Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Canít run antivirus, computer doesnít startup properly, black screen i


  • Please log in to reply

#61
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

I have uninstall and reinstall the alarm app. 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (02-07-2020 10:04:08)
Running from C:\Users\TingTing\Desktop\FRST64 new
Loaded Profiles: TingTing
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <2>
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7657984 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3313760 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Profile: C:\Users\TingTing\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-07-02]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [344184 2016-06-28] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-10-24] (Intel® Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2509616 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3460912 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-10-24] (Intel® Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Users\Administrator\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2020-06-28] (CPUID -> CPUID) <==== ATTENTION
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [41608 2020-01-03] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3521032 2017-10-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-01 17:47 - 2020-07-01 17:47 - 012669600 _____ (Igor Pavlov) C:\Users\TingTing\Downloads\Inspiron_5447_A13.exe
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\ProgramData\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2020-07-01 17:30 - 000000000 ____D C:\Users\TingTing\Dell update
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files\Common Files\Intel
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files (x86)\Cisco
2020-07-01 17:24 - 2020-07-01 17:32 - 000000000 ____D C:\windows\LastGood.Tmp
2020-07-01 17:18 - 2020-07-01 17:19 - 158002168 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-Wi-Fi-Driver_5TJF1_WIN_20.10.1.1190_A00.EXE
2020-07-01 17:18 - 2020-07-01 17:18 - 027788560 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-8260-8265-Bluetooth-Driver_39C26_WIN_20.60.0_A01.EXE
2020-07-01 17:14 - 2020-07-01 17:14 - 000000000 _____ C:\windows\invcol.tmp
2020-07-01 17:12 - 2020-07-01 17:56 - 000000000 ____D C:\Users\TingTing\AppData\Local\Dell Inc
2020-07-01 17:12 - 2020-07-01 17:12 - 000000000 ____D C:\ProgramData\Dell Inc
2020-07-01 17:11 - 2020-07-01 17:11 - 000521360 _____ (Dell Inc.) C:\Users\TingTing\Downloads\SupportAssistLauncher.exe
2020-07-01 07:35 - 2020-07-02 10:04 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64 new
2020-06-30 15:40 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2020-06-28 10:10 - 2020-06-28 10:10 - 000745446 _____ C:\Users\Administrator\Desktop\WINDOWS-I6D372C.txt
2020-06-27 13:03 - 2020-06-27 13:03 - 000255928 _____ (Malwarebytes) C:\windows\system32\Drivers\6321B570.sys
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\Users\Administrator\Desktop\mbar
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-06-27 13:02 - 2020-06-27 13:02 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.10.3.1001.exe
2020-06-27 12:33 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2020-06-27 12:33 - 2020-06-27 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Apple
2020-06-27 11:59 - 2020-06-27 11:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-06-27 11:58 - 2020-06-27 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2020-06-27 11:57 - 2020-06-27 11:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2020-06-27 11:56 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Power2Go8
2020-06-27 11:55 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2020-06-27 11:52 - 2020-06-27 11:52 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2020-06-27 11:51 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-06-27 11:51 - 2020-06-27 11:51 - 000001440 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-06-27 11:50 - 2020-06-28 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-06-27 11:50 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator
2020-06-27 11:50 - 2020-06-27 11:50 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2020-06-27 11:50 - 2015-03-04 06:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-06-26 21:50 - 2020-06-26 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-25 23:47 - 2020-06-25 23:47 - 000497284 _____ C:\Users\TingTing\Downloads\bfe.reg
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-06-24 12:55 - 2020-06-24 12:55 - 000069892 _____ C:\ProgramData\agent.uninstall.1593017731.bdinstall.v2.bin
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-07-01 22:27 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:15 - 2020-06-28 04:31 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-07-01 07:36 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-07-01 10:33 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-02 10:04 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-07-02 08:59 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness
2020-07-02 08:57 - 2014-12-09 12:39 - 000003596 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-07-02 08:54 - 2014-12-09 12:34 - 000000000 ____D C:\Users\TingTing\AppData\Local\PackageStaging
2020-07-02 08:54 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-07-02 08:48 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-02 08:33 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-07-02 08:33 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-07-02 08:32 - 2015-03-25 16:33 - 000000000 __SHD C:\Users\TingTing\IntelGraphicsProfiles
2020-07-02 08:32 - 2014-12-14 04:03 - 000000000 ___DO C:\Users\TingTing\OneDrive
2020-07-02 08:30 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-02 08:30 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-07-02 08:30 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-07-02 08:29 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-07-02 07:51 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-07-02 01:33 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-07-02 01:33 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-07-01 22:44 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-07-01 22:44 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-07-01 22:44 - 2018-02-20 19:59 - 000003492 _____ C:\windows\system32\Tasks\Motorola Device Manager Update
2020-07-01 22:44 - 2018-02-20 19:59 - 000003300 _____ C:\windows\system32\Tasks\Motorola Device Manager Initial Update
2020-07-01 22:44 - 2016-04-06 18:56 - 000003920 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-01 22:44 - 2016-04-06 18:56 - 000003684 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-07-01 22:44 - 2015-05-21 07:46 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-07-01 22:44 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-07-01 22:44 - 2015-02-09 10:52 - 000003334 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-01 22:44 - 2015-02-09 10:52 - 000003206 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-01 22:44 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-07-01 22:44 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLVDLauncher
2020-07-01 22:44 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLMLSvc_P2G8
2020-07-01 22:44 - 2014-12-03 13:53 - 000003592 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-500
2020-07-01 20:41 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-07-01 20:27 - 2015-03-25 16:28 - 000000000 ____D C:\Users\TingTing\AppData\LocalLow\Intel
2020-07-01 18:05 - 2015-03-25 16:33 - 000016272 _____ C:\windows\system32\results.xml
2020-07-01 18:04 - 2015-03-25 16:33 - 000000401 _____ C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-07-01 18:04 - 2014-12-03 15:41 - 000000000 ____D C:\Intel
2020-07-01 17:57 - 2015-05-31 14:04 - 000000000 ____D C:\ProgramData\PCDr
2020-07-01 17:57 - 2014-12-03 14:41 - 000000000 ____D C:\Program Files\Dell
2020-07-01 17:57 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-07-01 17:56 - 2014-12-03 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-07-01 17:33 - 2015-03-25 16:16 - 000000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-07-01 17:30 - 2014-12-03 13:54 - 000866884 _____ C:\windows\system32\PerfStringBackup.INI
2020-07-01 17:29 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Intel
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\Program Files (x86)\Intel
2020-07-01 17:26 - 2014-12-03 15:41 - 000000000 ____D C:\Program Files\Intel
2020-07-01 17:14 - 2014-12-03 14:27 - 000000000 ____D C:\dell
2020-07-01 17:13 - 2014-12-03 14:41 - 000000000 ____D C:\ProgramData\Dell
2020-07-01 17:12 - 2013-08-22 11:36 - 000000000 ____D C:\windows\registration
2020-07-01 17:11 - 2015-04-23 17:03 - 000000000 ____D C:\Program Files (x86)\Dell
2020-07-01 10:09 - 2017-01-29 22:19 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Origin
2020-07-01 10:09 - 2017-01-29 22:14 - 000000000 ____D C:\ProgramData\Origin
2020-07-01 10:08 - 2017-01-29 22:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-07-01 10:07 - 2017-01-29 22:17 - 000000000 ____D C:\Program Files (x86)\Origin
2020-07-01 10:07 - 2017-01-29 22:14 - 000000000 ____D C:\Users\TingTing\AppData\Local\Origin
2020-07-01 08:28 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-06-27 13:02 - 2015-05-01 23:32 - 000192952 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2020-06-26 21:51 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-25 09:17 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-25 01:45 - 2017-04-25 13:58 - 000000000 ____D C:\Users\TingTing\Downloads\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us
2020-06-25 01:37 - 2015-03-03 02:28 - 000000000 ____D C:\Users\TingTing\Downloads\Microsoft Office Pro 2013
2020-06-24 12:52 - 2013-08-22 11:36 - 000000000 ___HD C:\windows\ELAMBKUP
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by TingTing (02-07-2020 10:05:13)
Running from C:\Users\TingTing\Desktop\FRST64 new
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 100.4.409 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4414 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f5f8f8e-11d9-4c64-b002-b60607ac3a29}) (Version: 20.10.1 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.74.41754 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2017-01-29 22:17 - 2020-07-01 10:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-01-29 22:17 - 2020-07-01 10:05 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8D7CDFB8-319B-45EA-B13B-D0C770162257}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
 
==================== Restore Points =========================
 
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
26-06-2020 12:54:13 Scheduled Checkpoint
01-07-2020 07:38:05 Removed Bonjour
01-07-2020 17:23:20 Installed Intel® Wireless Bluetooth®
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/02/2020 01:03:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/01/2020 05:47:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program quickset.exe version 10.16.7.3 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 784
 
Start Time: 01d64fb9bec53395
 
Termination Time: 2
 
Application Path: C:\Program Files\Dell\QuickSet\quickset.exe
 
Report Id: 819adb01-bbe4-11ea-8368-6057185e76ac
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/01/2020 05:27:52 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "select * from CIntelWLANEvent" could not be reactivated in namespace "//./ROOT/default" because of error 0x80041010. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (07/01/2020 11:15:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 10d0
 
Start Time: 01d64fb9aef93d80
 
Termination Time: 4294967295
 
Application Path: C:\windows\system32\backgroundTaskHost.exe
 
Report Id: a3facd7c-bbad-11ea-8368-6057185e76ac
 
Faulting package full name: Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
 
System errors:
=============
Error: (07/01/2020 11:30:41 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 11:30:41 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 08:35:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
Error: (07/01/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
The service has not been started.
 
Error: (07/01/2020 11:14:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A13 05/27/2019
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 32%
Total physical RAM: 12168.96 MB
Available physical RAM: 8239.12 MB
Total Virtual: 18824.96 MB
Available Virtual: 14484.5 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:480.61 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

Advertisements


#62
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,000 posts
  • MVP

Looks like it worked or did you not reboot after reinstalling?

 

Only error I see from today is

 
Error: (07/02/2020 01:03:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

 

 

 

This appears to be  a common problem that can be ignored as long as Office works OK:

 

https://answers.micr...4ff68dd5?page=1

 

FRST is showing your D: drive as the CD/DVD now as it should.  Is the DVD working OK now?


  • 0

#63
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

I think the DVD should be working fine but I haven't use it. I don't use it often.

 

Here is the FRST scan after reboot

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (02-07-2020 12:04:33)
Running from C:\Users\TingTing\Desktop\FRST64 new
Loaded Profiles: TingTing
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\setup\instup.exe
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7657984 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3313760 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {D534D1AD-0B16-429F-BF87-6E7A663ACF58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Profile: C:\Users\TingTing\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-07-02]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [344184 2016-06-28] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-10-24] (Intel® Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2509616 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3460912 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-10-24] (Intel® Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Users\Administrator\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2020-06-28] (CPUID -> CPUID) <==== ATTENTION
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [41608 2020-01-03] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3521032 2017-10-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-01 17:47 - 2020-07-01 17:47 - 012669600 _____ (Igor Pavlov) C:\Users\TingTing\Downloads\Inspiron_5447_A13.exe
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\ProgramData\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2020-07-01 17:30 - 000000000 ____D C:\Users\TingTing\Dell update
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files\Common Files\Intel
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files (x86)\Cisco
2020-07-01 17:24 - 2020-07-01 17:32 - 000000000 ____D C:\windows\LastGood.Tmp
2020-07-01 17:18 - 2020-07-01 17:19 - 158002168 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-Wi-Fi-Driver_5TJF1_WIN_20.10.1.1190_A00.EXE
2020-07-01 17:18 - 2020-07-01 17:18 - 027788560 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-8260-8265-Bluetooth-Driver_39C26_WIN_20.60.0_A01.EXE
2020-07-01 17:14 - 2020-07-01 17:14 - 000000000 _____ C:\windows\invcol.tmp
2020-07-01 17:12 - 2020-07-01 17:56 - 000000000 ____D C:\Users\TingTing\AppData\Local\Dell Inc
2020-07-01 17:12 - 2020-07-01 17:12 - 000000000 ____D C:\ProgramData\Dell Inc
2020-07-01 17:11 - 2020-07-01 17:11 - 000521360 _____ (Dell Inc.) C:\Users\TingTing\Downloads\SupportAssistLauncher.exe
2020-07-01 07:35 - 2020-07-02 12:04 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64 new
2020-06-30 15:40 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2020-06-28 10:10 - 2020-06-28 10:10 - 000745446 _____ C:\Users\Administrator\Desktop\WINDOWS-I6D372C.txt
2020-06-27 13:03 - 2020-06-27 13:03 - 000255928 _____ (Malwarebytes) C:\windows\system32\Drivers\6321B570.sys
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\Users\Administrator\Desktop\mbar
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-06-27 13:02 - 2020-06-27 13:02 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.10.3.1001.exe
2020-06-27 12:33 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2020-06-27 12:33 - 2020-06-27 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Apple
2020-06-27 11:59 - 2020-06-27 11:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-06-27 11:58 - 2020-06-27 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2020-06-27 11:57 - 2020-06-27 11:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2020-06-27 11:56 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Power2Go8
2020-06-27 11:55 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2020-06-27 11:52 - 2020-06-27 11:52 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2020-06-27 11:51 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-06-27 11:51 - 2020-06-27 11:51 - 000001440 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-06-27 11:50 - 2020-06-28 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-06-27 11:50 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator
2020-06-27 11:50 - 2020-06-27 11:50 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2020-06-27 11:50 - 2015-03-04 06:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-06-26 21:50 - 2020-06-26 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-25 23:47 - 2020-06-25 23:47 - 000497284 _____ C:\Users\TingTing\Downloads\bfe.reg
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-06-25 13:11 - 2020-06-25 13:11 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-06-24 12:55 - 2020-06-24 12:55 - 000069892 _____ C:\ProgramData\agent.uninstall.1593017731.bdinstall.v2.bin
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-07-02 10:53 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:15 - 2020-06-28 04:31 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-07-01 07:36 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-07-01 10:33 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 17:20 - 2020-06-13 19:06 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000838 _____ C:\Users\TingTing\Desktop\HandBrake.lnk
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-06-13 17:20 - 2020-06-13 17:20 - 000000000 ____D C:\Program Files\HandBrake
2020-06-13 17:19 - 2020-06-13 17:19 - 013534240 _____ C:\Users\TingTing\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2020-06-13 16:19 - 2020-06-13 16:19 - 002047628 _____ C:\Users\TingTing\Downloads\IMG_2947.jpeg
2020-06-13 15:59 - 2020-06-13 16:00 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Anvsoft
2020-06-13 15:59 - 2020-06-13 15:59 - 000001217 _____ C:\Users\TingTing\Desktop\Any Video Converter.lnk
2020-06-13 15:59 - 2020-06-13 15:59 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2020-06-13 15:55 - 2020-06-13 15:55 - 070165464 _____ (Any-Video-Converter.com ) C:\Users\TingTing\Downloads\avc-ultimate.exe
2020-06-13 15:55 - 2020-06-13 15:55 - 069927624 _____ C:\Users\TingTing\Downloads\avc-free.exe
2020-06-10 05:17 - 2020-05-29 22:54 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-06-10 05:17 - 2020-05-20 11:21 - 007362312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-06-10 05:17 - 2020-05-20 08:48 - 025755648 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-06-10 05:17 - 2020-05-20 08:25 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 005499392 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-06-10 05:17 - 2020-05-20 08:13 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-06-10 05:17 - 2020-05-20 07:46 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 015478784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-06-10 05:17 - 2020-05-20 07:37 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 07:35 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 07:23 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-06-10 05:17 - 2020-05-20 07:12 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-06-10 05:17 - 2020-05-20 07:00 - 020291584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-06-10 05:17 - 2020-05-20 06:44 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-06-10 05:17 - 2020-05-20 06:34 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-06-10 05:17 - 2020-05-20 06:14 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-06-10 05:17 - 2020-05-20 06:11 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-06-10 05:17 - 2020-05-20 06:09 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-06-10 05:17 - 2020-05-20 06:08 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-06-10 05:17 - 2020-05-20 06:06 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-06-10 05:17 - 2020-05-20 05:50 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-06-10 05:17 - 2020-05-20 05:47 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-06-10 05:17 - 2020-05-13 13:49 - 001368592 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-06-10 05:17 - 2020-05-10 00:15 - 003331584 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-06-10 05:17 - 2020-05-09 23:53 - 003640320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-06-10 05:17 - 2020-05-09 23:25 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-06-10 05:17 - 2020-05-09 23:17 - 014533120 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-06-10 05:17 - 2020-05-09 23:09 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-06-10 05:16 - 2020-06-02 01:18 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\atl.dll
2020-06-10 05:16 - 2020-06-02 00:50 - 000088064 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl.dll
2020-06-10 05:16 - 2020-06-02 00:44 - 001489408 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:43 - 001464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2020-06-10 05:16 - 2020-06-02 00:35 - 000787968 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-06-10 05:16 - 2020-06-02 00:27 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2020-06-10 05:16 - 2020-06-02 00:25 - 001204736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2020-06-10 05:16 - 2020-06-01 23:59 - 000268288 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-06-10 05:16 - 2020-06-01 23:47 - 001684992 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-06-10 05:16 - 2020-05-29 22:30 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-06-10 05:16 - 2020-05-29 21:41 - 001368576 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2020-06-10 05:16 - 2020-05-29 21:23 - 000827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2020-06-10 05:16 - 2020-05-27 19:06 - 022364856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-06-10 05:16 - 2020-05-27 19:06 - 019796328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-06-10 05:16 - 2020-05-20 11:25 - 001384648 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 002170784 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001662512 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2020-06-10 05:16 - 2020-05-20 11:21 - 001062344 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 001135696 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 11:20 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 08:27 - 002911744 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-06-10 05:16 - 2020-05-20 07:56 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-06-10 05:16 - 2020-05-20 07:52 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 07:50 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 07:44 - 001124800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001560272 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 001214720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2020-06-10 05:16 - 2020-05-20 07:40 - 000548440 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000614056 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-06-10 05:16 - 2020-05-20 07:39 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-06-10 05:16 - 2020-05-20 07:34 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2020-06-10 05:16 - 2020-05-20 07:26 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 07:01 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-06-10 05:16 - 2020-05-20 06:53 - 000861696 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-06-10 05:16 - 2020-05-20 06:40 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-06-10 05:16 - 2020-05-20 06:21 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-06-10 05:16 - 2020-05-20 06:18 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-06-10 05:16 - 2020-05-20 06:16 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-06-10 05:16 - 2020-05-20 06:06 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2020-06-10 05:16 - 2020-05-20 06:01 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-06-10 05:16 - 2020-05-20 05:46 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-06-10 05:16 - 2020-05-12 21:23 - 000414624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-06-10 05:16 - 2020-05-12 21:23 - 000373888 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 19:37 - 000270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-12 05:47 - 000466840 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-06-10 05:16 - 2020-05-12 05:46 - 000415240 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-06-10 05:16 - 2020-05-12 02:42 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-06-10 05:16 - 2020-05-10 05:24 - 001311768 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-06-10 05:16 - 2020-05-10 00:36 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2020-06-10 05:16 - 2020-05-10 00:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2020-06-10 05:16 - 2020-05-10 00:20 - 000340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2020-06-10 05:16 - 2020-05-10 00:03 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-06-10 05:16 - 2020-05-09 23:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2020-06-10 05:16 - 2020-05-09 23:53 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2020-06-10 05:16 - 2020-05-09 23:47 - 000936448 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-06-10 05:16 - 2020-05-09 23:23 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-06-10 05:16 - 2020-05-09 21:10 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-06-10 05:16 - 2020-05-01 10:17 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2020-06-10 05:16 - 2020-05-01 10:15 - 000866304 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-02 12:09 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-07-02 12:04 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-07-02 12:03 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-07-02 12:03 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-07-02 12:02 - 2015-03-25 16:33 - 000000000 __SHD C:\Users\TingTing\IntelGraphicsProfiles
2020-07-02 12:02 - 2014-12-14 04:03 - 000000000 __RDO C:\Users\TingTing\OneDrive
2020-07-02 12:01 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-02 12:01 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-07-02 12:00 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-02 12:00 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-07-02 12:00 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-07-02 11:14 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-07-02 11:14 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-07-02 11:14 - 2018-02-20 19:59 - 000003492 _____ C:\windows\system32\Tasks\Motorola Device Manager Update
2020-07-02 11:14 - 2018-02-20 19:59 - 000003300 _____ C:\windows\system32\Tasks\Motorola Device Manager Initial Update
2020-07-02 11:14 - 2016-04-06 18:56 - 000003920 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-02 11:14 - 2016-04-06 18:56 - 000003684 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-07-02 11:14 - 2015-05-21 07:46 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-07-02 11:14 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-07-02 11:14 - 2015-02-09 10:52 - 000003334 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-02 11:14 - 2015-02-09 10:52 - 000003206 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-02 11:14 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-07-02 11:14 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-07-02 11:14 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLVDLauncher
2020-07-02 11:14 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLMLSvc_P2G8
2020-07-02 11:14 - 2014-12-03 13:53 - 000003592 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-500
2020-07-02 08:59 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness
2020-07-02 08:57 - 2014-12-09 12:39 - 000003596 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-07-02 08:54 - 2014-12-09 12:34 - 000000000 ____D C:\Users\TingTing\AppData\Local\PackageStaging
2020-07-02 08:54 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-07-02 01:33 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-07-02 01:33 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-07-01 20:27 - 2015-03-25 16:28 - 000000000 ____D C:\Users\TingTing\AppData\LocalLow\Intel
2020-07-01 18:05 - 2015-03-25 16:33 - 000016272 _____ C:\windows\system32\results.xml
2020-07-01 18:04 - 2015-03-25 16:33 - 000000401 _____ C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-07-01 18:04 - 2014-12-03 15:41 - 000000000 ____D C:\Intel
2020-07-01 17:57 - 2015-05-31 14:04 - 000000000 ____D C:\ProgramData\PCDr
2020-07-01 17:57 - 2014-12-03 14:41 - 000000000 ____D C:\Program Files\Dell
2020-07-01 17:57 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-07-01 17:56 - 2014-12-03 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-07-01 17:33 - 2015-03-25 16:16 - 000000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-07-01 17:30 - 2014-12-03 13:54 - 000866884 _____ C:\windows\system32\PerfStringBackup.INI
2020-07-01 17:29 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Intel
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\Program Files (x86)\Intel
2020-07-01 17:26 - 2014-12-03 15:41 - 000000000 ____D C:\Program Files\Intel
2020-07-01 17:14 - 2014-12-03 14:27 - 000000000 ____D C:\dell
2020-07-01 17:13 - 2014-12-03 14:41 - 000000000 ____D C:\ProgramData\Dell
2020-07-01 17:12 - 2013-08-22 11:36 - 000000000 ____D C:\windows\registration
2020-07-01 17:11 - 2015-04-23 17:03 - 000000000 ____D C:\Program Files (x86)\Dell
2020-07-01 10:09 - 2017-01-29 22:19 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Origin
2020-07-01 10:09 - 2017-01-29 22:14 - 000000000 ____D C:\ProgramData\Origin
2020-07-01 10:08 - 2017-01-29 22:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-07-01 10:07 - 2017-01-29 22:17 - 000000000 ____D C:\Program Files (x86)\Origin
2020-07-01 10:07 - 2017-01-29 22:14 - 000000000 ____D C:\Users\TingTing\AppData\Local\Origin
2020-07-01 08:28 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-06-27 13:02 - 2015-05-01 23:32 - 000192952 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2020-06-26 21:51 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-25 09:17 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-06-25 01:45 - 2017-04-25 13:58 - 000000000 ____D C:\Users\TingTing\Downloads\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us
2020-06-25 01:37 - 2015-03-03 02:28 - 000000000 ____D C:\Users\TingTing\Downloads\Microsoft Office Pro 2013
2020-06-24 12:52 - 2013-08-22 11:36 - 000000000 ___HD C:\windows\ELAMBKUP
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-06-11 09:39 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-10 04:51 - 2020-04-14 14:11 - 001500888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2020-06-10 04:50 - 2020-04-14 14:11 - 001737520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-06-09 08:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-06-05 11:12 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 18:07 - 2020-03-10 21:49 - 000000000 ____D C:\Users\TingTing\Video Recording
2020-06-02 02:10 - 2014-12-03 13:46 - 002476032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-14 08:55
==================== End of FRST.txt ========================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by TingTing (02-07-2020 12:13:00)
Running from C:\Users\TingTing\Desktop\FRST64 new
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 100.4.409 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4414 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f5f8f8e-11d9-4c64-b002-b60607ac3a29}) (Version: 20.10.1 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.74.41754 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2017-01-29 22:17 - 2020-07-01 10:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-01-29 22:17 - 2020-07-01 10:05 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{C138AEAD-F026-4569-831E-FB1BBA26EA0E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8D7CDFB8-319B-45EA-B13B-D0C770162257}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
 
==================== Restore Points =========================
 
09-06-2020 16:06:46 Scheduled Checkpoint
17-06-2020 12:29:15 Scheduled Checkpoint
26-06-2020 12:54:13 Scheduled Checkpoint
01-07-2020 07:38:05 Removed Bonjour
01-07-2020 17:23:20 Installed Intel® Wireless Bluetooth®
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/02/2020 01:03:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/01/2020 05:47:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program quickset.exe version 10.16.7.3 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 784
 
Start Time: 01d64fb9bec53395
 
Termination Time: 2
 
Application Path: C:\Program Files\Dell\QuickSet\quickset.exe
 
Report Id: 819adb01-bbe4-11ea-8368-6057185e76ac
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/01/2020 05:27:52 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "select * from CIntelWLANEvent" could not be reactivated in namespace "//./ROOT/default" because of error 0x80041010. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (07/01/2020 11:15:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 10d0
 
Start Time: 01d64fb9aef93d80
 
Termination Time: 4294967295
 
Application Path: C:\windows\system32\backgroundTaskHost.exe
 
Report Id: a3facd7c-bbad-11ea-8368-6057185e76ac
 
Faulting package full name: Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
 
System errors:
=============
Error: (07/02/2020 12:03:05 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9AA46009-3CE0-458A-A354-715610A075E6} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 11:30:41 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 11:30:41 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Error: (07/01/2020 08:35:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
Error: (07/01/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
The service has not been started.
 
Error: (07/01/2020 11:14:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A13 05/27/2019
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 20%
Total physical RAM: 12168.96 MB
Available physical RAM: 9707.12 MB
Total Virtual: 18824.96 MB
Available Virtual: 16855.44 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:480.32 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

Edited by tingtingz, 02 July 2020 - 10:53 AM.

  • 0

#64
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,000 posts
  • MVP

Nothing new in the errors so I think we are OK.  I think I got your case confused with another when I asked about the DVD. 

 

How is it running now?


  • 0

#65
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

It is running good. Thanks for your help. I would have not know what is wrong and how to fix my computer.


  • 0

#66
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,000 posts
  • MVP

Time to clean up:
If we used FRST to clean your PC:

right click on FRST.exe or FRST64.exe (whichever you used) and rename it to uninstall.exe.  Then right click on uninstall.exe and Run as Admin.

 
If we installed Speccy it needs to be uninstalled.  Process Explorer, VEW, AdwCleaner, JRT  and their logs and Speccy's log can just be deleted.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan.  Go slow and uncheck the optional stuff.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions.


If you use Chrome/Firefox/Edge then get the Ublock Origin extension.  For IE go to adblockplus.org  and get the program.
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox. Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
(If it complains about Chrome still running you can stop it with Task Manager or go into Chrome then go to:

chrome://settings/

Hit Advanced at the bottom of the page then scroll down to near the bottom where it says System.

Change
Continue running background apps when Google Chrome is closed
to Off (slide the blue thing to the left and it turns brown)
Close Chrome.


If the browser is still slow then go in and disable all of your extensions, close the browser and Optimize with SpeedyFox then restart the browser.  If that helps then one or more of your extensions is at fault.  Go back in and turn them on one at a time and see if you can figure out which ones slow things down the most.

If you are a Facebook user get the FB Purity extension for your browser:
http://www.fbpurity.com/
This will stop all of the suggested pages and ads so that Facebook loads much quicker.


Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combefore you open them.

Due to a recent rise in the number of Crytolocker infections I am now recommending you install:

https://www.bleeping...somware/dl/306/
It's currently a free version.

If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.
If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.

Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not the latest.  If in doubt uninstall all.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.

If you are running Win 10 you probably want Classic Shell:  http://www.classicshell.net/ This program will make Win 10 act like Win 7 with the same controls you are used to.



Recommended software: (I'm not saying you should download these just that if you have a need for a new program these are safe and work)  
Compression:  7-zip.  Avoid WinRar and WinZip as the free versions have adware.
Video Player:  VLC  Unlike Windows Media Player it never seems to need extra files to work.
Office-like free program:  Open Office: https://www.openoffice.org/download/
or
LibreOffice: https://www.libreoffice.org/
Free Anti-Virus:  Avast
Free Malware prevention:  MBAM: Free version at https://www.malwareb...m/mwb-download/
Can run with your anti-virus.
Paid Anti-Virus:  Kaspersky or BitDefender
Utilities:
Root Kit Detector:  MBAR: https://www.malwareb...om/antirootkit/
Process Explorer:  Show you what is running on the PC.  Like Task manager but better:  http://live.sysinter...com/procexp.exe
WhoCrashed: Why did your system crash?
http://www.resplendence.com/downloads
Then click on Download free home edition
where it says:
WhoCrashed 5.51
Comprehensible crash dump analysis tool
for Windows 10/8.1/8/7/Vista/XP/2012/2008/2003 (x86 and x64)
System Health:
Speccy:  
http://www.filehippo.com/download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Decline CCleaner if offered.  Pay attention to SMART info on your hard drives and to temps.  If in doubt about temps try:
SpeedFan:  Try speedfan
http://www.filehippo...nload_speedfan/
Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.

With Win 10 only there is a new Game recorder program.  It's supposed to only work for games but it works nicely to record any video you watch.  Hit the Win key + Alt + r to start the recorder.  The first time it asks you if it is looking at a game.  Just tell it yes.  After that it starts recording whenever you bring it up.  Videos are saved to the Captures folder under Videos.  You can only record what you watch so limited to only one video at a time.  Best to go to full screen before starting the recorder.

Avoid:  
Advanced System Care
SuperAntiSpyware
HitmanPro
Spybot S&D
Any P2P software especially if it comes from Conduit.
Registry Cleaners
Driver updating software.
PC fixing or Speed up software.
Running more than one anti-virus.
Seagate hard drives.  If you have one it's going to fail on you so backup your data now!


 


  • 0

#67
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

I have been experiencing slow loading of the web pages on Chrome. The web page sometimes will flash. My laptop is hot and the fan is on. The hd0 temp 37C, core0 temp is 43C and core1 temp is 41C. 

 

Flash is up to date. I uncheck Enable Acrobat Javascript. I got the Unblock Origin extension. It seems Chrome doesn't support NPAPI (technology required for Java applets) without it Java do not work on Chrome. I download malwarebytes anti-randsomware.

 

I previously have installed malwarebytes but now it doesn't run. I get an error message "File C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.dat does not exist. Cannot uninstall". Is there another way to uninstall malwarebytes?

 

Should I just uninstall Java? Do I need Java to run programs?

 

I ran the FRST scan I saw some new errors on the addition log not sure if they are what is causing the slow web page loading, flash, and heat. 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2020 01
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (14-07-2020 22:43:18)
Running from C:\Users\TingTing\Desktop\FRST64 new
Loaded Profiles: TingTing & Administrator
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe <3>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <2>
(Brother Industories, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\101.4.434\QtWebEngineProcess.exe <3>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <60>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7657984 2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-500\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {8BD4D738-CACA-4D6B-B7CE-8D82CA8CBF7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3313760 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-14] (Adobe Inc. -> Adobe)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {FD6CFA48-E643-4197-8420-8845C9A71572} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-688974935-4124263328-645016171-500\Software\Microsoft\Internet Explorer\Main,Start Page = www.dell.com
HKU\S-1-5-21-688974935-4124263328-645016171-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Profile: C:\Users\TingTing\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-07-14]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-07-14]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-21]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [344184 2016-06-28] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-10-24] (Intel® Wireless Connectivity Solutions -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2509616 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3460912 2020-07-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-10-24] (Intel® Wireless Connectivity Solutions -> Intel® Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-21] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Users\Administrator\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2020-06-28] (CPUID -> CPUID) <==== ATTENTION
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [41608 2020-01-03] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3521032 2017-10-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-14 17:05 - 2020-07-14 17:05 - 009585208 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2020-07-14 10:58 - 2020-07-14 16:50 - 000000000 _____ C:\windows\system32\last.dump
2020-07-13 14:03 - 2020-07-13 14:03 - 000117119 _____ C:\Users\TingTing\Downloads\2118 - 4506T (h).pdf
2020-07-13 13:48 - 2020-07-13 13:48 - 001561357 _____ C:\Users\TingTing\Downloads\2118 - Su Zhu Huang.zip
2020-07-10 17:52 - 2020-07-10 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-07-09 17:32 - 2020-07-09 17:32 - 000393403 _____ C:\Users\TingTing\Downloads\WINRO154-BudgetLetterRequest_Semi-MonthlyCashAssistanceBudgetCalculation_SNAPBudgetCalculationForCA&CA-SSICases-492061472.pdf
2020-07-08 15:50 - 2020-07-08 15:50 - 000284676 _____ C:\Users\TingTing\Downloads\document.pdf
2020-07-08 08:20 - 2020-07-08 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-07-08 08:20 - 2020-07-08 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-07-08 08:20 - 2020-07-08 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-07-08 08:20 - 2020-07-08 08:20 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-07-07 23:14 - 2020-07-07 23:14 - 000031985 _____ C:\Users\TingTing\Downloads\2118 - asset_a (h).pdf
2020-07-07 23:12 - 2020-07-07 23:12 - 000027102 _____ C:\Users\TingTing\Downloads\2118 - stud_a.pdf
2020-07-07 23:11 - 2020-07-07 23:11 - 000026224 _____ C:\Users\TingTing\Downloads\2118 - unemp_a (2).pdf
2020-07-06 10:04 - 2020-07-06 10:04 - 000579653 _____ C:\Users\TingTing\Downloads\StatementofBenefits-00009237321G.pdf
2020-07-01 17:47 - 2020-07-01 17:47 - 012669600 _____ (Igor Pavlov) C:\Users\TingTing\Downloads\Inspiron_5447_A13.exe
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:33 - 2020-07-01 17:33 - 000000712 _____ C:\ProgramData\Desktop\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2020-07-01 17:30 - 000000000 ____D C:\Users\TingTing\Dell update
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files\Common Files\Intel
2020-07-01 17:28 - 2020-07-01 17:28 - 000000000 ____D C:\Program Files (x86)\Cisco
2020-07-01 17:18 - 2020-07-01 17:19 - 158002168 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-Wi-Fi-Driver_5TJF1_WIN_20.10.1.1190_A00.EXE
2020-07-01 17:18 - 2020-07-01 17:18 - 027788560 _____ (Dell Inc.) C:\Users\TingTing\Downloads\Intel-3160-7260-3165-7265-8260-8265-Bluetooth-Driver_39C26_WIN_20.60.0_A01.EXE
2020-07-01 17:14 - 2020-07-01 17:14 - 000000000 _____ C:\windows\invcol.tmp
2020-07-01 17:12 - 2020-07-01 17:56 - 000000000 ____D C:\Users\TingTing\AppData\Local\Dell Inc
2020-07-01 17:12 - 2020-07-01 17:12 - 000000000 ____D C:\ProgramData\Dell Inc
2020-07-01 17:11 - 2020-07-01 17:11 - 000521360 _____ (Dell Inc.) C:\Users\TingTing\Downloads\SupportAssistLauncher.exe
2020-07-01 07:35 - 2020-07-14 22:43 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64 new
2020-06-30 15:40 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2020-06-28 10:10 - 2020-06-28 10:10 - 000745446 _____ C:\Users\Administrator\Desktop\WINDOWS-I6D372C.txt
2020-06-27 13:03 - 2020-06-27 13:03 - 000255928 _____ (Malwarebytes) C:\windows\system32\Drivers\6321B570.sys
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\Users\Administrator\Desktop\mbar
2020-06-27 13:02 - 2020-06-27 23:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-06-27 13:02 - 2020-06-27 13:02 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.10.3.1001.exe
2020-06-27 12:33 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2020-06-27 12:33 - 2020-06-27 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Apple
2020-06-27 11:59 - 2020-06-27 11:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-06-27 11:58 - 2020-06-27 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software
2020-06-27 11:57 - 2020-06-27 11:57 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2020-06-27 11:56 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Power2Go8
2020-06-27 11:55 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2020-06-27 11:52 - 2020-06-27 11:52 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2020-06-27 11:51 - 2020-06-30 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-06-27 11:51 - 2020-06-27 11:51 - 000001440 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-06-27 11:50 - 2020-06-28 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-06-27 11:50 - 2020-06-27 11:56 - 000000000 ____D C:\Users\Administrator
2020-06-27 11:50 - 2020-06-27 11:50 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel
2020-06-27 11:50 - 2020-06-27 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2020-06-27 11:50 - 2015-03-04 06:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-06-27 11:50 - 2014-02-22 00:37 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-06-25 23:47 - 2020-06-25 23:47 - 000497284 _____ C:\Users\TingTing\Downloads\bfe.reg
2020-06-24 12:55 - 2020-06-24 12:55 - 000069892 _____ C:\ProgramData\agent.uninstall.1593017731.bdinstall.v2.bin
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000002093 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Avast Software
2020-06-24 09:36 - 2020-06-24 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-06-24 09:32 - 2020-06-24 09:32 - 000083472 _____ C:\ProgramData\agent.update.1593005486.bdinstall.v2.bin
2020-06-24 00:01 - 2020-06-24 00:01 - 000000000 ____D C:\windows\system32\Tasks\GenericSettingsHandler
2020-06-23 23:08 - 2020-06-21 21:37 - 000335976 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-06-23 22:15 - 2020-07-14 20:52 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-06-23 22:15 - 2020-07-07 08:44 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-06-23 22:00 - 2020-06-24 00:03 - 000000521 _____ C:\Users\TingTing\Desktop\Geekreply6.23.20.txt
2020-06-23 21:53 - 2020-06-23 21:53 - 000001021 _____ C:\Users\TingTing\Desktop\SpeedFan.lnk
2020-06-23 21:53 - 2020-06-23 21:53 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-06-23 21:49 - 2020-06-23 21:49 - 003086696 _____ C:\Users\TingTing\Downloads\instspeedfan452_1 (1).exe
2020-06-23 15:52 - 2020-06-23 15:52 - 000000000 ____D C:\Users\TingTing\Desktop\Speccy
2020-06-23 13:13 - 2020-07-01 07:36 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64
2020-06-22 01:31 - 2020-06-22 01:32 - 002290176 _____ (Farbar) C:\Users\TingTing\Downloads\FRST64 (1).exe
2020-06-22 01:27 - 2020-06-22 01:27 - 000000000 ____D C:\Users\TingTing\Downloads\FRST-OlderVersion
2020-06-21 21:38 - 2020-07-01 10:33 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000462592 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-06-21 21:38 - 2020-06-21 22:30 - 000322256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000216824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000175208 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000042784 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-06-21 21:38 - 2020-06-21 21:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-06-21 21:38 - 2020-06-21 21:37 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000235088 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000205896 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000178768 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000060496 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-06-21 21:38 - 2020-06-21 21:37 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-06-21 21:37 - 2020-06-21 21:37 - 000000000 ____D C:\Program Files\Avast Software
2020-06-21 21:36 - 2020-06-21 21:36 - 000231144 _____ (AVAST Software) C:\Users\TingTing\Downloads\avast_free_antivirus_setup_online.exe
2020-06-21 20:58 - 2020-06-21 20:58 - 000000645 _____ C:\windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2020-06-14 11:23 - 2020-06-01 14:03 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-06-14 11:23 - 2020-06-01 14:03 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-14 22:45 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-07-14 20:56 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-14 20:56 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-14 20:56 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-07-14 20:56 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-07-14 20:56 - 2018-02-20 19:59 - 000003492 _____ C:\windows\system32\Tasks\Motorola Device Manager Update
2020-07-14 20:56 - 2018-02-20 19:59 - 000003300 _____ C:\windows\system32\Tasks\Motorola Device Manager Initial Update
2020-07-14 20:56 - 2016-04-06 18:56 - 000003920 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-14 20:56 - 2016-04-06 18:56 - 000003684 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-07-14 20:56 - 2015-05-21 07:46 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-07-14 20:56 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-07-14 20:56 - 2015-02-09 10:52 - 000003334 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-14 20:56 - 2015-02-09 10:52 - 000003206 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-14 20:56 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-07-14 20:56 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-07-14 20:56 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLVDLauncher
2020-07-14 20:56 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLMLSvc_P2G8
2020-07-14 20:56 - 2014-12-03 13:53 - 000003592 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-500
2020-07-14 17:05 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-07-14 17:05 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-07-14 16:51 - 2014-12-09 12:39 - 000003596 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-07-14 16:23 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-07-14 16:14 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-07-14 16:09 - 2013-08-22 09:25 - 000000295 _____ C:\windows\win.ini
2020-07-14 13:03 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-07-14 03:15 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-07-14 03:15 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-07-14 00:31 - 2016-11-16 15:34 - 000000000 ____D C:\Users\TingTing\Saved Documents
2020-07-12 20:13 - 2017-01-29 22:19 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Origin
2020-07-12 20:13 - 2017-01-29 22:14 - 000000000 ____D C:\ProgramData\Origin
2020-07-12 19:54 - 2017-01-29 22:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-07-12 19:50 - 2017-01-29 22:14 - 000000000 ____D C:\Users\TingTing\AppData\Local\Origin
2020-07-12 13:14 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-10 17:53 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-07-02 12:04 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-07-02 12:03 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-07-02 12:03 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-07-02 12:02 - 2015-03-25 16:33 - 000000000 __SHD C:\Users\TingTing\IntelGraphicsProfiles
2020-07-02 12:02 - 2014-12-14 04:03 - 000000000 ___DO C:\Users\TingTing\OneDrive
2020-07-02 12:01 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-07-02 12:00 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-07-02 12:00 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-07-02 08:59 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness
2020-07-02 08:54 - 2014-12-09 12:34 - 000000000 ____D C:\Users\TingTing\AppData\Local\PackageStaging
2020-07-02 08:54 - 2014-12-09 12:33 - 000000000 ____D C:\Users\TingTing\AppData\Local\Packages
2020-07-01 20:27 - 2015-03-25 16:28 - 000000000 ____D C:\Users\TingTing\AppData\LocalLow\Intel
2020-07-01 18:05 - 2015-03-25 16:33 - 000016272 _____ C:\windows\system32\results.xml
2020-07-01 18:04 - 2015-03-25 16:33 - 000000401 _____ C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-07-01 18:04 - 2014-12-03 15:41 - 000000000 ____D C:\Intel
2020-07-01 17:57 - 2015-05-31 14:04 - 000000000 ____D C:\ProgramData\PCDr
2020-07-01 17:57 - 2014-12-03 14:41 - 000000000 ____D C:\Program Files\Dell
2020-07-01 17:57 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-07-01 17:56 - 2014-12-03 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-07-01 17:33 - 2015-03-25 16:16 - 000000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2020-07-01 17:30 - 2014-12-09 12:32 - 000000000 ____D C:\Users\TingTing
2020-07-01 17:30 - 2014-12-03 13:54 - 000866884 _____ C:\windows\system32\PerfStringBackup.INI
2020-07-01 17:29 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\ProgramData\Intel
2020-07-01 17:28 - 2014-12-03 14:13 - 000000000 ____D C:\Program Files (x86)\Intel
2020-07-01 17:26 - 2014-12-03 15:41 - 000000000 ____D C:\Program Files\Intel
2020-07-01 17:14 - 2014-12-03 14:27 - 000000000 ____D C:\dell
2020-07-01 17:13 - 2014-12-03 14:41 - 000000000 ____D C:\ProgramData\Dell
2020-07-01 17:12 - 2013-08-22 11:36 - 000000000 ____D C:\windows\registration
2020-07-01 17:11 - 2015-04-23 17:03 - 000000000 ____D C:\Program Files (x86)\Dell
2020-07-01 10:07 - 2017-01-29 22:17 - 000000000 ____D C:\Program Files (x86)\Origin
2020-06-27 13:02 - 2015-05-01 23:32 - 000192952 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2020-06-25 01:45 - 2017-04-25 13:58 - 000000000 ____D C:\Users\TingTing\Downloads\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us
2020-06-25 01:37 - 2015-03-03 02:28 - 000000000 ____D C:\Users\TingTing\Downloads\Microsoft Office Pro 2013
2020-06-24 12:52 - 2013-08-22 11:36 - 000000000 ___HD C:\windows\ELAMBKUP
2020-06-24 10:31 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-24 10:06 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 10:06 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-23 21:53 - 2019-12-19 05:48 - 000000045 _____ C:\windows\SysWOW64\initdebug.nfo
2020-06-23 21:44 - 2015-05-01 23:14 - 001217760 _____ C:\windows\ntbtlog.txt
2020-06-23 15:56 - 2019-12-17 20:57 - 000737495 _____ C:\Users\TingTing\Desktop\WINDOWS-I6D372C.txt
2020-06-22 01:36 - 2019-12-15 15:04 - 000015638 _____ C:\Users\TingTing\Downloads\oldFRST.txt
2020-06-21 23:11 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-06-21 21:51 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2020-06-21 21:27 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-06-17 12:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-06-14 11:10 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-07-13 10:55
==================== End of FRST.txt ========================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2020 01
Ran by TingTing (14-07-2020 22:46:33)
Running from C:\Users\TingTing\Desktop\FRST64 new
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.403 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 101.4.434 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4414 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f5f8f8e-11d9-4c64-b002-b60607ac3a29}) (Version: 20.10.1 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.74.41754 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2015-12-27 09:59 - 2009-02-27 17:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-12-27 10:00 - 2014-06-16 16:44 - 000954880 ____N () [File not signed] C:\Program Files (x86)\ControlCenter4\BrImgProc.dll
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-12-27 10:00 - 2013-06-12 20:06 - 000385024 ____R (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2015-12-27 10:00 - 2010-09-29 18:07 - 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2015-12-27 10:00 - 2014-06-16 16:45 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2015-12-27 10:00 - 2014-06-16 17:03 - 000083968 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2015-12-27 10:00 - 2014-06-16 16:45 - 000104960 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcFcnv.dll
2015-12-27 10:00 - 2014-06-16 17:03 - 017955328 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2015-12-27 10:00 - 2014-06-16 17:04 - 000080384 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2015-12-27 10:00 - 2014-06-16 16:46 - 000078848 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcSmon.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2015-12-27 10:00 - 2013-12-17 20:09 - 000225280 ____N (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrImageConversion.dll
2015-12-27 10:00 - 2013-02-13 14:36 - 000075264 ____N (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrImgPdf.dll
2015-12-27 10:00 - 2013-02-13 14:35 - 000105984 ____N (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\brTPGSplash.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2017-08-10 11:24 - 2017-08-10 11:24 - 000217600 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_asym.dll
2017-08-10 11:24 - 2017-08-10 11:24 - 000404480 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_base.dll
2017-08-10 11:24 - 2017-08-10 11:24 - 000379904 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_base_non_fips.dll
2017-08-10 11:24 - 2017-08-10 11:24 - 000504320 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_ecc.dll
2017-08-10 11:24 - 2017-08-10 11:24 - 000218624 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\cryptocme.dll
2017-01-29 22:17 - 2020-07-01 10:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-01-29 22:17 - 2020-07-01 10:05 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{2070B1C0-373A-45C4-AE84-B3E32A25DCE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8D7CDFB8-319B-45EA-B13B-D0C770162257}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
FirewallRules: [{FA8610BB-1877-421F-AFC9-29B3D1D50F66}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
 
==================== Restore Points =========================
 
26-06-2020 12:54:13 Scheduled Checkpoint
01-07-2020 07:38:05 Removed Bonjour
01-07-2020 17:23:20 Installed Intel® Wireless Bluetooth®
11-07-2020 00:33:50 Scheduled Checkpoint
14-07-2020 15:54:12 Windows Update
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/14/2020 03:07:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 83.0.4103.116 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1b80
 
Start Time: 01d6508f402947f0
 
Termination Time: 173
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 2159b192-c605-11ea-836d-6057185e76ac
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/14/2020 01:02:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox_pass.exe, version: 20.4.5312.0, time stamp: 0x5ed4beaa
Faulting module name: protobuf.dll, version: 6.3.9600.19678, time stamp: 0x5e82c0f7
Exception code: 0xc0000135
Fault offset: 0x0009d452
Faulting process id: 0x1974
Faulting application start time: 0x01d65a009ff26c58
Faulting application path: C:\Program Files\Avast Software\Avast\x86\firefox_pass.exe
Faulting module path: protobuf.dll
Report Id: ddd7bc22-c5f3-11ea-836d-6057185e76ac
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (07/14/2020 03:22:41 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (07/14/2020 12:15:23 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2020/07/14 00:15:23.120]: [00003648]: Initialize TwdsMain Class failed!
 
Error: (07/14/2020 12:15:23 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2020/07/14 00:15:23.119]: [00003648]: ##### Fatal ERROR!! Create STI-device failed! #####
 
Error: (07/14/2020 12:15:23 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2020/07/14 00:15:23.063]: [00003648]: Initialize TwdsMain Class failed!
 
Error: (07/14/2020 12:15:23 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2020/07/14 00:15:23.062]: [00003648]: ##### Fatal ERROR!! Create STI-device failed! #####
 
Error: (07/13/2020 11:50:42 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2020/07/13 23:50:42.892]: [00003648]: Initialize TwdsMain Class failed!
 
 
System errors:
=============
Error: (07/14/2020 10:35:08 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (07/14/2020 03:12:41 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (07/13/2020 05:56:24 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (07/13/2020 10:54:19 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the Origin Web Helper Service service.
 
Error: (07/11/2020 09:41:43 AM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca did not register with DCOM within the required timeout.
 
Error: (07/11/2020 09:40:35 AM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-I6D372C)
Description: The server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca did not register with DCOM within the required timeout.
 
Error: (07/11/2020 01:48:32 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (07/10/2020 06:21:43 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A13 05/27/2019
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 55%
Total physical RAM: 12168.96 MB
Available physical RAM: 5426.27 MB
Total Virtual: 19863.48 MB
Available Virtual: 9641.5 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:474.63 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#68
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,000 posts
  • MVP

Temps are normal.

 

To remove malwarebytes:

https://support.malw...es-Support-Tool

 

In Chrome, go to chrome://extensions/


Turn off all but the Chrome Apps by moving the blue spot to the left.  Delete the one called

Hola Free VPN Proxy Unblocker


restart Chrome.  Does it still crash?


  • 0

#69
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Chrome has been acting very slow. When I restart my computer and open chrome, it takes a while to load a web page and usually it returns with a message "This site can't be reached" and "No internet", even though my internet is connected and the internet speed what it suppose to be. I will reload the web page and eventually the web page loads but loads very slow and doesn't finish loading. I have removed the Hola VPN extension and did the speedyfox optimization but the web page still loads slow. There is no virus detected found on recent antivirus scan. I ran the FRST scan. At first the antivirus program tried to block the FRST scan and the scan returns no results. FRST scan was able to run after I give permission. Can you take a look to see what is causing chrome to act slow? Thank you.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-08-2020
Ran by TingTing (administrator) on WINDOWS-I6D372C (Dell Inc. Inspiron 5547) (07-08-2020 21:13:27)
Running from C:\Users\TingTing\Desktop\FRST64 8.7.20
Loaded Profiles: TingTing
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <2>
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [120636720 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [109160 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7651328 2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [TouchFreeze] => C:\Users\TingTing\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] () [File not signed]
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {22fa2faf-8bde-11e7-82e1-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {61380f82-c0c8-11e4-825d-a08869820531} - "D:\setup.exe" 
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\MountPoints2: {896efc2d-f5b5-11e6-82ce-3417eb5914a6} - "E:\LaunchU3.exe" -a
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [43520 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\scpd2 Langmon: C:\windows\system32\scpd2lm.dll [22528 2014-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [22528 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\stkMonitor: C:\windows\system32\stkMonitor.dll [101184 2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\...\Print\Monitors\ux003 Langmon: C:\windows\system32\ux003lm.dll [22528 2015-03-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.105\Installer\chrmstp.exe [2020-07-29] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C038BE4-52C3-41DD-B5BD-51C24D8F8AAA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1732AA69-2928-4EBA-899C-516A81AA3506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31A63471-96BE-4B8C-BFDA-6AC3D701372A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4352D422-02F0-491B-8109-60F49992E244} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3810408 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
Task: {5209B56C-211A-48FF-8B16-FA8F7961AB32} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5942E666-3F3C-45DA-8CAB-F1B8D27AB421} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {5A4EE116-098D-4AA6-90F8-898F6D260D06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {64C4ED96-8C0A-4E89-AE2D-DA5957D6A239} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-688974935-4124263328-645016171-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-28] (Microsoft Windows -> Microsoft)
Task: {6E92995C-D2EA-47AD-9D35-786C57AF3ECF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {8803EF37-94F4-459E-AEA7-99460BB9D657} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-06-21] (Avast Software s.r.o. -> Avast Software)
Task: {923C2E1C-2FBC-4811-ABDB-BB9D627B412A} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A15EB976-7A15-4C27-8B8A-79EA7350DA03} - System32\Tasks\AliUpdater{6D476752-FA67-4F7A-AE78-088CF5BD18C8} => C:\Program Files (x86)\AliWangWang\AliTask.exe
Task: {A43D367F-FAEB-41A7-9D5C-27C880684A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {A6C80B7D-86D1-46D4-8D79-F36C8AE68999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEE99547-62D3-471C-AE1E-12C94F8054D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {BB3B081F-73AD-4AE7-A3B5-55E7C9465B3C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)
Task: {CD9384C4-1501-4AD3-8CF9-DAB04B50AF4F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-14] (Adobe Inc. -> Adobe)
Task: {EF43AF7F-5E29-457A-BBF5-D18F7D16EC5A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4E81FE9-B3E1-451D-81BE-53DA29147302} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FCD881F4-F2B4-40F7-A2B8-E9E30E8D3978} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-02-09] (Google Inc -> Google Inc.)
Task: {FD6CFA48-E643-4197-8420-8845C9A71572} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D93A623-DC57-476A-A086-3E85E64CB79D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99CDAB89-41AD-4E9D-B019-09A1C00B4DDA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582494831&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=132023802582797841&GUID=B557F50C-1250-400C-ACD1-A95B3DDA787B
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-688974935-4124263328-645016171-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Profile: C:\Users\TingTing\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]
 
FireFox:
========
FF DefaultProfile: pecg5pgj.default
FF ProfilePath: C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default [2019-12-17]
FF Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\[email protected] [2016-03-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\TingTing\AppData\Roaming\Mozilla\Firefox\Profiles\pecg5pgj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default [2020-08-07]
CHR Notifications: Default -> hxxps://voice.google.com
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-15]
CHR Extension: (uBlock Origin) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-08-02]
CHR Extension: (Google Docs Offline) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-07]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-08-03]
CHR Extension: (Sketchpad) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-12-27]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]
CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-19]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TingTing\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-688974935-4124263328-645016171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7776160 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [353696 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2510128 2020-07-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3462456 2020-07-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-11-24] (Samsung Electronics CO., LTD. -> )
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (Dell Inc. -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205888 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235592 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [195656 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60488 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42776 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175200 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [515544 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [466752 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [217336 2020-08-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [323784 2020-08-04] (Avast Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Users\Administrator\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2020-06-28] (CPUID -> CPUID) <==== ATTENTION
S3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [41608 2020-01-03] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 edrsensor; C:\windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS_GPIO; C:\windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS_I2C; C:\windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-08-07 20:27 - 2020-08-07 21:13 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64 8.7.20
2020-08-07 13:41 - 2020-08-07 13:58 - 000034094 _____ C:\Users\TingTing\Downloads\FRST.txt
2020-08-05 16:57 - 2020-08-05 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-08-04 08:19 - 2020-08-04 08:19 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-08-04 08:19 - 2020-08-04 08:19 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-08-04 08:19 - 2020-08-04 08:19 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-08-04 08:19 - 2020-08-04 08:19 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-08-02 15:59 - 2020-08-02 15:59 - 000335968 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-08-02 15:59 - 2020-08-02 15:59 - 000217336 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-08-02 15:59 - 2020-08-02 15:59 - 000175200 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-07-28 11:05 - 2020-07-28 11:05 - 000921353 _____ C:\Users\TingTing\Downloads\View PDF Statement_2020-07-17.pdf
2020-07-27 12:59 - 2020-07-27 12:59 - 009461101 _____ C:\Users\TingTing\Downloads\2020 PA application forms.pdf
2020-07-19 19:40 - 2020-07-19 19:40 - 000176460 _____ C:\Users\TingTing\Desktop\mbst-clean-results.txt
2020-07-19 19:19 - 2020-07-19 19:19 - 002293760 _____ (Farbar) C:\Users\TingTing\Downloads\FRSTEnglish.exe
2020-07-19 19:17 - 2020-07-19 19:17 - 009158192 _____ C:\Users\TingTing\Downloads\mb-support-1.6.2.802.exe
2020-07-17 02:03 - 2020-07-17 02:03 - 000014924 _____ C:\Users\TingTing\Downloads\IMG_3363.jpeg
2020-07-17 01:56 - 2020-07-17 01:56 - 000015672 _____ C:\Users\TingTing\Downloads\IMG_3364.jpeg
2020-07-15 17:43 - 2020-07-15 17:43 - 000162671 _____ C:\Users\TingTing\Downloads\mingzhizhangsign.zip
2020-07-14 23:23 - 2020-07-14 23:23 - 061819320 _____ (Malwarebytes ) C:\Users\TingTing\Downloads\mbarw-setup-consumer-0.9.18.807.exe
2020-07-14 23:14 - 2020-07-14 23:14 - 000000000 ____D C:\Users\TingTing\Downloads\speedyfox
2020-07-14 23:14 - 2020-07-14 23:14 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\CrystalIdea Software
2020-07-14 23:13 - 2020-07-14 23:13 - 000724287 _____ C:\Users\TingTing\Downloads\speedyfox.zip
2020-07-14 17:05 - 2020-07-14 17:05 - 009585208 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2020-07-14 15:52 - 2020-06-11 01:03 - 022378304 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-07-14 15:52 - 2020-06-11 00:37 - 019803064 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-07-14 15:52 - 2020-06-11 00:16 - 025755136 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-07-14 15:52 - 2020-06-10 23:41 - 020291072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-07-14 15:52 - 2020-06-10 22:44 - 014534656 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-07-14 15:52 - 2020-06-10 22:37 - 007800320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2020-07-14 15:52 - 2020-06-10 22:35 - 012880896 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-07-14 15:52 - 2020-06-10 22:29 - 005272064 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2020-07-14 15:52 - 2020-06-04 15:33 - 001902240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2020-07-14 15:52 - 2020-06-04 15:32 - 002535960 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2020-07-14 15:52 - 2020-06-03 14:08 - 006220288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2020-07-14 15:52 - 2020-06-03 11:52 - 007040000 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2020-07-14 15:51 - 2020-07-08 06:56 - 001370688 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-07-14 15:51 - 2020-07-08 04:28 - 000129024 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-07-14 15:51 - 2020-07-08 03:40 - 001088512 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-07-14 15:51 - 2020-07-02 00:05 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2020-07-14 15:51 - 2020-07-01 23:32 - 000046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2020-07-14 15:51 - 2020-07-01 22:57 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-07-14 15:51 - 2020-07-01 22:43 - 001494016 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-07-14 15:51 - 2020-06-15 23:11 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\AxInstSv.dll
2020-07-14 15:51 - 2020-06-12 20:29 - 000092944 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-14 15:51 - 2020-06-12 19:27 - 000073776 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-14 15:51 - 2020-06-12 18:53 - 000360448 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2020-07-14 15:51 - 2020-06-12 17:39 - 000391168 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2020-07-14 15:51 - 2020-06-12 17:25 - 000269312 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-07-14 15:51 - 2020-06-12 13:37 - 000537616 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2020-07-14 15:51 - 2020-06-12 12:56 - 000450296 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2020-07-14 15:51 - 2020-06-12 09:29 - 001549560 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2020-07-14 15:51 - 2020-06-11 16:18 - 007362288 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-07-14 15:51 - 2020-06-11 01:03 - 000723008 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2020-07-14 15:51 - 2020-06-11 00:56 - 000806200 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-07-14 15:51 - 2020-06-11 00:37 - 000561896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2020-07-14 15:51 - 2020-06-11 00:33 - 000613528 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-07-14 15:51 - 2020-06-10 23:52 - 000581120 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-07-14 15:51 - 2020-06-10 23:42 - 000187392 _____ (Microsoft Corporation) C:\windows\system32\easwrt.dll
2020-07-14 15:51 - 2020-06-10 23:41 - 005498880 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-07-14 15:51 - 2020-06-10 23:41 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-07-14 15:51 - 2020-06-10 23:39 - 000550400 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.PointOfService.dll
2020-07-14 15:51 - 2020-06-10 23:25 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-07-14 15:51 - 2020-06-10 23:24 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2020-07-14 15:51 - 2020-06-10 23:19 - 000092672 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-07-14 15:51 - 2020-06-10 23:17 - 000315904 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-07-14 15:51 - 2020-06-10 23:16 - 000148480 _____ (Microsoft Corporation) C:\windows\SysWOW64\easwrt.dll
2020-07-14 15:51 - 2020-06-10 23:15 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-07-14 15:51 - 2020-06-10 23:14 - 000368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.PointOfService.dll
2020-07-14 15:51 - 2020-06-10 23:13 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-07-14 15:51 - 2020-06-10 23:05 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-07-14 15:51 - 2020-06-10 23:04 - 015479296 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-07-14 15:51 - 2020-06-10 23:04 - 001057792 _____ (Microsoft Corporation) C:\windows\system32\WebcamUi.dll
2020-07-14 15:51 - 2020-06-10 23:02 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2020-07-14 15:51 - 2020-06-10 22:59 - 000076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2020-07-14 15:51 - 2020-06-10 22:57 - 000279552 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-07-14 15:51 - 2020-06-10 22:56 - 000257536 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2020-07-14 15:51 - 2020-06-10 22:56 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\keyiso.dll
2020-07-14 15:51 - 2020-06-10 22:55 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-07-14 15:51 - 2020-06-10 22:54 - 000551424 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2020-07-14 15:51 - 2020-06-10 22:52 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-07-14 15:51 - 2020-06-10 22:52 - 004111872 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-07-14 15:51 - 2020-06-10 22:50 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-07-14 15:51 - 2020-06-10 22:49 - 000882688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebcamUi.dll
2020-07-14 15:51 - 2020-06-10 22:48 - 000255488 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-07-14 15:51 - 2020-06-10 22:46 - 013861888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-07-14 15:51 - 2020-06-10 22:45 - 000693248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll
2020-07-14 15:51 - 2020-06-10 22:44 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\keyiso.dll
2020-07-14 15:51 - 2020-06-10 22:42 - 000906240 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SmartCards.dll
2020-07-14 15:51 - 2020-06-10 22:42 - 000211968 _____ (Microsoft Corporation) C:\windows\SysWOW64\netprofm.dll
2020-07-14 15:51 - 2020-06-10 22:40 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-07-14 15:51 - 2020-06-10 22:39 - 000173568 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-07-14 15:51 - 2020-06-10 22:37 - 000469504 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2020-07-14 15:51 - 2020-06-10 22:35 - 000629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SmartCards.dll
2020-07-14 15:51 - 2020-06-10 22:32 - 003317248 _____ (Microsoft Corporation) C:\windows\system32\bootux.dll
2020-07-14 15:51 - 2020-06-10 22:31 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-07-14 15:51 - 2020-06-10 22:29 - 000801280 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-07-14 15:51 - 2020-06-10 22:28 - 001341952 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-07-14 15:51 - 2020-06-10 22:27 - 001728512 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2020-07-14 15:51 - 2020-06-10 22:27 - 000710656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-07-14 15:51 - 2020-06-10 22:22 - 001547264 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2020-07-14 15:51 - 2020-06-09 01:12 - 001764872 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2020-07-14 15:51 - 2020-06-09 01:12 - 000374008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2020-07-14 15:51 - 2020-06-09 01:05 - 000357824 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2020-07-14 15:51 - 2020-06-09 00:37 - 001489528 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2020-07-14 15:51 - 2020-06-09 00:36 - 000316152 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2020-07-14 15:51 - 2020-06-09 00:31 - 000255104 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2020-07-14 15:51 - 2020-06-09 00:15 - 000096768 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2020-07-14 15:51 - 2020-06-08 23:44 - 000078336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2020-07-14 15:51 - 2020-06-08 23:27 - 001994240 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2020-07-14 15:51 - 2020-06-08 23:18 - 001384960 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2020-07-14 15:51 - 2020-06-08 23:06 - 001695744 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
2020-07-14 15:51 - 2020-06-08 23:03 - 001560064 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2020-07-14 15:51 - 2020-06-06 15:58 - 001542672 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2020-07-14 15:51 - 2020-06-05 18:09 - 000430832 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2020-07-14 15:51 - 2020-06-05 18:06 - 000320240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2020-07-14 15:51 - 2020-06-05 12:20 - 001441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2020-07-14 15:51 - 2020-06-05 12:16 - 000964096 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2020-07-14 15:51 - 2020-06-05 12:15 - 000781312 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2020-07-14 15:51 - 2020-06-05 12:15 - 000436224 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2020-07-14 15:51 - 2020-06-05 12:15 - 000259584 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2020-07-14 15:51 - 2020-06-05 12:15 - 000227328 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2020-07-14 15:51 - 2020-06-05 12:14 - 000358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2020-07-14 15:51 - 2020-06-05 12:14 - 000208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2020-07-14 15:51 - 2020-06-05 12:14 - 000193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2020-07-14 15:51 - 2020-06-05 12:09 - 001377792 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2020-07-14 15:51 - 2020-06-05 12:06 - 000241664 _____ (Microsoft Corporation) C:\windows\system32\logoncli.dll
2020-07-14 15:51 - 2020-06-05 12:06 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2020-07-14 15:51 - 2020-06-05 12:06 - 000174592 _____ (Microsoft Corporation) C:\windows\SysWOW64\logoncli.dll
2020-07-14 15:51 - 2020-06-05 11:39 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-07-14 15:51 - 2020-06-05 11:39 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-07-14 15:51 - 2020-06-04 14:25 - 000427584 _____ (Microsoft Corporation) C:\windows\system32\tsmf.dll
2020-07-14 15:51 - 2020-06-04 14:21 - 000368240 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
2020-07-14 15:51 - 2020-06-04 09:58 - 000460800 _____ (Microsoft Corporation) C:\windows\system32\upnphost.dll
2020-07-14 15:51 - 2020-06-04 09:47 - 000333824 _____ (Microsoft Corporation) C:\windows\SysWOW64\upnphost.dll
2020-07-14 15:51 - 2020-06-04 09:43 - 000699904 _____ (Microsoft Corporation) C:\windows\system32\rasapi32.dll
2020-07-14 15:51 - 2020-06-04 09:38 - 000628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasapi32.dll
2020-07-14 15:51 - 2020-06-03 14:48 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2020-07-14 15:51 - 2020-06-03 14:40 - 000856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2020-07-14 15:51 - 2020-06-03 14:20 - 000145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdWSD.dll
2020-07-14 15:51 - 2020-06-03 14:19 - 000505344 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2020-07-14 15:51 - 2020-06-03 12:54 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2020-07-14 15:51 - 2020-06-03 12:43 - 001101824 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2020-07-14 15:51 - 2020-06-03 12:25 - 001080320 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2020-07-14 15:51 - 2020-06-03 12:24 - 000840704 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2020-07-14 15:51 - 2020-06-03 12:12 - 000750080 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2020-07-14 15:51 - 2020-06-03 12:12 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\fdWSD.dll
2020-07-14 10:58 - 2020-07-14 16:50 - 000000000 _____ C:\windows\system32\last.dump
2020-07-13 14:03 - 2020-07-13 14:03 - 000117119 _____ C:\Users\TingTing\Downloads\2118 - 4506T (h).pdf
2020-07-13 13:48 - 2020-07-13 13:48 - 001561357 _____ C:\Users\TingTing\Downloads\2118 - Su Zhu Huang.zip
2020-07-09 17:32 - 2020-07-09 17:32 - 000393403 _____ C:\Users\TingTing\Downloads\WINRO154-BudgetLetterRequest_Semi-MonthlyCashAssistanceBudgetCalculation_SNAPBudgetCalculationForCA&CA-SSICases-492061472.pdf
2020-07-08 15:50 - 2020-07-08 15:50 - 000284676 _____ C:\Users\TingTing\Downloads\document.pdf
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-08-07 21:13 - 2019-12-15 15:01 - 000000000 ____D C:\FRST
2020-08-07 20:53 - 2020-01-28 18:43 - 000000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-08-07 20:50 - 2019-10-01 16:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-08-07 20:50 - 2019-10-01 16:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-08-07 20:47 - 2019-09-07 22:46 - 000000000 ____D C:\Users\TingTing\AppData\Local\CrashDumps
2020-08-07 20:47 - 2018-06-19 19:58 - 000000000 ____D C:\Users\TingTing\AppData\Local\AVAST Software
2020-08-07 20:47 - 2014-12-09 12:36 - 000003966 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{9A7551FE-9855-4686-A2BC-4B9D5579A332}
2020-08-07 20:43 - 2014-12-03 14:28 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2020-08-07 20:42 - 2014-12-14 04:03 - 000000000 ___DO C:\Users\TingTing\OneDrive
2020-08-07 20:40 - 2020-01-28 18:43 - 000000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-08-07 20:40 - 2015-03-25 16:33 - 000000000 __SHD C:\Users\TingTing\IntelGraphicsProfiles
2020-08-07 20:40 - 2014-12-03 14:29 - 000000000 ____D C:\Temp
2020-08-07 20:39 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-08-07 20:38 - 2013-08-22 09:25 - 000262144 ___SH C:\windows\system32\config\BBI
2020-08-07 13:37 - 2020-07-01 07:35 - 000000000 ____D C:\Users\TingTing\Desktop\FRST64 new
2020-08-07 03:07 - 2020-06-23 22:15 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-08-07 03:07 - 2019-10-01 16:55 - 000003450 _____ C:\windows\system32\Tasks\AdobeGCInvoker-1.0
2020-08-07 03:07 - 2018-03-13 07:05 - 000004482 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-08-07 03:07 - 2018-02-20 19:59 - 000003492 _____ C:\windows\system32\Tasks\Motorola Device Manager Update
2020-08-07 03:07 - 2018-02-20 19:59 - 000003300 _____ C:\windows\system32\Tasks\Motorola Device Manager Initial Update
2020-08-07 03:07 - 2016-04-06 18:56 - 000003920 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-08-07 03:07 - 2016-04-06 18:56 - 000003684 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-08-07 03:07 - 2015-05-21 07:46 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-08-07 03:07 - 2015-04-23 17:32 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-08-07 03:07 - 2015-02-09 10:52 - 000003334 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-08-07 03:07 - 2015-02-09 10:52 - 000003206 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-08-07 03:07 - 2014-12-14 04:50 - 000004288 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-08-07 03:07 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLVDLauncher
2020-08-07 03:07 - 2014-12-03 14:22 - 000003160 _____ C:\windows\system32\Tasks\CLMLSvc_P2G8
2020-08-07 03:07 - 2014-12-03 13:53 - 000003592 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-500
2020-08-06 14:31 - 2014-12-09 12:39 - 000003596 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-688974935-4124263328-645016171-1001
2020-08-06 02:32 - 2016-11-16 15:34 - 000000000 ____D C:\Users\TingTing\Saved Documents
2020-08-05 16:58 - 2016-04-06 18:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-08-05 15:59 - 2020-06-23 22:15 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-08-04 11:11 - 2020-06-21 21:38 - 000323784 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-08-02 16:07 - 2017-01-29 22:14 - 000000000 ____D C:\ProgramData\Origin
2020-08-02 15:59 - 2020-06-21 21:38 - 000515544 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-08-02 15:59 - 2020-06-21 21:38 - 000466752 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-08-02 15:59 - 2020-06-21 21:38 - 000195656 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-08-02 15:59 - 2020-06-21 21:38 - 000109280 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-08-02 15:59 - 2020-06-21 21:38 - 000084856 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-08-02 15:59 - 2020-06-21 21:38 - 000060488 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-08-02 15:59 - 2020-06-21 21:38 - 000042776 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-08-02 15:58 - 2020-06-21 21:38 - 000851608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-08-02 15:58 - 2020-06-21 21:38 - 000235592 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-08-02 15:58 - 2020-06-21 21:38 - 000205888 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-08-02 15:58 - 2020-06-21 21:38 - 000037152 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-08-02 02:37 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness
2020-08-02 02:29 - 2017-01-29 22:19 - 000000000 ____D C:\Users\TingTing\AppData\Roaming\Origin
2020-07-29 23:05 - 2015-02-09 10:54 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-29 23:05 - 2015-02-09 10:54 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-29 23:05 - 2015-02-09 10:54 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-07-28 22:21 - 2017-01-29 22:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-07-28 22:20 - 2017-01-29 22:17 - 000000000 ____D C:\Program Files (x86)\Origin
2020-07-28 22:20 - 2017-01-29 22:14 - 000000000 ____D C:\Users\TingTing\AppData\Local\Origin
2020-07-27 13:12 - 2018-03-13 23:25 - 000000000 ____D C:\Users\TingTing\AppData\Local\ElevatedDiagnostics
2020-07-20 12:12 - 2013-08-22 11:36 - 000000000 ____D C:\windows\rescache
2020-07-19 23:53 - 2014-12-09 12:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-07-19 19:40 - 2019-12-14 20:31 - 000000000 ____D C:\Program Files\Malwarebytes
2020-07-19 19:14 - 2017-06-12 19:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-07-19 18:42 - 2015-03-03 02:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-07-19 18:42 - 2015-03-03 02:16 - 000000000 ____D C:\Program Files (x86)\7-Zip
2020-07-18 22:29 - 2020-06-24 09:36 - 000002021 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-07-18 22:29 - 2020-06-24 09:36 - 000002021 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-07-18 22:29 - 2013-08-22 10:44 - 005151896 _____ C:\windows\system32\FNTCACHE.DAT
2020-07-18 22:29 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf
2020-07-18 22:08 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData
2020-07-18 22:07 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\setup
2020-07-18 22:07 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\setup
2020-07-18 22:07 - 2013-08-22 11:36 - 000000000 ____D C:\Program Files\Common Files\System
2020-07-15 09:46 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp
2020-07-15 00:05 - 2019-12-19 05:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-07-14 17:05 - 2013-08-22 11:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-07-14 17:05 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\Macromed
2020-07-14 16:14 - 2015-03-03 02:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-07-14 16:09 - 2013-08-22 09:25 - 000000295 _____ C:\windows\win.ini
2020-07-12 13:14 - 2015-05-21 07:45 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
 
==================== Files in the root of some directories ========
 
2018-10-03 15:04 - 2020-06-23 22:36 - 000000104 _____ () C:\Users\TingTing\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-08-03 14:13
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2020
Ran by TingTing (07-08-2020 21:10:59)
Running from C:\Users\TingTing\Desktop\FRST64 8.7.20
Windows 8.1 (Update) (X64) (2014-12-09 16:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-688974935-4124263328-645016171-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-688974935-4124263328-645016171-501 - Limited - Disabled)
TingTing (S-1-5-21-688974935-4124263328-645016171-1001 - Administrator - Enabled) => C:\Users\TingTing
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 19.00 (HKLM-x32\...\{23170F69-40C1-2701-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.403 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.6.2420 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Version: 2.3 - Bibliotheca)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{5913037B-95C8-4A27-8F37-026BBC7B5AF1}) (Version: 16.1.2026 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 103.4.383 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.10 - NCH Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.105 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4414 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f5f8f8e-11d9-4c64-b002-b60607ac3a29}) (Version: 20.10.1 - Intel Corporation)
iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.77.42374 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
 
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-09] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-04-02] (Samsung Electronics Co. Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-22] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Windows Phone -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe [2016-09-21] (Microsoft Corporation)
阿里旺旺 -> C:\Program Files\WindowsApps\E1354D8C.Win8_1.0.0.122_x64__97d7ef5pp7jwp [2017-11-09] (淘宝(中国)软件有限公司)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-688974935-4124263328-645016171-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-02] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2013-08-19] (SoftThinks -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_243.dll [2016-04-06] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2016-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-02] (Avast Software s.r.o. -> AVAST Software)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\TingTing\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
 
==================== Loaded Modules (Whitelisted) =============
 
2014-04-07 10:31 - 2014-04-07 10:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-11-30 04:59 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\windows\system32\BrSNMP64.dll
2015-11-30 04:59 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\windows\system32\BrNetSti.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-26 11:11 - 2014-02-26 11:11 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-12-03 14:27 - 2014-12-03 14:27 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2014-12-03 14:27 - 2014-12-03 14:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2017-01-29 22:17 - 2020-07-01 10:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-01-29 22:17 - 2020-07-01 10:05 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2017-01-29 22:17 - 2020-07-01 10:06 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\taobao.com -> hxxp://taobao.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2019-04-21 19:53 - 000000954 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
 
2019-09-07 22:43 - 2019-09-07 22:45 - 000000505 _____ C:\windows\system32\drivers\etc\hosts.ics
192.168.173.102 LGwebOSTV.mshome.net # 2019 9 0 15 2 45 27 275
192.168.173.1 WINDOWS-I6D372C.mshome.net # 2024 9 5 6 2 45 27 275
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-688974935-4124263328-645016171-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TingTing\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: bdredline => 2
MSCONFIG\Services: updatesrv => 2
MSCONFIG\Services: vsserv => 2
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "TouchFreeze"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6107A7CB8A14159DCCA158AAEFDFA448"
HKU\S-1-5-21-688974935-4124263328-645016171-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49D90B04-64A3-41F6-A70F-ED16FF3D6CA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{B68D3207-EC40-4C54-8C3B-718AE104F278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BBCB6CD5-3509-42A8-9918-62BEE4209C94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE8FD99-83E6-4129-8773-5F20E308FAC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4367F37-E76B-4941-8FC0-FC5CEED10BE8}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6638E8B8-1036-4031-8B6F-650CAB70D1FD}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E31E9C85-873F-4D0C-83CE-FA94AA349B3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4089887D-33B8-4A2A-8A3C-C0F228BDBCDE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9BFF5F3-7122-4FF1-9CE1-AD76D141061A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104D209A-8D3D-4132-9978-9CA7743B80F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B13A5F35-12DA-4A0F-B000-208E6A10DE80}] => (Allow) LPort=1689
FirewallRules: [{0B0F34E3-5368-4608-BD47-EF1D1A093D52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{0EF7C036-CDF7-44C6-B577-B03AF114B31A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{18F36E45-D382-49E5-A899-5AA417770778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{D4ED90D7-9406-4B73-9EFF-EF740F6B22DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{74B7F942-FBE0-4230-93F8-476DD1E2C9AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{553C75ED-F846-4462-B18D-B0782772C64C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F7E089A2-9916-4A34-816F-C795D515B5A7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{88DC5A35-4978-44BC-9326-C5B034383470}] => (Allow) LPort=1689
FirewallRules: [{384983BB-5071-4C74-82CD-F4B4CF0EF961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5AF5BC9-97F1-4638-B737-05362A4E05D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{907E0216-27DB-407B-AE75-696DE11F8A54}] => (Allow) LPort=54925
FirewallRules: [{95326A45-F842-4689-B457-EBCD1C72EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23E563BA-9FAD-4923-92A4-CFF19A24EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E87FD3B-A442-4A6C-AE0C-B3FFE8D52B53}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4891DB9-CE90-47C6-B12D-931B899D8AF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{576A8F9D-FB9E-4EA6-9D41-0DD6F9C42DF1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F127DE4B-845A-46D2-930B-7756F43E7BE1}C:\users\tingting\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tingting\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{53F55195-7D3B-4260-B3F3-1368A343F77F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{AD42F5F4-F3A5-46E3-9CFD-F26EDED5AC3F}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{32C3E2C5-C22F-479E-A797-E2439204088A}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9391D705-A70F-4DC0-A416-7AE8A11ED497}] => (Allow) C:\Program Files (x86)\The Sims 4 City Living\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{588F2F55-2701-4BC1-95C8-00DF7CA4AE50}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{286A4846-157D-4689-B11D-5C2079080FF6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD11D334-EEEE-4EEF-A300-527143F38446}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D181722F-FBA2-42D9-8D01-632D40ACAB8B}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [UDP Query User{CB2F021C-B93B-4E86-8D85-D81C99103321}C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe] => (Block) C:\users\tingting\appdata\local\vysor\app-2.1.2\vysor.exe (ClockworkMod) [File not signed]
FirewallRules: [TCP Query User{149D241B-4D3F-4708-974B-F7DB9B7E015E}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{86A07B5C-D22B-4108-8D56-446BA14F0A77}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3039C936-3A48-461A-B941-B0E306948956}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7B503A8B-1E4C-4B6F-AAA1-F9FD96B2DD0D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0BF304D8-238B-4D21-B43F-01AE2C39A76B}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{EE941F50-8478-472A-88A9-28BED3E808C1}] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8F42E502-0FAF-4105-A619-3C2B298C1469}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4CC6A7E7-B4EA-4390-888D-E7BD4EBC4EEA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{8D7CDFB8-319B-45EA-B13B-D0C770162257}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
FirewallRules: [{D98C5A19-155C-4D1D-BED3-D3F6D2413019}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C3DF5D42-9E4B-4D53-8C46-A4B05AE69688}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
 
==================== Restore Points =========================
 
23-07-2020 15:47:27 Scheduled Checkpoint
02-08-2020 16:26:38 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (08/07/2020 08:47:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox_pass.exe, version: 20.6.5495.0, time stamp: 0x5f201a67
Faulting module name: protobuf.dll, version: 6.3.9600.19678, time stamp: 0x5e82c0f7
Exception code: 0xc0000135
Fault offset: 0x0009d452
Faulting process id: 0x158c
Faulting application start time: 0x01d66d1d83ce7985
Faulting application path: C:\Program Files\Avast Software\Avast\x86\firefox_pass.exe
Faulting module path: protobuf.dll
Report Id: c2008a29-d910-11ea-8373-6057185e76ac
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/07/2020 08:45:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.22013 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1394
 
Start Time: 01d66d1c740ff559
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 668c356e-d910-11ea-8373-6057185e76ac
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/07/2020 10:24:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.22013 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2018
 
Start Time: 01d66cb05e7bbd4d
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: af751454-d8b9-11ea-8372-6057185e76ac
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/07/2020 04:40:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox_pass.exe, version: 20.6.5495.0, time stamp: 0x5f201a67
Faulting module name: protobuf.dll, version: 6.3.9600.19678, time stamp: 0x5e82c0f7
Exception code: 0xc0000135
Fault offset: 0x0009d452
Faulting process id: 0x24c8
Faulting application start time: 0x01d66c9652f53ae4
Faulting application path: C:\Program Files\Avast Software\Avast\x86\firefox_pass.exe
Faulting module path: protobuf.dll
Report Id: 966814d0-d889-11ea-8372-6057185e76ac
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/07/2020 12:22:37 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (08/06/2020 11:39:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.22013 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 11b0
 
Start Time: 01d66c3e891c0106
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 91239aec-d85f-11ea-8372-6057185e76ac
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/06/2020 01:59:19 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (08/06/2020 01:51:59 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2020/08/06 01:51:59.137]: [00007412]: Initialize TwdsMain Class failed!
 
 
System errors:
=============
Error: (08/07/2020 08:38:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
The service has not been started.
 
Error: (08/07/2020 08:38:08 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Avast Antivirus service did not shut down properly after receiving a preshutdown control.
 
Error: (08/07/2020 08:34:58 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.
 
Error: (08/07/2020 07:46:21 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (08/07/2020 04:12:24 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (08/06/2020 06:11:23 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (08/06/2020 01:55:16 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (08/06/2020 02:12:19 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A13 05/27/2019
Motherboard: Dell Inc. 0598GM
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 28%
Total physical RAM: 12168.96 MB
Available physical RAM: 8759.19 MB
Total Virtual: 17032.96 MB
Available Virtual: 13455.22 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.48 GB) (Free:493.04 GB) NTFS
Drive d: (The Sims 4 City Living) (CDROM) (Total:18.56 GB) (Free:0 GB) UDF
 
\\?\Volume{f8349059-91f3-41a1-a3a9-aa990f6a5539}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.67 GB) NTFS
\\?\Volume{75a2b2bc-6d13-4e6b-81ec-52364e5e5b9e}\ (PBR Image) (Fixed) (Total:8.42 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 05FA846C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#70
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,000 posts
  • MVP
CHR Extension: (AdBlock — best ad blocker) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-08-03]

...

CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-04-10]

CHR Extension: (Unblock Youku) - C:\Users\TingTing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2020-04-18]
 
Looks like you still have Hola.  Also the Unblock Youku is probably a proxy server so all traffic would route to it first.  If it is being blocked  or is down that would give you the 404 message. 
 
Don't think you need the first one if you have Ublock Origin.

  • 0

Advertisements


#71
tingtingz

tingtingz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

When I open chrome extensions, Hola is not listed there. Only AdBlock, Unblock Youku, Google docs, and Ublock Origin. Is there another way to remove Hola beside clicking remove on the chrome extension page? 


  • 0

#72
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,000 posts
  • MVP

We can try to remove it with FRST but Chrome usually puts it back.  Make sure you do not have Chrome Sync turned on:

 

Go to:  chrome://settings/

 

The first option is Sync.  If it is on it will have a Turn Off button.  Click on it.  Close Chrome before you run the fixlist.

 

Then let's see if FRST works:

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   1.23KB   0 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.


 

 

 

 

 


  • 0






Similar Topics

8 user(s) are reading this topic

0 members, 8 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP