|
-
November 12th, 2019, 11:53 PM
#1
 [RESOLVED] Need a check up 1
Hello, I need a check up of my home desktop:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-11-2019
Ran by Thinkpad (administrator) on DESKTOP-OLAV58N (LENOVO 2988D9U) (12-11-2019 19:42:43)
Running from C:\Users\Thinkpad\Desktop
Loaded Profiles: Thinkpad (Available Profiles: Thinkpad)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(Autodesk, Inc. -> Autodesk) C:\Users\Thinkpad\Autodesk\Genuine Service\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Byte Technologies LLC -> Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Byte Technologies LLC -> Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
(Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(Corel Corporation -> Corel Corporation) C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe
(Corel Corporation -> Corel Corporation) C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP ENVY 5660 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP ENVY 5660 series\Bin\ScanToPCActivationApp.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(INTERNET PROJECT LLC -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Thinkpad\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.5.21.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.5.21.0\CCleanerBrowserCrashHandler64.exe
(Qihoo 360 Software (Beijing) Company Limited -> ) C:\Program Files (x86)\LuDaShi\ComputerZService.exe
(Qihoo 360 Software (Beijing) Company Limited -> ) C:\Program Files (x86)\LuDaShi\ComputerZTray.exe
(Qihoo 360 Software (Beijing) Company Limited -> ) C:\Program Files (x86)\LuDaShi\Utils\MobileDeviceSrv.exe
(WinZip Computing LLC -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-01-30] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [130624 2019-01-30] (Corel Corporation -> WinZip Computing)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2019-01-30] (WinZip Computing LLC -> WinZip Computing, S.L.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [657704 2019-05-14] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Thinkpad\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Run: [HP ENVY 5660 series (NET)] => C:\Program Files\HP\HP ENVY 5660 series\Bin\ScanToPCActivationApp.exe [3769992 2017-05-23] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Run: [Chromium] => c:\users\thinkpad\appdata\local\chromium\application\chrome.exe [4195328 2017-10-06] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-07-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-07-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-07-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-07-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-07-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Run: [VideoDownloadCapture] => C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe [6709400 2019-01-02] (Apowersoft Ltd -> Apowersoft)
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\77.1.1834.93\Installer\chrmstp.exe [2019-10-12] (Piriform Software Ltd -> Piriform Software)
Startup: C:\Users\Thinkpad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2019-11-09]
ShortcutTarget: GenuineService.lnk -> C:\Users\Thinkpad\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09537260-1F39-454C-94C8-F8EC09CDBE2D} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-08-31] (Piriform Software Ltd -> Piriform Software)
Task: {1270B56D-DC10-489A-B6C5-3269850B090A} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [1889536 2019-09-25] (Piriform Software Ltd -> Piriform Software)
Task: {130BC028-0850-4543-A1B7-E2553C09B90A} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [3916104 2019-07-02] (Byte Technologies LLC -> Byte Technologies LLC) <==== ATTENTION
Task: {192038F6-0A62-4A0F-A5CE-3422C20D36ED} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-01-30] (Corel Corporation -> Corel Corporation)
Task: {3AB6E7A1-548A-4145-987D-C97C3AB6C32E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-07-22] (Apple Inc. -> Apple Inc.)
Task: {40A786B2-47AD-4EEC-82B5-2A9D3F2F9D84} - System32\Tasks\{53EB20C1-ED16-0F45-C6C7-4A58C5EFD296} => C:\Users\Thinkpad\AppData\Roaming\Sosometago\bakof.exe [2228736 2013-04-08] () [File not signed]
Task: {468B45B9-CC70-431C-AAFD-3A16BB6E787C} - System32\Tasks\NCH Software\ExpressZipSevenDays => C:\Program Files (x86)\NCH Software\ExpressZip\ExpressZip.exe [1478224 2019-10-21] (NCH Software, Inc. -> NCH Software)
Task: {625B6BFD-9161-4DD2-91C6-C15491A4E98B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {6C4B3868-6D68-4897-86FE-49159081332B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7847EDDA-4965-4F2B-A410-F02000338327} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-08-31] (Piriform Software Ltd -> Piriform Software)
Task: {790430E9-28AD-455B-A731-B22C07E49D16} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-01-30] (Corel Corporation -> Corel Corporation)
Task: {86F779BE-C5DA-4D8F-8A1A-52876E43E520} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-18] (Google Inc -> Google Inc.)
Task: {897D728D-04C9-46E3-90EA-60E92E66A140} - System32\Tasks\ComputerZ-Tray => C:\Program Files (x86)\LuDaShi\ComputerZTray.exe [3386952 2018-07-24] (Qihoo 360 Software (Beijing) Company Limited -> ) <==== ATTENTION
Task: {90C82A73-47E4-4689-87B7-D95EE1F858C9} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-01-30] (Corel Corporation -> Corel Corporation)
Task: {A7EBB3A3-FC04-44A4-BA29-7BC4693F9F3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C23E4995-04A6-4F09-AED8-0473071EEEF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CAE31715-B79D-4181-8E56-8343D71F8169} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [1889536 2019-09-25] (Piriform Software Ltd -> Piriform Software)
Task: {D00D7401-E573-4914-8677-759CE5C13CE7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {D32C5D5B-ACD2-49D2-B324-71D3D5BF9EF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DABDD9EF-FC65-44DA-8799-96ED8D91B7CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-18] (Google Inc -> Google Inc.)
Task: {E6862596-FE8A-4DDD-B023-BBBDB3D8C7D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E72CD8A5-FD3F-4A9C-8CB8-F35C15E09AEB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\{53EB20C1-ED16-0F45-C6C7-4A58C5EFD296}.job => C:\Users\Thinkpad\AppData\Roaming\SOSOME~1\bakof.exe <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7d1eddcf-2363-4f2a-ab58-a407be2313dc}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-661e01fde7206268
HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-661e01fde7206268
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fwf468aceg84_19_28_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEyEtAyB0EyC0ByByEyBtCyDyE0EyDyEtN0D0Tzu0StByByDtCtN1L2XzuyEtFyDtAtFtDtFtCtAyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StB0AyCyCtAtC0EtDtGyC0AyEtAtGtD0Fzz0FtGyDtDzz0DtGyCyDzy0EtBtDtBtD0FzztC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA1OzztDyCyEtG1TyE1S1TtGyE1SyD1StGzztA1T1RtGtA1PyEtBtC1StBtByE1PtCzz2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCtAtCyEtDyDtDtB%26cr%3D772054356%26a%3Dwbf_fwf468aceg84_19_28_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fwf468aceg84_19_28_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEyEtAyB0EyC0ByByEyBtCyDyE0EyDyEtN0D0Tzu0StByByDtCtN1L2XzuyEtFyDtAtFtDtFtCtAyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StB0AyCyCtAtC0EtDtGyC0AyEtAtGtD0Fzz0FtGyDtDzz0DtGyCyDzy0EtBtDtBtD0FzztC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA1OzztDyCyEtG1TyE1S1TtGyE1SyD1StGzztA1T1RtGtA1PyEtBtC1StBtByE1PtCzz2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCtAtCyEtDyDtDtB%26cr%3D772054356%26a%3Dwbf_fwf468aceg84_19_28_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fwf468aceg84_19_28_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEyEtAyB0EyC0ByByEyBtCyDyE0EyDyEtN0D0Tzu0StByByDtCtN1L2XzuyEtFyDtAtFtDtFtCtAyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StB0AyCyCtAtC0EtDtGyC0AyEtAtGtD0Fzz0FtGyDtDzz0DtGyCyDzy0EtBtDtBtD0FzztC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA1OzztDyCyEtG1TyE1S1TtGyE1SyD1StGzztA1T1RtGtA1PyEtBtC1StBtByE1PtCzz2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCtAtCyEtDyDtDtB%26cr%3D772054356%26a%3Dwbf_fwf468aceg84_19_28_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fwf468aceg84_19_28_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEyEtAyB0EyC0ByByEyBtCyDyE0EyDyEtN0D0Tzu0StByByDtCtN1L2XzuyEtFyDtAtFtDtFtCtAyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StB0AyCyCtAtC0EtDtGyC0AyEtAtGtD0Fzz0FtGyDtDzz0DtGyCyDzy0EtBtDtBtD0FzztC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA1OzztDyCyEtG1TyE1S1TtGyE1SyD1StGzztA1T1RtGtA1PyEtBtC1StBtByE1PtCzz2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCtAtCyEtDyDtDtB%26cr%3D772054356%26a%3Dwbf_fwf468aceg84_19_28_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1312108708-3844341841-2510355704-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fwf468aceg84_19_32_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEyEtAyB0EyC0ByByEyBtCyDyE0EyDyEtN0D0Tzu0StByByBzztN1L2XzuyEtFyDyDtFtDtFyBzytN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyEyDtByD0C0AtA0DtGtCyCyDtDtGyDyEyDtBtGyCtA0DtCtGzy0EyC0ByD0CtByB0CzztC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA1OzztDyCyEtG1TyE1S1TtGyE1SyD1StGzztA1T1RtGtA1PyEtBtC1StBtByE1PtCzz2QtN0A0LzutDtN1B2Z1V1T1S1NzutBtAtDzytAtN1Q2Z1B1P1RzutCyDyCyDyEyEyDtAzzyB%26cr%3D2048004350%26a%3Dwbf_fwf468aceg84_19_32_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1312108708-3844341841-2510355704-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fwf468aceg84_19_32_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEyEtAyB0EyC0ByByEyBtCyDyE0EyDyEtN0D0Tzu0StByByBzztN1L2XzuyEtFyDyDtFtDtFyBzytN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyEyDtByD0C0AtA0DtGtCyCyDtDtGyDyEyDtBtGyCtA0DtCtGzy0EyC0ByD0CtByB0CzztC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByBtA1OzztDyCyEtG1TyE1S1TtGyE1SyD1StGzztA1T1RtGtA1PyEtBtC1StBtByE1PtCzz2QtN0A0LzutDtN1B2Z1V1T1S1NzutBtAtDzytAtN1Q2Z1B1P1RzutCyDyCyDyEyEyDtAzzyB%26cr%3D2048004350%26a%3Dwbf_fwf468aceg84_19_32_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://start.mysearchdial.com/?f=1&a=cmi_14_18_ch&cd=2XzuyEtN2Y1L1QzuyEyEtAyB0EyC0ByByEyBtCyD0F0A0CtCtN0D0Tzu0SzzyDyEtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCyE0E0D0CyE0A0DtGyE0E0F0CtGyC0DtA0AtGtAyCyBtCtGtAtB0EyC0BzytC0BtA0D0AyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtCzzyE0ByD0B0EtG0ByCzz0BtGtD0DyByDtGtB0EyCtAtGtDyCyDzztCtAzy0CtC0DyB0A2Q&cr=179754203&ir=","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.google.com"
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://udn.com; hxxps://www.chinatimes.com; hxxps://www.worldjournal.com
CHR Profile: C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default [2019-11-12]
CHR DownloadDir: C:\Users\Thinkpad\Desktop
CHR Extension: (Slides) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-18]
CHR Extension: (Floorplanner) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag [2018-11-18]
CHR Extension: (Sudoku) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdhembpgcpfegeigidembjopfhghnpj [2018-11-18]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2018-11-18]
CHR Extension: (Docs) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-18]
CHR Extension: (Google Drive) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-18]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2019-09-03]
CHR Extension: (Windows Defender Browser Protection) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbeeeffjjeopflfhgeknacdieedcoml [2019-07-07]
CHR Extension: (YouTube) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-01]
CHR Extension: (Sheets) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-18]
CHR Extension: (Online Security Pro) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjgpapimgnmibnacmeilgjefnoofefp [2019-09-03]
CHR Extension: (iCloud Bookmarks) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2018-11-18]
CHR Extension: (Search Selector Beta) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gboaiodgdajeapekadgejlbmabjganof [2019-11-10]
CHR Extension: (HTTPS Everywhere) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2019-11-08]
CHR Extension: (Google Docs Offline) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-24]
CHR Extension: (Click&Clean) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2019-11-11]
CHR Extension: (360 Internet Protection) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2018-11-18]
CHR Extension: (Pinterest Save Button) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-11-08]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2018-11-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2019-10-31]
CHR Extension: (Dropbox) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2018-11-18]
CHR Extension: (Grammarly for Chrome) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-11-11]
CHR Extension: (Web Whiteboard) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhmonflnoepbijmbbfipoifgkbibofgd [2018-11-18]
CHR Extension: (Search Manager) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2019-10-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Rollip - Photo Effects) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooikhmcdpofogemaldinihdhidaokcmp [2018-11-18]
CHR Extension: (Tv Online) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2018-11-18]
CHR Extension: (Click&Clean App) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2019-11-08]
CHR Extension: (Search Manager) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2019-10-31]
CHR Extension: (Gmail) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-07]
CHR Extension: (Chrome Media Router) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-24]
CHR Extension: (Cool Metronome) - C:\Users\Thinkpad\AppData\Local\Google\Chrome\User Data\Default\Extensions\polmfiinlikaadclgdojekfaoglellgm [2018-11-18]
CHR HKLM\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof]
CHR HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKU\S-1-5-21-1312108708-3844341841-2510355704-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof]
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
