-01 17:11 - 000521360 _____ (Dell Inc.) C:\Users\TingTing\Downloads\SupportAssistLauncher.exe
2020-07-01 07:35 - 2020-07-02 12:04 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64 new
2020-06-30 15:40 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2020-06-28 10:10 - 2020-06-28 10:10 - 000745446 _____ C:\Users\Administrator\Desktop\WINDOWS-I6D372C.txt
2020-06-27 13:03 - 2020-06-27 13:03 - 000255928 _____ (Malwarebytes) C:\windows\system32\Drivers\6321B570.sys
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\Users\Administrator\Desktop\mbar
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-06-27 13:02 - 2020-06-27 13:02 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.10.3.1001.exe
2020-06-27 12:33 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2020-06-27 12:33 - 2020-06-27 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Apple
2020-06-27 11:59 - 2020-06-27 11:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-06-27 11:58 - 2020-06-27 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2020-06-27 11:57 - 2020-06-27 11:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2020-06-27 11:56 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Power2Go8
2020-06-27 11:55 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2020-06-27 11:52 - 2020-06-27 11:52 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2020-06-27 11:51 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-06-27 11:51 - 2020-06-27 11:51 - 000001440 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-06-27 11:50 - 2020-06-28 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-06-27 11:50 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator
2020-06-27 11:50 - 2020-06-27 11:50 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2020-06-27 11:50 - 2015-03-04 06:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-06-26 21:50 - 2020-06-26 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-25 23:47 - 2020-06-25 23:47 - 000497284 _____ C:\Users\TingTing\Downloads\bfe.reg
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-06-24 12:55 - 2020-06-24 12:55 - 000069892 _____ C:\ProgramData\agent.uninstall.1593017731.bdinstall.v2.bin
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-07-02 10:53 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:15 - 2020-06-28 04:31 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-07-01 07:36 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-07-01 10:33 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-02 12:09 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-07-02 12:04 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-07-02 12:03 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-07-02 12:03 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-07-02 12:02 - 2015-03-25 16:33 - 000000000 __SHD C:\Users\TingTing\IntelGraphicsProfiles
2020-07-02 12:02 - 2014-12-14 04:03 - 000000000 __RDO C:\Users\TingTing\OneDrive
2020-07-02 12:01 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-02 12:01 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-07-02 12:00 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-02 12:00 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-07-02 12:00 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-07-02 11:14 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-07-02 11:14 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-07-02 11:14 - 2018-02-20 19:59 - 000003492 _____ C:\windows\system32\Tasks\Motorola Device Manager Update
2020-07-02 11:14 - 2018-02-20 19:59 - 000003300 _____ C:\windows\system32\Tasks\Motorola Device Manager Initial Update
2020-07-02 11:14 - 2016-04-06 18:56 - 000003920 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-02 11:14 - 2016-04-06 18:56 - 000003684 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-07-02 11:14 - 2015-05-21 07:46 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-07-02 11:14 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-07-02 11:14 - 2015-02-09 10:52 - 000003334 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-02 11:14 - 2015-02-09 10:52 - 000003206 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-02 11:14 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-07-02 11:14 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-07-02 11:14 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLVDLauncher
2020-07-02 11:14 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLMLSvc_P2G8
2020-07-02 11:14 - 2014-12-03 13:53 - 000003592 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-500
2020-07-02 08:59 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness
2020-07-02 08:57 - 2014-12-09 12:39 - 000003596 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-07-02 08:54 - 2014-12-09 12:34 - 000000000 ____D C:\Users\TingTing\AppData\Local\PackageStaging
2020-07-02 08:54 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-07-02 01:33 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-07-02 01:33 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-07-01 20:27 - 2015-03-25 16:28 - 000000000 ____D C:\Users\TingTing\AppData\LocalLow\Intel
2020-07-01 18:05 - 2015-03-25 16:33 - 000016272 _____ C:\windows\system32\results.xml
2020-07-01 18:04 - 2015-03-25 16:33 - 000000401 _____ C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-07-01 18:04 - 2014-12-03 15:41 - 000000000 ____D C:\Intel
2020-07-01 17:57 - 2015-05-31 14:04 - 000000000 ____D C:\ProgramData\PCDr
2020-07-01 17:57 - 2014-12-03 14:41 - 000000000 ____D C:\Program Files\Dell
2020-07-01 17:57 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-07-01 17:56 - 2014-12-03 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-07-01 17:33 - 2015-03-25 16:16 - 000000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-07-01 17:30 - 2014-12-03 13:54 - 000866884 _____ C:\windows\system32\PerfStringBackup.INI
2020-07-01 17:29 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Intel
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\Program Files (x86)\Intel
2020-07-01 17:26 - 2014-12-03 15:41 - 000000000 ____D C:\Program Files\Intel
2020-07-01 17:14 - 2014-12-03 14:27 - 000000000 ____D C:\dell
2020-07-01 17:13 - 2014-12-03 14:41 - 000000000 ____D C:\ProgramData\Dell
2020-07-01 17:12 - 2013-08-22 11:36 - 000000000 ____D C:\windows\registration
2020-07-01 17:11 - 2015-04-23 17:03 - 000000000 ____D C:\Program Files (x86)\Dell
2020-07-01 10:09 - 2017-01-29 22:19 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Origin
2020-07-01 10:09 - 2017-01-29 22:14 - 000000000 ____D C:\ProgramData\Origin
2020-07-01 10:08 - 2017-01-29 22:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-07-01 10:07 - 2017-01-29 22:17 - 000000000 ____D C:\Program Files (x86)\Origin
2020-07-01 10:07 - 2017-01-29 22:14 - 000000000 ____D C:\Users\TingTing\AppData\Local\Origin
2020-07-01 08:28 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-06-27 13:02 - 2015-05-01 23:32 - 000192952 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2020-06-26 21:51 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-25 09:17 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-25 01:45 - 2017-04-25 13:58 - 000000000 ____D C:\Users\TingTing\Downloads\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us
2020-06-25 01:37 - 2015-03-03 02:28 - 000000000 ____D C:\Users\TingTing\Downloads\Microsoft Office Pro 2013
2020-06-24 12:52 - 2013-08-22 11:36 - 000000000 ___HD C:\windows\ELAMBKUP
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by TingTing (02-07-2020 12:13:00)
Running from C:\Users\TingTing\Desktop\FRST64 new
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 100.4.409 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4414 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f5f8f8e-11d9-4c64-b002-b60607ac3a29}) (Version: 20.10.1 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.74.41754 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2017-01-29 22:17 - 2020-07-01 10:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-01-29 22:17 - 2020-07-01 10:05 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8D7CDFB8-319B-45EA-B13B-D0C770162257}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
 
==================== Restore Points =========================
 
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
26-06-2020 12:54:13 Scheduled Checkpoint
01-07-2020 07:38:05 Removed Bonjour
01-07-2020 17:23:20 Installed Intel® Wireless Bluetooth®
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/02/2020 01:03:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/01/2020 05:47:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program quickset.exe version 10.16.7.3 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 784
 
Start Time: 01d64fb9bec53395
 
Termination Time: 2
 
Application Path: C:\Program Files\Dell\QuickSet\quickset.exe
 
Report Id: 819adb01-bbe4-11ea-8368-6057185e76ac
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/01/2020 05:27:52 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "select * from CIntelWLANEvent" could not be reactivated in namespace "//./ROOT/default" because of error 0x80041010. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (07/01/2020 11:15:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 10d0
 
Start Time: 01d64fb9aef93d80
 
Termination Time: 4294967295
 
Application Path: C:\windows\system32\backgroundTaskHost.exe
 
Report Id: a3facd7c-bbad-11ea-8368-6057185e76ac
 
Faulting package full name: Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
 
System errors:
=============
Error: (07/02/2020 12:03:05 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9AA46009-3CE0-458A-A354-715610A075E6} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 11:30:41 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 11:30:41 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 08:35:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
Error: (07/01/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
The service has not been started.
 
Error: (07/01/2020 11:14:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A13 05/27/2019
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 20%
Total physical RAM: 12168.96 MB
Available physical RAM: 9707.12 MB
Total Virtual: 18824.96 MB
Available Virtual: 16855.44 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:480.32 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

Edited by tingtingz, 02 July 2020 - 10:53 AM.

  • 0

#64
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

Nothing new in the errors so I think we are OK.  I think I got your case confused with another when I asked about the DVD. 

 

How is it running now?


  • 0

#65
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

It is running good. Thanks for your help. I would have not know what is wrong and how to fix my computer.


  • 0

#66
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

Time to clean up:
If we used FRST to clean your PC:

right click on FRST.exe or FRST64.exe (whichever you used) and rename it to uninstall.exe.  Then right click on uninstall.exe and Run as Admin.

 
If we installed Speccy it needs to be uninstalled.  Process Explorer, VEW, AdwCleaner, JRT  and their logs and Speccy's log can just be deleted.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan.  Go slow and uncheck the optional stuff.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions.


If you use Chrome/Firefox/Edge then get the Ublock Origin extension.  For IE go to adblockplus.org  and get the program.
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox. Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
(If it complains about Chrome still running you can stop it with Task Manager or go into Chrome then go to:

chrome://settings/

Hit Advanced at the bottom of the page then scroll down to near the bottom where it says System.

Change
Continue running background apps when Google Chrome is closed
to Off (slide the blue thing to the left and it turns brown)
Close Chrome.


If the browser is still slow then go in and disable all of your extensions, close the browser and Optimize with SpeedyFox then restart the browser.  If that helps then one or more of your extensions is at fault.  Go back in and turn them on one at a time and see if you can figure out which ones slow things down the most.

If you are a Facebook user get the FB Purity extension for your browser:
http://www.fbpurity.com/
This will stop all of the suggested pages and ads so that Facebook loads much quicker.


Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combefore you open them.

Due to a recent rise in the number of Crytolocker infections I am now recommending you install:

https://www.bleeping...somware/dl/306/
It's currently a free version.

If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.
If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.

Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not the latest.  If in doubt uninstall all.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.

If you are running Win 10 you probably want Classic Shell:  http://www.classicshell.net/ This program will make Win 10 act like Win 7 with the same controls you are used to.



Recommended software: (I'm not saying you should download these just that if you have a need for a new program these are safe and work)  
Compression:  7-zip.  Avoid WinRar and WinZip as the free versions have adware.
Video Player:  VLC  Unlike Windows Media Player it never seems to need extra files to work.
Office-like free program:  Open Office: https://www.openoffice.org/download/
or
LibreOffice: https://www.libreoffice.org/
Free Anti-Virus:  Avast
Free Malware prevention:  MBAM: Free version at https://www.malwareb...m/mwb-download/
Can run with your anti-virus.
Paid Anti-Virus:  Kaspersky or BitDefender
Utilities:
Root Kit Detector:  MBAR: https://www.malwareb...om/antirootkit/
Process Explorer:  Show you what is running on the PC.  Like Task manager but better:  http://live.sysinter...com/procexp.exe
WhoCrashed: Why did your system crash?
http://www.resplendence.com/downloads
Then click on Download free home edition
where it says:
WhoCrashed 5.51
Comprehensible crash dump analysis tool
for Windows 10/8.1/8/7/Vista/XP/2012/2008/2003 (x86 and x64)
System Health:
Speccy:  
http://www.filehippo.com/download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Decline CCleaner if offered.  Pay attention to SMART info on your hard drives and to temps.  If in doubt about temps try:
SpeedFan:  Try speedfan
http://www.filehippo...nload_speedfan/
Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.

With Win 10 only there is a new Game recorder program.  It's supposed to only work for games but it works nicely to record any video you watch.  Hit the Win key + Alt + r to start the recorder.  The first time it asks you if it is looking at a game.  Just tell it yes.  After that it starts recording whenever you bring it up.  Videos are saved to the Captures folder under Videos.  You can only record what you watch so limited to only one video at a time.  Best to go to full screen before starting the recorder.

Avoid:  
Advanced System Care
SuperAntiSpyware
HitmanPro
Spybot S&D
Any P2P software especially if it comes from Conduit.
Registry Cleaners
Driver updating software.
PC fixing or Speed up software.
Running more than one anti-virus.
Seagate hard drives.  If you have one it's going to fail on you so backup your data now!


 


  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP