FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S0 czhwah; C:\Windows\SysWOW64\drivers\deakun.sys [61440 2019-02-11] () [File not signed]
S0 ynub; C:\Windows\SysWOW64\drivers\owgosexc.sys [61440 2019-02-11] () [File not signed]
S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers1-x32: [PhoXo] -> {47F14307-F923-44F9-86CB-A1E193DA6070} => C:\Program Files (x86)\PhoXo\ExploreMenu.dll -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
FirewallRules: [{7BCA530D-AEF9-4312-AB98-5FA57B22C9D4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0312\HPDiagnosticCoreUI.exe No File
FirewallRules: [{DD0816DF-1A6D-46DE-B7FA-8F03EA897AFA}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0312\HPDiagnosticCoreUI.exe No File
FirewallRules: [{7027FCA1-ED17-4B7B-9DEF-90707122CEED}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS03BC\HPDiagnosticCoreUI.exe No File
FirewallRules: [{4E250D65-5C7F-4C5C-8E68-F728A34421A7}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS03BC\HPDiagnosticCoreUI.exe No File
FirewallRules: [TCP Query User{9F26BF52-B13B-471C-A6AC-44F98C53BC00}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe No File
FirewallRules: [UDP Query User{E3DB5C18-C6C1-4FD6-A0D7-15EFCCE65DC2}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe No File
FirewallRules: [{FEA0FE39-54A2-480A-9CAD-7D55D772EAA6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe No File
FirewallRules: [{9BF14085-062A-4EB5-A452-75190E55F47F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe No File
FirewallRules: [{B9C78521-F0A8-4E23-9136-149ADB9DB1A0}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe No File
FirewallRules: [{20D7AE74-B6A3-426F-B416-9DC325C694AA}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe No File
FirewallRules: [{25DB26D6-7C8D-421E-BD9F-0EBCBFA140D4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS35EA\HPDiagnosticCoreUI.exe No File
FirewallRules: [{BD5D4210-B6E5-45E3-881D-BAEC293F3BF7}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS35EA\HPDiagnosticCoreUI.exe No File
FirewallRules: [{26EAF1A7-27A7-40A1-8B97-244D92D509DD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3FFD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{84C5F561-9393-4117-9C21-1602D63CDAA9}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3FFD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{066E33B9-FBB5-4872-A4EF-6ACA4D6C8780}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4109\HPDiagnosticCoreUI.exe No File
FirewallRules: [{D8C0664B-C6D4-48BA-B1F4-5682814D8FAF}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4109\HPDiagnosticCoreUI.exe No File
FirewallRules: [{14FC1362-862C-41E8-9E03-9DEAFB364DA3}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS416B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{734FA13E-75FC-4204-82B7-5CBEADE5CEF1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS416B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{268CDBAB-5953-49C3-B923-E0C09378C160}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7EF8\HPDiagnosticCoreUI.exe No File
FirewallRules: [{EB46FD57-3C8D-4324-BF80-8CACE5BC36F5}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7EF8\HPDiagnosticCoreUI.exe No File
FirewallRules: [{F028B163-0059-448B-BB75-773426B9BFC0}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2E7E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2DE49187-0F5B-4044-84FE-0A669CC85F33}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2E7E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2F80605A-D7CD-4639-B271-0B88302D1B78}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2F2F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{5F35F7C3-2461-4952-AA85-73CF95EA6F47}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2F2F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{5A4F57BB-C9CE-45EC-B240-2C84F10D8EC1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS334A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{C0330068-E65D-41C2-87C9-CA6BA61A2EBD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS334A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{83EF81F4-A047-486B-9ED7-788156AA5F02}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS492E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2CCFE143-FE63-463D-BF2D-38FA0542B828}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS492E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{30090691-2965-4C2E-BCEA-F17CD8043B3C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS71FF\HPDiagnosticCoreUI.exe No File
FirewallRules: [{368EF3B6-D448-4597-BDD7-C5370190596C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS71FF\HPDiagnosticCoreUI.exe No File
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot: