[RESOLVED] Lenovo Y700-15AC Running Slow
Page 1 of 2 12 LastLast
Results 1 to 15 of 26

Thread: [RESOLVED] Lenovo Y700-15AC Running Slow

  1. #1
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121

    Resolved [RESOLVED] Lenovo Y700-15AC Running Slow

    My PC takes forever to startup and is running slow.

    Processor is an AMD FX-8800P Radeon R7, 12 Compute Cores 4C+8G, 2.10 GHz
    RAM 8GB

    Windows 10 Home vs 10H2

    Thanks

    Tony

  2. #2
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05-2021
    Ran by molli (administrator) on LAPTOP-3VS60BL9 (LENOVO 80NY) (15-05-2021 19:35:16)
    Running from C:\Users\molli\Downloads
    Loaded Profiles: molli
    Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: English (United States)
    Default browser: Chrome
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
    (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
    (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
    (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\helper\helper.exe
    (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\updates\3.5.5_46010\utorrentie.exe <2>
    (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe
    (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
    (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
    (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
    (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
    (Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
    (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\LenovoVantageService.exe
    (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
    (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
    (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
    (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
    (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
    (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
    (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\SysWOW64\UMonit64.exe
    (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
    (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18374632 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-11-28] (LENOVO -> )
    HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] () [File not signed]
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [118496 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8172264 2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [uTorrent] => C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe [2132520 2021-05-11] (BitTorrent Inc -> BitTorrent Inc.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [BlueCoreInterfaceTrayApp] => C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe [853912 2016-12-11] (Cardo Systems Inc -> )
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8000600 2020-02-01] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646696 2019-05-09] (Skype Software Sarl -> Skype Technologies S.A.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {06522953-6edd-11ea-9d5a-507b9d76ffe2} - "F:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {3a6ca7ac-7a00-11eb-9da9-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {658ef1e1-4d61-11eb-9d98-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {658ef4eb-4d61-11eb-9d98-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {9135b559-4891-11eb-9d97-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
    HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\WINDOWS\system32\cpwmon64.dll [89008 2016-01-22] (Acro Software Inc. -> )
    HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\Installer\chrmstp.exe [2021-05-05] (Avast Software s.r.o. -> AVAST Software)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2019-12-19]
    ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {01B64863-0EAF-4933-B82C-803EF91FE066} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {05FE1F98-8D73-48C3-98BD-DC3E7E192328} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-02-22] (Lenovo -> )
    Task: {0A5B7F37-E758-40AA-A061-967BE9065E7B} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-02-22] (Lenovo -> )
    Task: {0F2FD7D9-E92E-4945-9BFA-BA1E723D92E8} - System32\Tasks\0216pizUpdateInfo => C:\ProgramData\Avg_Update_0216piz\0216piz_AVG-Secure-Search-Update.exe [2859592 2016-02-16] (AVG Technologies CZ, s.r.o. -> )
    Task: {10DE4B3A-E667-434E-B5EA-228698F17C98} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
    Task: {1AAC322E-0792-48AF-B78E-35DB5DD41D5B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\99f0954c-7cc6-4a5c-a537-342b1a285abf => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    Task: {1D0D1489-8A37-45C4-B834-EB79F1E573EC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e927a600-5039-4f0c-adda-6502a05ad5c5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    Task: {22F70DE8-F69F-484F-AE63-E602B0146EFF} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2016-03-30] (LENOVO -> Lenovo)
    Task: {2B911569-A66E-4DFA-A151-27E7F3FD733D} - System32\Tasks\GoogleUpdateTaskMachineCore1d602e9b9647972 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {32914283-B6C7-4535-8188-8D00D6708152} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
    Task: {354440CB-E414-493D-8CD0-F81600A48B77} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
    Task: {45C9D3D2-5170-4525-ADB9-C9E92AD9C9EA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
    Task: {50EF0B55-9E9B-46D6-A1D6-36F7443FB46E} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [62560 2015-08-29] (Microsoft Windows Hardware Compatibility Publisher -> )
    Task: {543E4E37-84FB-4B80-AF58-4B8D55D643D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
    Task: {548EC764-BFC0-4EBD-AD1D-6BBD62AF1838} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe [23984 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
    Task: {5ABB794C-14BA-45C3-8F85-8FBD84DD64B5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe [23984 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
    Task: {5F01B491-8934-475E-8BD9-E4E9846A7187} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
    Task: {6DA7A914-A114-4680-9FDA-5FB13A65C8A5} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
    Task: {6DB73BB3-2A8E-4827-91F4-A28523AB288A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
    Task: {6EDD5101-3F5A-4A39-8922-52917FED8BFC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3805500227-4192919812-1505005631-1002 => C:\Users\molli\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
    Task: {701B9749-3974-4F68-A006-AE597F3C72C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
    Task: {71280683-330D-4B63-9359-2F27C6EE4813} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
    Task: {73EF4189-26C6-4149-809A-5660C9F963BC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-18] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {788418C7-C17C-4B60-B93E-1922185B8B6D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {80184825-2BFE-4A17-BE04-E446B10626B0} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    Task: {89A42FFD-2F6F-4B1B-A725-FCA776BE39B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [352368 2021-03-26] (HP Inc. -> HP Inc.)
    Task: {8BCAAF8E-F73C-4C9B-BD8D-0B6B9026F023} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
    Task: {8C2A3648-2F5F-468F-B210-A6AA6726F929} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {8D3E791B-1E78-4F70-9F97-A942144060D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
    Task: {949D0EBD-B7F3-42A3-B933-A9553FEC2BAC} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    Task: {953C7F48-81F5-4185-A1AF-A936F660619B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {96233069-34F9-4F33-98B7-6F87E6DB712E} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
    Task: {9A4F5C1C-787F-472D-9A54-99C7F495264C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
    Task: {9D520ADD-330E-403F-9988-942F97CC9872} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-06-02] (LENOVO -> Lenovo)
    Task: {B285201B-3CD2-4594-BB36-B22D92D5B5D6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d36a4fa7-1dc4-4268-bf50-10c971adf10b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    Task: {B36B7D14-0AAF-40B3-882E-EC96A429844C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
    Task: {B5ACDE46-AD3D-4832-B984-4246D37F999B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {BA61D100-8CCF-4980-8B72-4F7F41B23C67} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
    Task: {C6F2710D-E818-496B-8338-97AB3BF229CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {C8388F3A-C2B4-4CB2-9F4A-0778109ECF4E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
    Task: {CE64F059-0402-4941-846D-085CC3309FAB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
    Task: {D322E16D-87D1-40BB-9157-D96A73D7877E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62392 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    Task: {D5D7661A-3565-4992-B5C5-48BD84DA70A1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ee56ab40-19a5-4edd-b038-0394f1e6c0cd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    Task: {D5F26B4D-C936-4EF1-B58B-486064D0605C} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
    Task: {DA2B9286-BBF1-4F1F-8093-BFF79841E8E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
    Task: {DC64D404-0AE3-465C-B961-2B60FDA79A29} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-25] (HP Inc. -> )
    Task: {E488D18A-E925-46DF-922C-38835BB552ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {E8C80844-8C86-4CD1-A122-C43C07AC5C73} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [263504 2016-06-02] (LENOVO -> )
    Task: {F016C105-1D3C-406E-AF93-BA1F8F0EFCEF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {F056B9E3-8802-41E7-83C2-27AE79F98F85} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-08-05] (CyberLink Corp. -> CyberLink Corp.)
    Task: {F6515312-7C50-4FFE-ACDC-E03E10FA25A5} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4699872 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    Task: {F6722126-3039-4BE0-A61C-35002D6B7530} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-18] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {FABEB7FD-365A-4F41-8804-25A91DC67F5C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
    Task: {FE8B8E46-0ADF-4775-8A04-871F3020782D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 89.101.160.5 89.101.160.4
    Tcpip\..\Interfaces\{99dd8d5b-380b-4ad1-a687-a87487ff059a}: [DhcpNameServer] 192.168.42.129
    Tcpip\..\Interfaces\{b46db2f2-e42d-4142-8786-937e4b1aa7e3}: [DhcpNameServer] 192.168.192.1
    Tcpip\..\Interfaces\{c2c54ad8-35c7-4fee-9257-97ec8045a3b7}: [DhcpNameServer] 89.101.160.5 89.101.160.4

    Edge:
    =======
    Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
    Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
    Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
    Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
    Edge Profile: C:\Users\molli\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-06]

    FireFox:
    ========
    FF DefaultProfile: dg32le2u.default
    FF ProfilePath: C:\Users\molli\AppData\Roaming\Mozilla\Firefox\Profiles\dg32le2u.default [2020-10-11]
    FF Homepage: Mozilla\Firefox\Profiles\dg32le2u.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__180520
    FF NewTab: Mozilla\Firefox\Profiles\dg32le2u.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__180520
    FF Plugin: @videolan.org/vlc,version=3.0.13 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-03] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-20] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-12-20] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

    Chrome:
    =======
    CHR DefaultProfile: Profile 1
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\Default [2021-04-10]
    CHR HomePage: Default -> hxxps://www.yahoo.com/
    CHR StartupUrls: Default -> "hxxps://www.yahoo.com/"
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-05-15]
    CHR Notifications: Profile 1 -> hxxps://bringatrailer.com; hxxps://cricfree.sc; hxxps://thefreshposts.com; hxxps://www.dailymail.co.uk; hxxps://www.facebook.com; hxxps://www.yahoo.com
    CHR HomePage: Profile 1 -> hxxps://www.yahoo.com/
    CHR StartupUrls: Profile 1 -> "hxxps://www.yahoo.com/"
    CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-30]
    CHR Extension: (ZenMate Free VPN–Best VPN for Chrome) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2021-03-18]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
    CHR Extension: (Chrome Media Router) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-25]
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-29]
    CHR HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
    CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
    S2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743464 2021-03-08] (philandro Software GmbH -> philandro Software GmbH)
    R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7894040 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [606944 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [356064 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\elevation_service.exe [1396968 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
    R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    S4 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [120024 2015-07-02] (Realtek Semiconductor Corp -> )
    S4 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-18] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-18] (Dropbox, Inc -> Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [194048 2017-04-10] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
    S4 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
    S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-25] (HP Inc. -> HP Inc.)
    R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\LenovoVantageService.exe [28592 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
    S4 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
    S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    S4 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (LENOVO -> SHAREit Technologies Co.Ltd)
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-02-01] (LAVASOFT SOFTWARE CANADA INC -> )
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
    R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [212192 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365024 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17352 2021-04-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
    R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180448 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522896 2021-05-14] (Avast Software s.r.o. -> AVAST Software)
    R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82872 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850632 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467720 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215352 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326992 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
    S3 CSRBC; C:\WINDOWS\System32\Drivers\rider64.sys [38400 2015-03-10] (Microsoft Windows Hardware Compatibility Publisher -> CSR plc.)
    S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
    S3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [188840 2015-08-29] (GENESYS LOGIC, INC. -> GenesysLogic)
    S3 RtkA2dp; C:\WINDOWS\system32\drivers\RtkA2dp.sys [182288 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
    S3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
    S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [262160 2019-08-11] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.)
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
    S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) (Whitelisted) =========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2021-05-15 18:47 - 2021-05-15 18:51 - 000054163 _____ C:\Users\molli\Downloads\Addition.txt
    2021-05-15 18:43 - 2021-05-15 19:37 - 000035795 _____ C:\Users\molli\Downloads\FRST.txt
    2021-05-15 17:27 - 2021-05-15 17:27 - 002299392 _____ (Farbar) C:\Users\molli\Downloads\FRST64.exe
    2021-05-14 07:35 - 2021-05-14 07:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2021-05-13 15:58 - 2021-05-13 15:58 - 000785009 _____ C:\Users\molli\Downloads\Tony - Final Payment - 2021.xlsx
    2021-05-12 16:24 - 2021-05-12 16:24 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
    2021-05-12 16:23 - 2021-05-12 16:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
    2021-05-12 16:22 - 2021-05-12 16:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2021-05-12 16:22 - 2021-05-12 16:22 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
    2021-05-12 16:21 - 2021-05-12 16:21 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2021-05-12 16:21 - 2021-05-12 16:21 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
    2021-05-12 16:20 - 2021-05-12 16:20 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
    2021-05-12 16:18 - 2021-05-12 16:18 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2021-05-12 16:18 - 2021-05-12 16:18 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2021-05-12 16:18 - 2021-05-12 16:18 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
    2021-05-12 16:15 - 2021-05-12 16:15 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
    2021-05-12 16:15 - 2021-05-12 16:15 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
    2021-05-11 22:25 - 2021-05-11 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2021-05-11 22:25 - 2021-05-11 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2021-05-11 22:25 - 2021-05-11 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2021-05-11 22:25 - 2021-05-11 22:25 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2021-05-11 16:51 - 2021-05-15 17:18 - 000000000 ____D C:\Users\molli\AppData\LocalLow\uTorrent
    2021-05-10 13:42 - 2021-05-10 14:40 - 000000000 ____D C:\Users\molli\AppData\Roaming\vlc
    2021-05-10 12:12 - 2021-05-10 12:12 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
    2021-05-10 12:12 - 2021-05-10 12:12 - 000000923 _____ C:\ProgramData\Desktop\VLC media player.lnk
    2021-05-10 12:12 - 2021-05-10 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2021-05-10 12:09 - 2021-05-10 12:09 - 042672432 _____ C:\Users\molli\Downloads\vlc-3.0.13-win64.exe
    2021-05-09 20:05 - 2021-05-10 10:47 - 000000000 ____D C:\Users\molli\Desktop\Mary Music MP3
    2021-05-09 19:57 - 2021-05-10 12:11 - 000000000 ____D C:\Program Files\VideoLAN
    2021-05-09 19:49 - 2021-05-09 19:49 - 042585440 _____ C:\Users\molli\Downloads\vlc-3.0.12-win64.exe
    2021-05-06 17:22 - 2021-05-06 17:22 - 004127456 _____ C:\Users\molli\Downloads\att-1.pdf
    2021-05-06 16:07 - 2021-05-06 16:07 - 000008972 _____ C:\Users\molli\Desktop\Jobs.xlsx
    2021-05-05 22:41 - 2021-05-05 22:42 - 126754370 _____ C:\Users\molli\Downloads\xvideos.com_0ab81dc21b6c0188f929e7f70df35dec.mp4
    2021-05-05 13:16 - 2021-05-05 13:16 - 000014179 _____ C:\Users\molli\Desktop\Redundancy.pdf
    2021-05-05 13:06 - 2021-05-05 13:06 - 000023325 _____ C:\Users\molli\Downloads\Document 4 received (apr 4) Vipjet Provisional Redundancy Calculations.pdf
    2021-05-05 13:02 - 2021-05-05 13:02 - 000833978 _____ C:\Users\molli\Desktop\Anthony Mollica Notice of Redundancy.pdf
    2021-05-04 13:58 - 2021-05-04 13:58 - 000049126 _____ C:\Users\molli\Desktop\Payslip.pdf
    2021-05-03 22:03 - 2021-05-03 22:03 - 000115643 _____ C:\Users\molli\Desktop\TV Licence - Transaction Receipt.pdf
    2021-04-29 20:15 - 2021-04-29 20:14 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2021-04-29 20:15 - 2021-04-29 20:14 - 000215352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
    2021-04-15 00:30 - 2021-04-15 00:30 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

  3. #3
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121
    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2021-05-15 19:38 - 2016-04-09 21:17 - 000000000 ____D C:\Users\molli\AppData\Roaming\uTorrent
    2021-05-15 19:36 - 2016-11-12 21:08 - 000000000 ____D C:\FRST
    2021-05-15 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2021-05-15 19:29 - 2020-11-22 16:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2021-05-15 17:20 - 2020-11-22 17:07 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2021-05-15 17:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
    2021-05-15 17:19 - 2019-03-19 22:04 - 000000000 ____D C:\Users\molli\AppData\Local\BitTorrentHelper
    2021-05-15 17:14 - 2016-11-12 21:07 - 000000000 ____D C:\ProgramData\AVAST Software
    2021-05-15 17:13 - 2019-05-08 22:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2021-05-15 17:12 - 2020-11-22 17:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2021-05-15 17:12 - 2020-11-22 16:36 - 000008192 ___SH C:\DumpStack.log.tmp
    2021-05-15 17:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
    2021-05-15 17:12 - 2016-04-18 23:33 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2021-05-15 17:11 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2021-05-15 17:11 - 2017-06-04 02:49 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
    2021-05-15 17:11 - 2017-06-04 02:49 - 000065536 _____ C:\WINDOWS\psp_storage.bin
    2021-05-15 17:07 - 2020-11-30 21:26 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c0e950b0a570
    2021-05-15 17:07 - 2020-11-22 17:31 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
    2021-05-15 17:07 - 2020-11-22 17:31 - 000003452 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
    2021-05-15 17:07 - 2020-11-22 17:31 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2021-05-15 17:07 - 2020-11-22 17:31 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
    2021-05-15 17:07 - 2020-11-22 17:31 - 000003310 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{02626242-B5DC-4564-A16A-0829B8E98293}
    2021-05-15 17:07 - 2020-11-22 17:31 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
    2021-05-15 17:07 - 2020-11-22 17:31 - 000003152 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d602e9b9647972
    2021-05-15 17:07 - 2020-11-22 17:31 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
    2021-05-15 17:07 - 2020-11-22 17:31 - 000002992 _____ C:\WINDOWS\system32\Tasks\AVG EUpdate Task
    2021-05-15 17:07 - 2020-11-22 17:31 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3805500227-4192919812-1505005631-1002
    2021-05-15 17:07 - 2020-11-22 17:31 - 000002354 _____ C:\WINDOWS\system32\Tasks\UMonitor Task
    2021-05-15 17:07 - 2020-11-22 17:31 - 000002212 _____ C:\WINDOWS\system32\Tasks\PDVDServ12 Task
    2021-05-15 17:07 - 2020-11-22 17:31 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
    2021-05-15 17:07 - 2020-11-22 17:31 - 000002116 _____ C:\WINDOWS\system32\Tasks\StartDVR
    2021-05-15 17:07 - 2020-11-22 17:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
    2021-05-15 17:07 - 2016-04-01 22:42 - 000000000 ____D C:\Users\molli\Desktop\Watch Me
    2021-05-15 15:46 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
    2021-05-15 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
    2021-05-15 15:45 - 2020-06-03 23:58 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2021-05-14 12:16 - 2020-11-22 17:31 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
    2021-05-14 08:16 - 2020-10-11 22:37 - 000522896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
    2021-05-14 07:36 - 2016-04-18 23:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2021-05-13 16:34 - 2020-11-22 16:49 - 000002374 _____ C:\Users\molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2021-05-13 16:34 - 2016-03-30 15:54 - 000000000 ___RD C:\Users\molli\OneDrive
    2021-05-13 16:00 - 2017-12-09 20:09 - 000000000 ____D C:\Users\molli\AppData\Local\Packages
    2021-05-12 23:56 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2021-05-12 23:46 - 2020-11-22 16:37 - 000447912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2021-05-12 23:40 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
    2021-05-12 23:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
    2021-05-12 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
    2021-05-12 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2021-05-12 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
    2021-05-12 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
    2021-05-12 23:26 - 2016-04-21 18:05 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2021-05-12 23:25 - 2016-03-31 11:15 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2021-05-12 21:12 - 2016-05-02 22:45 - 000000000 ____D C:\Users\molli\Desktop\excel spread sheets
    2021-05-12 16:50 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
    2021-05-12 16:48 - 2019-12-07 10:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
    2021-05-12 14:05 - 2016-04-11 02:11 - 000000000 ____D C:\WINDOWS\system32\MRT
    2021-05-12 13:51 - 2016-04-11 02:11 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2021-05-12 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2021-05-10 13:53 - 2021-03-15 01:06 - 000000000 ____D C:\Users\molli\Desktop\medical
    2021-05-10 11:52 - 2021-04-04 19:37 - 000000000 ____D C:\Users\molli\Desktop\Mary Music
    2021-05-07 21:10 - 2021-03-15 01:06 - 000000000 ____D C:\Users\molli\Desktop\TONY
    2021-05-05 21:41 - 2020-10-11 22:44 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
    2021-05-05 13:16 - 2020-03-26 23:07 - 000000000 ____D C:\Users\molli\AppData\Local\CutePDF Writer
    2021-05-05 12:04 - 2016-04-18 23:33 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2021-05-05 11:56 - 2020-11-22 17:31 - 000003768 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
    2021-05-02 22:57 - 2020-08-14 11:09 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
    2021-04-29 20:15 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2021-04-29 20:14 - 2020-10-11 22:37 - 000850632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000467720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000365024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000326992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000212192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000180448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000082872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000035664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
    2021-04-29 20:14 - 2020-10-11 22:37 - 000017352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
    2021-04-25 21:58 - 2021-03-03 20:59 - 000000000 ____D C:\Users\molli\AppData\Roaming\Sky Go
    2021-04-25 21:35 - 2021-03-03 20:59 - 000001049 _____ C:\Users\molli\Desktop\Sky Go.lnk
    2021-04-25 21:35 - 2021-03-03 20:59 - 000000000 ____D C:\Users\molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sky
    2021-04-25 10:18 - 2016-11-14 22:05 - 000000000 ____D C:\Users\molli\AppData\Local\CrashDumps
    2021-04-23 12:34 - 2016-12-07 20:07 - 000000000 ____D C:\Program Files\Microsoft Office 15
    2021-04-15 01:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2021-04-15 01:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
    2021-04-15 01:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
    2021-04-15 01:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
    2021-04-15 00:28 - 2020-11-22 16:43 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

    ==================== Files in the root of some directories ========

    2016-11-12 21:50 - 2016-11-03 08:32 - 002594688 _____ (COMODO) C:\Users\molli\AppData\Roaming\temp~ccavstart.exe
    2016-11-12 21:50 - 2016-11-03 08:32 - 003856048 _____ (Terra Informatica Software, Inc.) C:\Users\molli\AppData\Roaming\temp~cmdhtml.dll
    2016-11-16 22:34 - 2016-11-24 16:10 - 000042847 _____ () C:\Users\molli\AppData\Local\BTServer.log
    2018-10-24 16:32 - 2018-10-24 16:32 - 000000000 _____ () C:\Users\molli\AppData\Local\{823E5C07-0FD7-4076-BCF6-EAFEAD04A47D}

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================

  4. #4
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021
    Ran by molli (15-05-2021 19:39:04)
    Running from C:\Users\molli\Downloads
    Windows 10 Home Version 20H2 19042.985 (X64) (2020-11-22 16:35:14)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3805500227-4192919812-1505005631-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3805500227-4192919812-1505005631-503 - Limited - Disabled)
    Guest (S-1-5-21-3805500227-4192919812-1505005631-501 - Limited - Disabled)
    molli (S-1-5-21-3805500227-4192919812-1505005631-1002 - Administrator - Enabled) => C:\Users\molli
    WDAGUtilityAccount (S-1-5-21-3805500227-4192919812-1505005631-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    猥orrent (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\uTorrent) (Version: 3.5.5.46010 - BitTorrent Inc.)
    64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
    7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
    7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
    AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.)
    AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.2.1 - Advanced Micro Devices, Inc.)
    AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.3 - philandro Software GmbH)
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software)
    Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 90.0.9316.94 - AVAST Software)
    Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
    Cardo Updater (HKLM-x32\...\Cardo Updater_is1) (Version: - Cardo Systems, Inc.)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
    CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
    Dolby Audio X2 Windows API SDK (HKLM\...\{68B3293E-612B-48B4-BC0F-4CCFBF83AB96}) (Version: 0.8.2.76 - Dolby Laboratories, Inc.)
    Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 122.4.4867 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
    HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
    HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
    HP Photosmart All-In-One Driver Software (HKLM\...\{A96C5DB7-40F9-46DD-B36F-9E657D1D9E04}) (Version: 14.0 - HP)
    HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
    HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.8.34.31 - HP)
    HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.18.34.21 - HP)
    HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
    Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
    Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
    Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
    Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
    Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.71.2 - ELAN Microelectronic Corp.)
    Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5604.55 - CyberLink Corp.) Hidden
    Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5604.55 - CyberLink Corp.)
    Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
    Lenovo Service Bridge (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
    Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
    Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.067.00 - Lenovo)
    Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0118 - Lenovo)
    Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.6.15.0 - Lenovo Group Ltd.)
    LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
    LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
    Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
    Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5337.1001 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
    Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
    OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5337.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5337.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5337.1001 - Microsoft Corporation) Hidden
    REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
    REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.868.867.071015 - REALTEK Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0276 - REALTEK Semiconductor Corp.)
    RogueKiller version 12.8.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.8.0.0 - Adlice Software)
    SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
    Sky Go 21.3.2.0 (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\com.bskyb.skygoplayer_is1) (Version: 21.3.2.0 - Sky)
    Skype version 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
    TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
    User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
    User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
    VLC media player (HKLM\...\VLC media player) (Version: 3.0.13 - VideoLAN)
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
    Web Companion (HKLM-x32\...\{5ce32996-1c68-4022-92d5-3b767e0eace6}) (Version: 4.9.2182.4042 - Lavasoft)
    Zoom (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

    Packages:
    =========
    Lenovo Account Portal -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-24] (LENOVO INCORPORATED.)
    Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-18] (LENOVO INCORPORATED.)
    Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-10] (LENOVO INC.)
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-12] (Microsoft Studios) [MS Ad]
    MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-02-23] (Microsoft Corporation)
    MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
    Open PDF + -> C:\Program Files\WindowsApps\3538OpenOffice.OpenOfficePDF_1.25.0.2_neutral__nmw6e14cfhspc [2017-04-05] (Open PDF, Word, Excel)
    Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation)
    Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\molli\Dropbox [2016-04-18 23:36]
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-03-21] (Advanced Micro Devices, Inc.) [File not signed]
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    ShortcutWithArgument: C:\Users\molli\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

    ==================== Loaded Modules (Whitelisted) =============

    2016-09-14 04:18 - 2016-09-14 04:18 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
    2016-09-14 04:18 - 2016-09-14 04:18 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
    2017-03-21 22:57 - 2017-03-21 22:57 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
    2017-03-21 22:57 - 2017-03-21 22:57 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamenu.dll
    2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
    2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
    2020-12-21 20:27 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
    2020-08-12 01:51 - 2020-07-09 02:36 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
    2016-09-14 04:19 - 2016-09-14 04:19 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
    2016-09-14 04:18 - 2016-09-14 04:18 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
    2016-09-14 04:18 - 2016-09-14 04:18 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
    2016-09-14 04:18 - 2016-09-14 04:18 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
    2016-09-14 04:18 - 2016-09-14 04:18 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
    2016-09-14 04:18 - 2016-09-14 04:18 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
    2016-09-14 04:18 - 2016-09-14 04:18 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
    2016-09-14 04:18 - 2016-09-14 04:18 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
    2016-09-14 04:18 - 2016-09-14 04:18 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
    2016-09-14 04:18 - 2016-09-14 04:18 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
    2016-09-14 04:18 - 2016-09-14 04:18 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer (Whitelisted) ==========

    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__180520
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
    SearchScopes: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002 -> DefaultScope {E09A2151-3467-4174-8E16-BD5B6D09480F} URL =
    SearchScopes: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://ie.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180520__yaie&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002 -> {E09A2151-3467-4174-8E16-BD5B6D09480F} URL =
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
    IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
    IE trusted site: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\localhost -> localhost
    IE trusted site: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\webcompanion.com -> hxxp://webcompanion.com

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\RogueKiller;%SYSTEMROOT%\System32\OpenSSH\
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
    DNS Servers: 89.101.160.5 - 89.101.160.4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (If an entry is included in the fixlist, it will be removed.)

    MSCONFIG\Services: AdaptiveSleepService => 2
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AMD External Events Utility => 2
    MSCONFIG\Services: AvrcpService => 2
    MSCONFIG\Services: BTDevManager => 2
    MSCONFIG\Services: CCSDK => 2
    MSCONFIG\Services: DAX2API => 2
    MSCONFIG\Services: dbupdate => 2
    MSCONFIG\Services: dbupdatem => 3
    MSCONFIG\Services: DbxSvc => 2
    MSCONFIG\Services: ETDService => 2
    MSCONFIG\Services: GDCAgent => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
    MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
    MSCONFIG\Services: ImControllerService => 2
    MSCONFIG\Services: isesrv => 2
    MSCONFIG\Services: LSC.Services.SystemService => 3
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: ShareItSvc => 3
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: tbaseprovisioning => 2
    HKLM\...\StartupApproved\Run: => "RTHDVCPL"
    HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
    HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
    HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
    HKLM\...\StartupApproved\Run: => "LenovoUtility"
    HKLM\...\StartupApproved\Run: => "DAX2_APP"
    HKLM\...\StartupApproved\Run: => "BtServer"
    HKLM\...\StartupApproved\Run: => "StartCN"
    HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
    HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
    HKLM\...\StartupApproved\Run32: => "Dropbox"
    HKLM\...\StartupApproved\Run32: => "HP Software Update"
    HKLM\...\StartupApproved\Run32: => "AvgUi"
    HKLM\...\StartupApproved\Run32: => "CCAV"
    HKLM\...\StartupApproved\Run32: => "IseUI"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "BlueCoreInterfaceTrayApp"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "Skype for Desktop"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "Web Companion"

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [UDP Query User{B4BBEFFA-D6F9-40EE-B1AA-62F3E33811BC}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [TCP Query User{98EF0F8A-EA8F-4BC6-BD89-BDA31E78E6A0}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{017DE5D4-AD84-4DC0-95E5-ABD8BF8EE798}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{F52C28C9-9366-459C-A3B0-6C8254768177}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{4E23B58B-772A-4715-8147-E6F9CE0F8DA8}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{4BDE54F4-F4AA-418C-B827-5D846D7B60D8}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{0153588C-5FB3-4D90-8EFF-896EA03A5163}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{833CA06F-2383-4DE5-BCFE-5A188FE9C97B}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{5C5718B9-8431-45F5-9680-332D313FB851}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{5F4B4C58-67ED-4C3E-BF28-8A222859F44D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe => No File
    FirewallRules: [{3B00B3BB-D7B1-4959-B94E-F2C3C4197294}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe => No File
    FirewallRules: [{C68F0323-BF3C-4B18-93E6-5C71B4E0004B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe => No File
    FirewallRules: [{F8471373-7EBC-4765-BA54-9DEA00BE2D59}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe => No File
    FirewallRules: [{9075C3E2-1C35-4E00-A903-70DA441A9695}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe => No File
    FirewallRules: [{52166BF9-0F9A-4E5D-AECD-DE1891C690BF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe => No File
    FirewallRules: [{3F940AA2-3D16-4E16-8EFA-86CECCA919A4}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
    FirewallRules: [{A63FB4BF-0BCA-40BE-BCB9-500EA0672707}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{311A8BD1-BF43-4133-848C-85E82D700222}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{251D6BEC-47FD-4DBB-91BB-701F9A5308C0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
    FirewallRules: [{BD44DEAD-03E8-4C67-A61E-526547D9837A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{DF6DC4B7-3E77-4BDB-843F-C58306E2AD4D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{8D8BCE91-46A0-4AA7-9DDA-0C711CDFB03F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{CA1583A6-95A2-4EF1-B998-1E7D28852466}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{6864749C-43B2-47C4-9E3B-763CA1593B3C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe (Hewlett-Packard Co.) [File not signed]
    FirewallRules: [{8ADED271-20FF-4CDB-96C1-0E7D9F007AEE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{3B78500B-C9E9-4833-9B29-1C46AA276348}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{9472BDAA-662C-4F29-98B0-F714B153823B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{6283E653-DEE2-4E9D-8C74-B703E4567583}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{AFBDFC6D-17BC-4E03-8CBC-83BB1321047A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{21454B6C-61C2-426A-A63C-2AF316F2136D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{ECBAF2CC-E2CC-42DA-89A5-6A2B10F9FBEC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{D5D81A35-A848-4BBE-BC40-163CFB49E067}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{85C72577-23C7-4ADC-A6AF-A4769E09CF0F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{D35F49DC-8A11-49AD-ADC4-E786156CEA02}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{7C11E1D0-001D-40B3-8239-B4A851C674FF}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
    FirewallRules: [{A00A74F3-7F75-4658-8241-C2A62B52A4E0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
    FirewallRules: [{136EA3A9-FCF2-498C-A2D1-3C64CF935121}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
    FirewallRules: [{07A9E33B-637E-44C4-92F6-EA1B6593A40A}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{B8AED7C4-57CF-4BDD-BF0A-6C95BB4DDD9D}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{59C3339F-516B-4E70-8E88-76BCE2D043C1}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{06892A88-06A5-4BF4-9F47-AFBC50AAA457}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{E55B8E25-78E6-4B2F-A90C-17F0E934666F}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{F2140B2B-F580-4E87-9161-671669890C72}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{819D00F5-A1E6-4C58-B35F-E4C807B36E9F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe => No File
    FirewallRules: [{94730DE6-53B6-46EA-BCDA-41F5D74CC353}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe => No File
    FirewallRules: [{60A21992-E398-45A0-AF2D-A17B779B4092}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{BDC37857-2E60-42C9-980D-A80853E8482D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{16BEC197-F2C0-4637-AEDF-39DD6253E835}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{4AF58AC9-0DC3-4BD1-AB98-1A8B0E9ADEA4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{52F0F72F-5953-4EF6-A2C6-CFB2E691E464}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{4DF68B5B-2658-4C83-A9E0-8CF8D60766E6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{573CF173-FCF2-46F6-AE50-D5E55A198771}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{69B17E52-9949-4B1D-9AFD-1885A282EB3C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [TCP Query User{1355592A-4A96-4249-93CB-99AAE9C7F540}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [UDP Query User{2888709D-154C-4049-9F14-A948FBAC2BC0}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{619D3753-3ED0-4DBE-B0EC-7AA30E3D707F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{C7E88DF9-0421-4A89-B2A3-3AD2DAC1536D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{227E8EAD-057D-42F5-9A97-F7E721B5FDA9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{D72F1822-3965-4AF2-8290-FC68EB482EF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{4D3AB164-9A42-46CF-AB38-1C0E810539E5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{ECF6277C-8D06-4D59-9AF7-24DB15C72DC1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{1F8496B5-5B4C-4E27-8B99-5B7B6A34830A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{4EB500C6-955C-4757-90B2-DD602E3A77CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{64C945B8-CEBE-4501-80DC-BEF8850ADB50}] => (Allow) C:\Users\molli\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{ED574D08-AD4D-43BD-B1BD-3A36B1248963}] => (Allow) C:\Users\molli\AppData\Roaming\Zoom\bin\airhost.exe => No File
    FirewallRules: [{23DDCAE4-ECE6-4C75-870E-5A64B5906071}] => (Allow) C:\Users\molli\AppData\Roaming\Zoom\bin\airhost.exe => No File
    FirewallRules: [{5A0236EA-1A5C-45C7-95ED-61D6E814FF54}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
    FirewallRules: [{3BE48C7E-3B17-4669-AB60-7897039C9A13}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
    FirewallRules: [{10E3E1F3-120B-4B27-B39D-FEA5505C6580}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{3F55D674-8DE6-4602-A917-0971904A6932}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{2DDF3345-B341-4B60-AADD-66898A4ABC56}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
    FirewallRules: [{70B74798-5349-4CE9-9AE8-2BBDCCA02589}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    FirewallRules: [{8CDFF0C0-EF38-403C-B251-3067CCE966D7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    FirewallRules: [{E71D5BF6-E3F8-4F94-99B8-E84B313CE7E9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    FirewallRules: [{D12DE27A-DD71-4F7A-B35E-DAB9E9E32A06}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    FirewallRules: [{C8912954-168F-4059-86C4-B18E1E32D583}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    FirewallRules: [{858FFCBF-9F00-4531-A6D0-75706C566A3A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

    ==================== Restore Points =========================

    11-05-2021 18:22:20 Scheduled Checkpoint
    12-05-2021 14:06:25 Windows Modules Installer
    12-05-2021 14:39:36 Windows Modules Installer

    ==================== Faulty Device Manager Devices ============

  5. #5
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121
    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (05/15/2021 04:19:07 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-3VS60BL9)
    Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

    Error: (05/15/2021 04:12:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program svchost.exe version 10.0.19041.546 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: a7c

    Start Time: 01d74780529da677

    Termination Time: 4294967295

    Application Path: C:\Windows\System32\svchost.exe

    Report Id: c2d90e73-3f51-4e08-8f51-66e16c3abfec

    Faulting package full name:

    Faulting package-relative application ID:

    Hang type: Unknown

    Error: (05/14/2021 07:35:33 AM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

    Error: (05/14/2021 07:35:33 AM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

    Error: (05/13/2021 03:47:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LockApp.exe version 10.0.19041.844 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 1ab8

    Start Time: 01d748067571262a

    Termination Time: 4294967295

    Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

    Report Id: f2c8dc29-0393-422f-974e-31df6ee2a7c1

    Faulting package full name: Microsoft.LockApp_10.0.19041.964_neutral__cw5n1h2txyewy

    Faulting package-relative application ID: WindowsDefaultLockScreen

    Hang type: Cross-thread

    Error: (05/10/2021 10:24:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
    Description: The storage optimizer couldn't complete retrim on LENOVO (D because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

    Error: (05/10/2021 10:24:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
    Description: The storage optimizer couldn't complete retrim on Windows (C because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

    Error: (05/10/2021 10:55:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program explorer.exe version 10.0.19041.928 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 1dd4

    Start Time: 01d741a0d2f7a944

    Termination Time: 0

    Application Path: C:\Windows\explorer.exe

    Report Id: 4f6516d1-ce5d-407e-ba56-57d4f78283be

    Faulting package full name:

    Faulting package-relative application ID:

    Hang type: Unknown


    System errors:
    =============
    Error: (05/15/2021 05:18:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The HP Touchpoint Analytics service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (05/15/2021 05:18:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the HP Touchpoint Analytics service to connect.

    Error: (05/15/2021 05:16:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Tools service.

    Error: (05/15/2021 05:15:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Tools service.

    Error: (05/15/2021 05:11:11 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
    Description: The Avast Antivirus service did not shut down properly after receiving a preshutdown control.

    Error: (05/15/2021 03:23:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (05/15/2021 03:23:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Account Sign-in Assistant service to connect.

    Error: (05/15/2021 03:21:42 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-3VS60BL9)
    Description: DCOM got error "1053" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
    {4991D34B-80A1-4291-83B6-3328366B9097}


    CodeIntegrity:
    ===============
    Date: 2021-05-15 19:41:15
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2021-05-15 18:44:29
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


    ==================== Memory info ===========================

    BIOS: LENOVO CECN43WW 09/15/2015
    Motherboard: LENOVO Allsparks 5B
    Processor: AMD FX-8800P Radeon R7, 12 Compute Cores 4C+8G
    Percentage of memory in use: 65%
    Total physical RAM: 7127.18 MB
    Available physical RAM: 2446.09 MB
    Total Virtual: 18903.18 MB
    Available Virtual: 13354.27 MB

    ==================== Drives ================================

    Drive c: (Windows) (Fixed) (Total:885.92 GB) (Free:69.8 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.14 GB) NTFS

    \\?\Volume{fe75932f-00b7-47b2-a944-89a1e2c3e23e}\ () (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
    \\?\Volume{0919af76-0e0f-4460-9657-7a2ecada3e3a}\ (LENOVO_PART) (Fixed) (Total:18.37 GB) (Free:6.39 GB) NTFS
    \\?\Volume{1d2c27e8-96fa-4a45-ae0c-42bcf61cbb5b}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: C57589EA)

    Partition: GPT.

    ==================== End of Addition.txt =======================

  6. #6
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,493
    I apologize for late reply. Somehow, I missed this topic.

    Please, observe following rules:

    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.



    ====================================

    Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Double click on downloaded setup.exe file to install the program.
    • Click on Start Scan button.
    • Click on another Start Scan button.
    • Wait until the Status box shows Scan Finished
    • Click on Remove Selected.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.

    Please download Malwarebytes to your desktop.
    • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
    • Then click Finish.
    • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
    • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
    • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
    • Restart your computer when prompted to do so.
    • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8/10 users right-click and select Run As Administrator
    • The tool will start to update the database if one is required.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Logfile button.
    • A window will open which lists the logs of your scans.
    • Click on the Scan tab.
    • Double-click the most recent scan which will be at the top of the list....the log will appear.
    • Review the results...see note below
    • After reviewing the log, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
    • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
    • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
    • A copy of all logfiles are saved to C:\AdwCleaner.

    -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

  7. #7
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121
    Rogue Killer

    RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) by Adlice Software
    mail : https://adlice.com/contact/
    Website : https://adlice.com/download/roguekiller/
    Operating System : Windows 10 (10.0.19042) 64 bits
    Started in : Normal mode
    User : molli [Administrator]
    Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
    Signatures : 20210531_131610, Driver : Loaded
    Mode : Standard Scan, Scan -- Date : 2021/06/01 22:53:16 (Duration : 00:25:11)
    Switches : -minimize

    中中中中中中中中中中中中 Processes 中中中中中中中中中中中中

    中中中中中中中中中中中中 Process Modules 中中中中中中中中中中中中

    中中中中中中中中中中中中 Services 中中中中中中中中中中中中

    中中中中中中中中中中中中 Tasks 中中中中中中中中中中中中

    中中中中中中中中中中中中 Registry 中中中中中中中中中中中中

    中中中中中中中中中中中中 WMI 中中中中中中中中中中中中

    中中中中中中中中中中中中 Hosts File 中中中中中中中中中中中中

    中中中中中中中中中中中中 Files 中中中中中中中中中中中中

    中中中中中中中中中中中中 Web browsers 中中中中中中中中中中中中

    中中中中中中中中中中中中 Antirootkit : 0 (Driver: Loaded) 中中中中中中中中中中中中

  8. #8
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121
    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 6/1/21
    Scan Time: 11:29 PM
    Log File: e31dccd6-c328-11eb-8b1d-507b9d76ffe2.json

    -Software Information-
    Version: 4.4.0.117
    Components Version: 1.0.1308
    Update Package Version: 1.0.41231
    License: Trial

    -System Information-
    OS: Windows 10 (Build 19042.985)
    CPU: x64
    File System: NTFS
    User: LAPTOP-3VS60BL9\molli

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 319239
    Threats Detected: 3
    Threats Quarantined: 3
    Time Elapsed: 20 min, 33 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 2
    PUP.Optional.SearchYa, HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}, Quarantined, 435, 242794, 1.0.41231, , ame, , ,
    PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, Quarantined, 330, 550469, 1.0.41231, , ame, , ,

    Registry Value: 1
    PUP.Optional.SearchYa, HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}|DISPLAYNAME, Quarantined, 435, 242794, 1.0.41231, , ame, , ,

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)

  9. #9
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121
    # -------------------------------
    # Malwarebytes AdwCleaner 8.2.0.0
    # -------------------------------
    # Build: 03-22-2021
    # Database: 2021-05-17.1 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start: 06-02-2021
    # Duration: 00:01:02
    # OS: Windows 10 Home
    # Cleaned: 25
    # Failed: 0


    ***** [ Services ] *****

    No malicious services cleaned.

    ***** [ Folders ] *****

    Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
    Deleted C:\Users\molli\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG

    ***** [ Files ] *****

    No malicious files cleaned.

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    Deleted C:\Windows\System32\Tasks\0216pizUpdateInfo

    ***** [ Registry ] *****

    Deleted HKCU\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
    Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
    Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
    Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
    Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
    Deleted HKCU\Software\Lavasoft\Web Companion
    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
    Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F2FD7D9-E92E-4945-9BFA-BA1E723D92E8}
    Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F2FD7D9-E92E-4945-9BFA-BA1E723D92E8}
    Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0216pizUpdateInfo
    Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
    Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5ce32996-1c68-4022-92d5-3b767e0eace6}|DisplayIcon
    Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5ce32996-1c68-4022-92d5-3b767e0eace6}|DisplayName
    Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5ce32996-1c68-4022-92d5-3b767e0eace6}|UninstallString
    Deleted HKLM\System\Setup\FirstBoot\Services\WCAssistantService
    Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
    Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
    Deleted HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
    Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries cleaned.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs cleaned.

    ***** [ Firefox (and derivatives) ] *****

    Deleted SaveFrom.net helper - helper-sig@savefrom.net

    ***** [ Firefox URLs ] *****

    Deleted http://securedsearch.lavasoft.com/?p...D10440__180520

    ***** [ Hosts File Entries ] *****

    No malicious hosts file entries cleaned.

    ***** [ Preinstalled Software ] *****

    No Preinstalled Software cleaned.


    *************************

    [+] Delete Tracing Keys
    [+] Reset Winsock

    *************************

    AdwCleaner[S00].txt - [12444 octets] - [01/06/2021 23:55:55]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

  10. #10
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,493
    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.


    • Double click to run it.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

  11. #11
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121
    part 1

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2021
    Ran by molli (administrator) on LAPTOP-3VS60BL9 (LENOVO 80NY) (02-06-2021 21:21:28)
    Running from C:\Users\molli\Downloads
    Loaded Profiles: molli
    Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: English (United States)
    Default browser: Chrome
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
    (Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
    (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\helper\helper.exe
    (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\updates\3.5.5_46010\utorrentie.exe <2>
    (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
    (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
    (philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
    (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18374632 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-11-28] (LENOVO -> )
    HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] () [File not signed]
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [118496 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8172320 2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [uTorrent] => C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe [2132520 2021-05-11] (BitTorrent Inc -> BitTorrent Inc.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [BlueCoreInterfaceTrayApp] => C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe [853912 2016-12-11] (Cardo Systems Inc -> )
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646696 2019-05-09] (Skype Software Sarl -> Skype Technologies S.A.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {06522953-6edd-11ea-9d5a-507b9d76ffe2} - "F:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {3a6ca7ac-7a00-11eb-9da9-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {658ef1e1-4d61-11eb-9d98-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {658ef4eb-4d61-11eb-9d98-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {9135b559-4891-11eb-9d97-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
    HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\WINDOWS\system32\cpwmon64.dll [89008 2016-01-22] (Acro Software Inc. -> )
    HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-06-01] (Google LLC -> Google LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\90.1.9508.213\Installer\chrmstp.exe [2021-05-24] (Avast Software s.r.o. -> AVAST Software)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2019-12-19]
    ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {05FE1F98-8D73-48C3-98BD-DC3E7E192328} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-02-22] (Lenovo -> )
    Task: {08A9C504-3746-47B4-AFA7-D01D64EFE789} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4808928 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    Task: {0A5B7F37-E758-40AA-A061-967BE9065E7B} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-02-22] (Lenovo -> )
    Task: {0BC66897-B8A4-44E8-9883-E1A438377FEA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {10DE4B3A-E667-434E-B5EA-228698F17C98} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
    Task: {1AAC322E-0792-48AF-B78E-35DB5DD41D5B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\99f0954c-7cc6-4a5c-a537-342b1a285abf => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    Task: {1D0D1489-8A37-45C4-B834-EB79F1E573EC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e927a600-5039-4f0c-adda-6502a05ad5c5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    Task: {22F70DE8-F69F-484F-AE63-E602B0146EFF} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2016-03-30] (LENOVO -> Lenovo)
    Task: {2B911569-A66E-4DFA-A151-27E7F3FD733D} - System32\Tasks\GoogleUpdateTaskMachineCore1d602e9b9647972 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {32914283-B6C7-4535-8188-8D00D6708152} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
    Task: {354440CB-E414-493D-8CD0-F81600A48B77} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
    Task: {45C9D3D2-5170-4525-ADB9-C9E92AD9C9EA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2230632 2021-05-11] (Avast Software s.r.o. -> AVAST Software)
    Task: {4F71CBF8-7807-4FF5-986C-95C404AA7194} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {50EF0B55-9E9B-46D6-A1D6-36F7443FB46E} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [62560 2015-08-29] (Microsoft Windows Hardware Compatibility Publisher -> )
    Task: {543E4E37-84FB-4B80-AF58-4B8D55D643D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
    Task: {548EC764-BFC0-4EBD-AD1D-6BBD62AF1838} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe [23984 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
    Task: {5ABB794C-14BA-45C3-8F85-8FBD84DD64B5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe [23984 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
    Task: {5F01B491-8934-475E-8BD9-E4E9846A7187} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
    Task: {6DA7A914-A114-4680-9FDA-5FB13A65C8A5} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
    Task: {6DB73BB3-2A8E-4827-91F4-A28523AB288A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
    Task: {6EDD5101-3F5A-4A39-8922-52917FED8BFC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3805500227-4192919812-1505005631-1002 => C:\Users\molli\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
    Task: {701B9749-3974-4F68-A006-AE597F3C72C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
    Task: {71280683-330D-4B63-9359-2F27C6EE4813} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
    Task: {73EF4189-26C6-4149-809A-5660C9F963BC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-18] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {80184825-2BFE-4A17-BE04-E446B10626B0} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    Task: {89A42FFD-2F6F-4B1B-A725-FCA776BE39B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [352368 2021-05-17] (HP Inc. -> HP Inc.)
    Task: {8BCAAF8E-F73C-4C9B-BD8D-0B6B9026F023} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
    Task: {8C2A3648-2F5F-468F-B210-A6AA6726F929} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {8D3E791B-1E78-4F70-9F97-A942144060D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
    Task: {949D0EBD-B7F3-42A3-B933-A9553FEC2BAC} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    Task: {953C7F48-81F5-4185-A1AF-A936F660619B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {96233069-34F9-4F33-98B7-6F87E6DB712E} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
    Task: {9A4F5C1C-787F-472D-9A54-99C7F495264C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
    Task: {9D520ADD-330E-403F-9988-942F97CC9872} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-06-02] (LENOVO -> Lenovo)
    Task: {AEDABBF7-ACAA-439F-8262-B9FEB3496588} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {B285201B-3CD2-4594-BB36-B22D92D5B5D6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d36a4fa7-1dc4-4268-bf50-10c971adf10b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    Task: {B36B7D14-0AAF-40B3-882E-EC96A429844C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
    Task: {B5ACDE46-AD3D-4832-B984-4246D37F999B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {BA61D100-8CCF-4980-8B72-4F7F41B23C67} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
    Task: {C6013729-3EE8-4DA8-95F3-17BC14EAF6EF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {C6F2710D-E818-496B-8338-97AB3BF229CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {C8388F3A-C2B4-4CB2-9F4A-0778109ECF4E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
    Task: {CE64F059-0402-4941-846D-085CC3309FAB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
    Task: {D322E16D-87D1-40BB-9157-D96A73D7877E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62392 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    Task: {D5D7661A-3565-4992-B5C5-48BD84DA70A1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ee56ab40-19a5-4edd-b038-0394f1e6c0cd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    Task: {D5F26B4D-C936-4EF1-B58B-486064D0605C} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
    Task: {DA2B9286-BBF1-4F1F-8093-BFF79841E8E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
    Task: {DC64D404-0AE3-465C-B961-2B60FDA79A29} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-25] (HP Inc. -> )
    Task: {E8C80844-8C86-4CD1-A122-C43C07AC5C73} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [263504 2016-06-02] (LENOVO -> )
    Task: {F056B9E3-8802-41E7-83C2-27AE79F98F85} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-08-05] (CyberLink Corp. -> CyberLink Corp.)
    Task: {F6722126-3039-4BE0-A61C-35002D6B7530} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-18] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {FABEB7FD-365A-4F41-8804-25A91DC67F5C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
    Task: {FE8B8E46-0ADF-4775-8A04-871F3020782D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2230632 2021-05-11] (Avast Software s.r.o. -> AVAST Software)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

  12. #12
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121
    part 2

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 89.101.160.5 89.101.160.4
    Tcpip\..\Interfaces\{99dd8d5b-380b-4ad1-a687-a87487ff059a}: [DhcpNameServer] 192.168.42.129
    Tcpip\..\Interfaces\{b46db2f2-e42d-4142-8786-937e4b1aa7e3}: [DhcpNameServer] 192.168.192.1
    Tcpip\..\Interfaces\{c2c54ad8-35c7-4fee-9257-97ec8045a3b7}: [DhcpNameServer] 89.101.160.5 89.101.160.4

    Edge:
    =======
    Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
    Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
    Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
    Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
    Edge Profile: C:\Users\molli\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-02]
    Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

    FireFox:
    ========
    FF DefaultProfile: dg32le2u.default
    FF ProfilePath: C:\Users\molli\AppData\Roaming\Mozilla\Firefox\Profiles\dg32le2u.default [2020-10-11]
    FF Homepage: Mozilla\Firefox\Profiles\dg32le2u.default -> hxxps://www.google.com/
    FF NewTab: Mozilla\Firefox\Profiles\dg32le2u.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__180520
    FF Plugin: @videolan.org/vlc,version=3.0.13 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-03] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-20] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-12-20] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

    Chrome:
    =======
    CHR DefaultProfile: Profile 1
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\Default [2021-04-10]
    CHR HomePage: Default -> hxxps://www.yahoo.com/
    CHR StartupUrls: Default -> "hxxps://www.yahoo.com/"
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-06-02]
    CHR Notifications: Profile 1 -> hxxps://bringatrailer.com; hxxps://cricfree.sc; hxxps://thefreshposts.com; hxxps://www.dailymail.co.uk; hxxps://www.facebook.com; hxxps://www.yahoo.com
    CHR HomePage: Profile 1 -> hxxps://www.yahoo.com/
    CHR StartupUrls: Profile 1 -> "hxxps://www.yahoo.com/"
    CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-31]
    CHR Extension: (ZenMate Free VPN–Best VPN for Chrome) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2021-03-18]
    CHR Extension: (Malwarebytes Browser Guard) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-01]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
    CHR Extension: (Chrome Media Router) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-01]
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-29]
    CHR HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
    CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
    R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743464 2021-03-08] (philandro Software GmbH -> philandro Software GmbH)
    R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7894040 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [606944 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [356064 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\90.1.9508.213\elevation_service.exe [1396952 2021-05-11] (Avast Software s.r.o. -> AVAST Software)
    R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    S4 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [120024 2015-07-02] (Realtek Semiconductor Corp -> )
    S4 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-18] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-18] (Dropbox, Inc -> Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
    S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [194048 2017-04-10] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
    S4 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
    R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-24] (HP Inc. -> HP Inc.)
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
    S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-25] (HP Inc. -> HP Inc.)
    S2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
    S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\LenovoVantageService.exe [28592 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
    S4 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-01] (Malwarebytes Inc -> Malwarebytes)
    S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13688656 2021-03-24] (Adlice -> )
    S4 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (LENOVO -> SHAREit Technologies Co.Ltd)
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
    R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216360 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365536 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99296 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-05-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
    R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180944 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522864 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82856 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851144 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471352 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215352 2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
    S3 CSRBC; C:\WINDOWS\System32\Drivers\rider64.sys [38400 2015-03-10] (Microsoft Windows Hardware Compatibility Publisher -> CSR plc.)
    R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-06-01] (Malwarebytes Inc -> Malwarebytes)
    S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
    S3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [188840 2015-08-29] (GENESYS LOGIC, INC. -> GenesysLogic)
    R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-01] (Malwarebytes Inc -> Malwarebytes)
    S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-01] (Malwarebytes Inc -> Malwarebytes)
    R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-01] (Malwarebytes Inc -> Malwarebytes)
    R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-01] (Malwarebytes Inc -> Malwarebytes)
    R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-06-01] (Malwarebytes Inc -> Malwarebytes)
    S3 RtkA2dp; C:\WINDOWS\system32\drivers\RtkA2dp.sys [182288 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
    S3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
    S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [262160 2019-08-11] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.)
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-06-01] (Adlice -> )
    S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
    S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) (Whitelisted) =========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2021-06-02 21:20 - 2021-06-02 21:20 - 002300416 _____ (Farbar) C:\Users\molli\Downloads\FRST64 (2).exe
    2021-06-02 21:19 - 2021-06-02 21:19 - 002300416 _____ (Farbar) C:\Users\molli\Downloads\FRST64 (1).exe
    2021-06-01 23:53 - 2021-06-01 23:53 - 008534696 _____ (Malwarebytes) C:\Users\molli\Downloads\AdwCleaner (1).exe
    2021-06-01 23:29 - 2021-06-01 23:29 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
    2021-06-01 23:29 - 2021-06-01 23:29 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2021-06-01 23:29 - 2021-06-01 23:29 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
    2021-06-01 23:28 - 2021-06-01 23:28 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2021-06-01 23:28 - 2021-06-01 23:28 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
    2021-06-01 23:28 - 2021-06-01 23:28 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
    2021-06-01 23:28 - 2021-06-01 23:28 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
    2021-06-01 23:28 - 2021-06-01 23:28 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
    2021-06-01 23:28 - 2021-06-01 23:28 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2021-06-01 23:28 - 2021-06-01 23:28 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
    2021-06-01 23:27 - 2021-06-01 23:27 - 002080712 _____ (Malwarebytes) C:\Users\molli\Downloads\MBSetup (2).exe
    2021-06-01 22:49 - 2021-06-02 14:18 - 000000000 ____D C:\Users\molli\Desktop\Scans
    2021-06-01 22:13 - 2021-06-01 22:13 - 008534696 _____ (Malwarebytes) C:\Users\molli\Downloads\AdwCleaner.exe
    2021-06-01 22:13 - 2021-06-01 22:13 - 000000000 ____D C:\Users\molli\AppData\Local\mbam
    2021-06-01 22:09 - 2021-06-01 22:09 - 000000000 ____D C:\Program Files\Malwarebytes
    2021-06-01 22:08 - 2021-06-01 22:08 - 002080712 _____ (Malwarebytes) C:\Users\molli\Downloads\MBSetup (1).exe
    2021-06-01 22:06 - 2021-06-01 22:06 - 002080712 _____ (Malwarebytes) C:\Users\molli\Downloads\MBSetup.exe
    2021-06-01 22:05 - 2021-06-01 22:05 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
    2021-06-01 22:05 - 2021-06-01 22:05 - 000000906 _____ C:\ProgramData\Desktop\RogueKiller.lnk
    2021-06-01 22:03 - 2021-06-01 22:04 - 040488656 _____ (Adlice Software ) C:\Users\molli\Downloads\RogueKiller_setup.exe
    2021-06-01 14:42 - 2021-06-01 14:42 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2021-06-01 14:42 - 2021-06-01 14:42 - 000215336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw26ad1354e60fb31d.tmp
    2021-05-31 00:22 - 2021-05-31 00:22 - 070475058 _____ C:\Users\molli\Downloads\xvideos.com_942927c3885840276ca623850fd5498a.mp4
    2021-05-31 00:14 - 2021-05-31 00:14 - 083111417 _____ C:\Users\molli\Downloads\xvideos.com_c3ad7b5f567f3ba27165d2f83abe1a09.mp4
    2021-05-31 00:06 - 2021-05-31 00:06 - 080019718 _____ C:\Users\molli\Downloads\xvideos.com_d6c11e1e5c7b322ddedb9bee9262f2cd.mp4
    2021-05-31 00:05 - 2021-05-31 00:05 - 069008257 _____ C:\Users\molli\Downloads\xvideos.com_a2c31211136292f1189ae38fe8b649a1.mp4
    2021-05-27 20:55 - 2021-05-27 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2021-05-24 21:16 - 2021-05-24 21:16 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
    2021-05-24 21:15 - 2021-04-20 23:55 - 007401440 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64.dll
    2021-05-24 21:15 - 2021-04-20 23:55 - 005180384 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv.dll
    2021-05-24 21:15 - 2021-04-20 23:55 - 001332208 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64_DiscoveryLibDyn.dll
    2021-05-24 21:15 - 2021-04-20 23:55 - 000966112 _____ (HP Inc.) C:\WINDOWS\SysWOW64\DiscoveryLibDyn.dll
    2021-05-24 21:15 - 2021-04-20 23:55 - 000668144 _____ (HP Inc., LP) C:\WINDOWS\system32\HPWia2Drv.dll
    2021-05-24 21:15 - 2021-04-20 23:45 - 000003487 _____ C:\WINDOWS\SysWOW64\HPScanDrvConfig.xml
    2021-05-24 21:15 - 2021-04-20 23:45 - 000003487 _____ C:\WINDOWS\system32\HPScanDrvConfig.xml
    2021-05-24 20:42 - 2021-05-24 20:42 - 000017328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
    2021-05-22 14:52 - 2021-05-22 14:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2021-05-22 14:52 - 2021-05-22 14:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2021-05-22 14:52 - 2021-05-22 14:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2021-05-22 14:52 - 2021-05-22 14:52 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2021-05-20 16:21 - 2021-05-20 16:21 - 007078214 _____ C:\Users\molli\Downloads\att-1 (1).pdf
    2021-05-15 18:47 - 2021-05-15 19:41 - 000054463 _____ C:\Users\molli\Downloads\Addition.txt
    2021-05-15 18:43 - 2021-06-02 21:24 - 000034720 _____ C:\Users\molli\Downloads\FRST.txt
    2021-05-15 17:27 - 2021-05-15 17:27 - 002299392 _____ (Farbar) C:\Users\molli\Downloads\FRST64.exe
    2021-05-13 15:58 - 2021-05-13 15:58 - 000785009 _____ C:\Users\molli\Downloads\Tony - Final Payment - 2021.xlsx
    2021-05-12 16:24 - 2021-05-12 16:24 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
    2021-05-12 16:23 - 2021-05-12 16:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
    2021-05-12 16:22 - 2021-05-12 16:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2021-05-12 16:22 - 2021-05-12 16:22 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
    2021-05-12 16:21 - 2021-05-12 16:21 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2021-05-12 16:21 - 2021-05-12 16:21 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
    2021-05-12 16:20 - 2021-05-12 16:20 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
    2021-05-12 16:18 - 2021-05-12 16:18 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2021-05-12 16:18 - 2021-05-12 16:18 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2021-05-12 16:18 - 2021-05-12 16:18 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
    2021-05-12 16:15 - 2021-05-12 16:15 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
    2021-05-12 16:15 - 2021-05-12 16:15 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
    2021-05-11 16:51 - 2021-06-02 14:43 - 000000000 ____D C:\Users\molli\AppData\LocalLow\uTorrent
    2021-05-10 13:42 - 2021-05-10 14:40 - 000000000 ____D C:\Users\molli\AppData\Roaming\vlc
    2021-05-10 12:12 - 2021-05-10 12:12 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
    2021-05-10 12:12 - 2021-05-10 12:12 - 000000923 _____ C:\ProgramData\Desktop\VLC media player.lnk
    2021-05-10 12:12 - 2021-05-10 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2021-05-10 12:09 - 2021-05-10 12:09 - 042672432 _____ C:\Users\molli\Downloads\vlc-3.0.13-win64.exe
    2021-05-09 20:05 - 2021-05-10 10:47 - 000000000 ____D C:\Users\molli\Desktop\Mary Music MP3
    2021-05-09 19:57 - 2021-05-10 12:11 - 000000000 ____D C:\Program Files\VideoLAN
    2021-05-09 19:49 - 2021-05-09 19:49 - 042585440 _____ C:\Users\molli\Downloads\vlc-3.0.12-win64.exe
    2021-05-06 17:22 - 2021-05-06 17:22 - 004127456 _____ C:\Users\molli\Downloads\att-1.pdf
    2021-05-06 16:07 - 2021-05-06 16:07 - 000008972 _____ C:\Users\molli\Desktop\Jobs.xlsx
    2021-05-05 22:41 - 2021-05-05 22:42 - 126754370 _____ C:\Users\molli\Downloads\xvideos.com_0ab81dc21b6c0188f929e7f70df35dec.mp4
    2021-05-05 13:16 - 2021-05-05 13:16 - 000014179 _____ C:\Users\molli\Desktop\Redundancy.pdf
    2021-05-05 13:06 - 2021-05-05 13:06 - 000023325 _____ C:\Users\molli\Downloads\Document 4 received (apr 4) Vipjet Provisional Redundancy Calculations.pdf
    2021-05-05 13:02 - 2021-05-05 13:02 - 000833978 _____ C:\Users\molli\Desktop\Anthony Mollica Notice of Redundancy.pdf
    2021-05-04 13:58 - 2021-05-04 13:58 - 000049126 _____ C:\Users\molli\Desktop\Payslip.pdf
    2021-05-03 22:03 - 2021-05-03 22:03 - 000115643 _____ C:\Users\molli\Desktop\TV Licence - Transaction Receipt.pdf

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2021-06-02 21:27 - 2016-04-09 21:17 - 000000000 ____D C:\Users\molli\AppData\Roaming\uTorrent
    2021-06-02 21:22 - 2016-11-12 21:08 - 000000000 ____D C:\FRST
    2021-06-02 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2021-06-02 20:43 - 2019-03-19 22:04 - 000000000 ____D C:\Users\molli\AppData\Local\BitTorrentHelper
    2021-06-02 18:17 - 2020-11-22 16:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2021-06-02 14:06 - 2018-05-20 17:22 - 000000000 ____D C:\Users\molli\AppData\Local\Lavasoft
    2021-06-02 14:06 - 2018-05-20 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2021-06-02 14:04 - 2016-04-01 22:42 - 000000000 ____D C:\Users\molli\Desktop\Watch Me
    2021-06-01 23:55 - 2016-11-14 02:40 - 000000000 ____D C:\AdwCleaner
    2021-06-01 23:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2021-06-01 23:28 - 2016-11-13 22:42 - 000000000 ____D C:\ProgramData\Malwarebytes
    2021-06-01 22:52 - 2018-05-20 17:21 - 000000000 ____D C:\Users\molli\AppData\Roaming\Lavasoft
    2021-06-01 22:52 - 2018-05-20 17:21 - 000000000 ____D C:\ProgramData\Lavasoft
    2021-06-01 22:52 - 2018-05-20 17:21 - 000000000 ____D C:\Program Files (x86)\Lavasoft
    2021-06-01 22:11 - 2016-11-13 22:37 - 000000000 ____D C:\ProgramData\RogueKiller
    2021-06-01 22:05 - 2016-11-13 22:46 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
    2021-06-01 22:05 - 2016-11-13 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2021-06-01 22:05 - 2016-11-13 22:38 - 000000000 ____D C:\Program Files\RogueKiller
    2021-06-01 21:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
    2021-06-01 21:24 - 2016-03-31 11:15 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2021-06-01 14:44 - 2020-10-11 22:37 - 000522864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
    2021-06-01 14:43 - 2020-11-22 17:31 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
    2021-06-01 14:42 - 2020-10-11 22:37 - 000471352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
    2021-06-01 14:42 - 2020-10-11 22:37 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
    2021-06-01 14:42 - 2020-10-11 22:37 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
    2021-06-01 14:42 - 2020-10-11 22:37 - 000180944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
    2021-06-01 14:42 - 2020-10-11 22:37 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2021-06-01 14:42 - 2020-10-11 22:37 - 000099296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
    2021-06-01 14:42 - 2020-10-11 22:37 - 000082856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2021-06-01 14:42 - 2020-10-11 22:37 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
    2021-06-01 14:41 - 2020-10-11 22:37 - 000851144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
    2021-06-01 14:41 - 2020-10-11 22:37 - 000365536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
    2021-06-01 14:41 - 2020-10-11 22:37 - 000216360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
    2021-06-01 14:41 - 2020-10-11 22:37 - 000035664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
    2021-05-31 19:25 - 2016-12-07 20:07 - 000000000 ____D C:\Program Files\Microsoft Office 15
    2021-05-31 19:23 - 2020-11-22 16:49 - 000000000 ____D C:\Users\molli
    2021-05-31 19:21 - 2019-05-08 22:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2021-05-31 19:20 - 2020-11-22 17:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2021-05-31 19:20 - 2020-11-22 16:36 - 000008192 ___SH C:\DumpStack.log.tmp
    2021-05-31 19:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
    2021-05-31 19:20 - 2016-04-18 23:33 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2021-05-31 15:33 - 2020-11-30 21:26 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c0e950b0a570
    2021-05-31 15:33 - 2020-11-22 17:31 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
    2021-05-31 15:33 - 2020-11-22 17:31 - 000003452 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
    2021-05-31 15:33 - 2020-11-22 17:31 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2021-05-31 15:33 - 2020-11-22 17:31 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
    2021-05-31 15:33 - 2020-11-22 17:31 - 000003310 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{02626242-B5DC-4564-A16A-0829B8E98293}
    2021-05-31 15:33 - 2020-11-22 17:31 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
    2021-05-31 15:33 - 2020-11-22 17:31 - 000003152 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d602e9b9647972
    2021-05-31 15:33 - 2020-11-22 17:31 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
    2021-05-31 15:33 - 2020-11-22 17:31 - 000002992 _____ C:\WINDOWS\system32\Tasks\AVG EUpdate Task
    2021-05-31 15:33 - 2020-11-22 17:31 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3805500227-4192919812-1505005631-1002
    2021-05-31 15:33 - 2020-11-22 17:31 - 000002354 _____ C:\WINDOWS\system32\Tasks\UMonitor Task
    2021-05-31 15:33 - 2020-11-22 17:31 - 000002212 _____ C:\WINDOWS\system32\Tasks\PDVDServ12 Task
    2021-05-31 15:33 - 2020-11-22 17:31 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
    2021-05-31 15:33 - 2020-11-22 17:31 - 000002116 _____ C:\WINDOWS\system32\Tasks\StartDVR
    2021-05-31 15:26 - 2020-11-22 17:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
    2021-05-31 14:11 - 2016-11-14 22:05 - 000000000 ____D C:\Users\molli\AppData\Local\CrashDumps
    2021-05-31 00:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
    2021-05-31 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
    2021-05-30 22:47 - 2020-11-22 16:49 - 000002374 _____ C:\Users\molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2021-05-30 22:47 - 2016-03-30 15:54 - 000000000 ___RD C:\Users\molli\OneDrive
    2021-05-30 21:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2021-05-29 22:24 - 2020-06-03 23:58 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2021-05-27 21:35 - 2017-12-09 20:09 - 000000000 ____D C:\Users\molli\AppData\Local\Packages
    2021-05-27 20:56 - 2016-04-18 23:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2021-05-25 19:48 - 2019-08-30 00:39 - 000000000 ____D C:\Users\molli\AppData\Local\PlaceholderTileLogoFolder
    2021-05-24 21:31 - 2016-04-14 21:01 - 000000000 ____D C:\ProgramData\HP
    2021-05-24 21:14 - 2018-07-14 00:21 - 000000000 ____D C:\ProgramData\Packages
    2021-05-24 20:49 - 2020-10-11 22:44 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
    2021-05-24 16:16 - 2020-10-11 22:37 - 000522936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswab19678a0e2fc2de.tmp
    2021-05-16 17:56 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
    2021-05-15 17:20 - 2020-11-22 17:07 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2021-05-15 17:14 - 2016-11-12 21:07 - 000000000 ____D C:\ProgramData\AVAST Software
    2021-05-15 17:11 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2021-05-15 17:11 - 2017-06-04 02:49 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
    2021-05-15 17:11 - 2017-06-04 02:49 - 000065536 _____ C:\WINDOWS\psp_storage.bin
    2021-05-12 23:56 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2021-05-12 23:46 - 2020-11-22 16:37 - 000447912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2021-05-12 23:40 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
    2021-05-12 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
    2021-05-12 23:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
    2021-05-12 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
    2021-05-12 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2021-05-12 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
    2021-05-12 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
    2021-05-12 23:26 - 2016-04-21 18:05 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2021-05-12 21:12 - 2016-05-02 22:45 - 000000000 ____D C:\Users\molli\Desktop\excel spread sheets
    2021-05-12 16:48 - 2019-12-07 10:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
    2021-05-12 14:05 - 2016-04-11 02:11 - 000000000 ____D C:\WINDOWS\system32\MRT
    2021-05-12 13:51 - 2016-04-11 02:11 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2021-05-10 13:53 - 2021-03-15 01:06 - 000000000 ____D C:\Users\molli\Desktop\medical
    2021-05-10 11:52 - 2021-04-04 19:37 - 000000000 ____D C:\Users\molli\Desktop\Mary Music
    2021-05-07 21:10 - 2021-03-15 01:06 - 000000000 ____D C:\Users\molli\Desktop\TONY
    2021-05-05 13:16 - 2020-03-26 23:07 - 000000000 ____D C:\Users\molli\AppData\Local\CutePDF Writer
    2021-05-05 12:04 - 2016-04-18 23:33 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2021-05-05 11:56 - 2020-11-22 17:31 - 000003768 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore

    ==================== Files in the root of some directories ========

    2016-11-12 21:50 - 2016-11-03 08:32 - 002594688 _____ (COMODO) C:\Users\molli\AppData\Roaming\temp~ccavstart.exe
    2016-11-12 21:50 - 2016-11-03 08:32 - 003856048 _____ (Terra Informatica Software, Inc.) C:\Users\molli\AppData\Roaming\temp~cmdhtml.dll
    2016-11-16 22:34 - 2016-11-24 16:10 - 000042847 _____ () C:\Users\molli\AppData\Local\BTServer.log
    2018-10-24 16:32 - 2018-10-24 16:32 - 000000000 _____ () C:\Users\molli\AppData\Local\{823E5C07-0FD7-4076-BCF6-EAFEAD04A47D}

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================

  13. #13
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121
    Additional scan part 1

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2021
    Ran by molli (02-06-2021 21:27:23)
    Running from C:\Users\molli\Downloads
    Windows 10 Home Version 20H2 19042.985 (X64) (2020-11-22 16:35:14)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3805500227-4192919812-1505005631-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3805500227-4192919812-1505005631-503 - Limited - Disabled)
    Guest (S-1-5-21-3805500227-4192919812-1505005631-501 - Limited - Disabled)
    molli (S-1-5-21-3805500227-4192919812-1505005631-1002 - Administrator - Enabled) => C:\Users\molli
    WDAGUtilityAccount (S-1-5-21-3805500227-4192919812-1505005631-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    猥orrent (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\uTorrent) (Version: 3.5.5.46010 - BitTorrent Inc.)
    64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
    7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
    7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
    AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0321.2159.37738 - Advanced Micro Devices, Inc.)
    AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.2.1 - Advanced Micro Devices, Inc.)
    AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.3 - philandro Software GmbH)
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.4.2464 - Avast Software)
    Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 90.1.9508.213 - AVAST Software)
    Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
    Cardo Updater (HKLM-x32\...\Cardo Updater_is1) (Version: - Cardo Systems, Inc.)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
    CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
    Dolby Audio X2 Windows API SDK (HKLM\...\{68B3293E-612B-48B4-BC0F-4CCFBF83AB96}) (Version: 0.8.2.76 - Dolby Laboratories, Inc.)
    Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 123.4.4832 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
    HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
    HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
    HP Photosmart All-In-One Driver Software (HKLM\...\{A96C5DB7-40F9-46DD-B36F-9E657D1D9E04}) (Version: 14.0 - HP)
    HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
    HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.8.34.31 - HP)
    HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.18.34.21 - HP)
    HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
    Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
    Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
    Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
    Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
    Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.71.2 - ELAN Microelectronic Corp.)
    Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5604.55 - CyberLink Corp.) Hidden
    Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5604.55 - CyberLink Corp.)
    Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
    Lenovo Service Bridge (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
    Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
    Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.067.00 - Lenovo)
    Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0118 - Lenovo)
    Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.6.15.0 - Lenovo Group Ltd.)
    LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
    LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
    Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
    Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
    Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
    Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.37 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5345.1002 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
    Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
    OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5345.1002 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5345.1002 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5345.1002 - Microsoft Corporation) Hidden
    REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
    REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.868.867.071015 - REALTEK Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0276 - REALTEK Semiconductor Corp.)
    RogueKiller version 14.8.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.6.0 - Adlice Software)
    SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
    Sky Go 21.3.2.0 (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\com.bskyb.skygoplayer_is1) (Version: 21.3.2.0 - Sky)
    Skype version 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
    TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
    User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
    User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
    VLC media player (HKLM\...\VLC media player) (Version: 3.0.13 - VideoLAN)
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
    Zoom (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

    Packages:
    =========
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-24] (HP Inc.)
    Lenovo Account Portal -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-24] (LENOVO INCORPORATED.)
    Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-18] (LENOVO INCORPORATED.)
    Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-10] (LENOVO INC.)
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-22] (Microsoft Studios) [MS Ad]
    MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-02-23] (Microsoft Corporation)
    MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
    Open PDF + -> C:\Program Files\WindowsApps\3538OpenOffice.OpenOfficePDF_1.25.0.2_neutral__nmw6e14cfhspc [2017-04-05] (Open PDF, Word, Excel)
    Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation)
    Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

  14. #14
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    121
    part 2

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\molli\Dropbox [2016-04-18 23:36]
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-01] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-03-21] (Advanced Micro Devices, Inc.) [File not signed]
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-29] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-01] (Malwarebytes Corporation -> Malwarebytes)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    ShortcutWithArgument: C:\Users\molli\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

    ==================== Loaded Modules (Whitelisted) =============

    2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer (Whitelisted) ==========

    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
    SearchScopes: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002 -> DefaultScope {E09A2151-3467-4174-8E16-BD5B6D09480F} URL =
    SearchScopes: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://ie.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180520__yaie&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002 -> {E09A2151-3467-4174-8E16-BD5B6D09480F} URL =
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
    IE trusted site: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\localhost -> localhost

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\RogueKiller;%SYSTEMROOT%\System32\OpenSSH\
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
    DNS Servers: 89.101.160.5 - 89.101.160.4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (If an entry is included in the fixlist, it will be removed.)

    MSCONFIG\Services: AdaptiveSleepService => 2
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AMD External Events Utility => 2
    MSCONFIG\Services: AvrcpService => 2
    MSCONFIG\Services: BTDevManager => 2
    MSCONFIG\Services: CCSDK => 2
    MSCONFIG\Services: DAX2API => 2
    MSCONFIG\Services: dbupdate => 2
    MSCONFIG\Services: dbupdatem => 3
    MSCONFIG\Services: DbxSvc => 2
    MSCONFIG\Services: ETDService => 2
    MSCONFIG\Services: GDCAgent => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
    MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
    MSCONFIG\Services: ImControllerService => 2
    MSCONFIG\Services: isesrv => 2
    MSCONFIG\Services: LSC.Services.SystemService => 3
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: ShareItSvc => 3
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: tbaseprovisioning => 2
    HKLM\...\StartupApproved\Run: => "RTHDVCPL"
    HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
    HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
    HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
    HKLM\...\StartupApproved\Run: => "LenovoUtility"
    HKLM\...\StartupApproved\Run: => "DAX2_APP"
    HKLM\...\StartupApproved\Run: => "BtServer"
    HKLM\...\StartupApproved\Run: => "StartCN"
    HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
    HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
    HKLM\...\StartupApproved\Run32: => "Dropbox"
    HKLM\...\StartupApproved\Run32: => "HP Software Update"
    HKLM\...\StartupApproved\Run32: => "AvgUi"
    HKLM\...\StartupApproved\Run32: => "CCAV"
    HKLM\...\StartupApproved\Run32: => "IseUI"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "BlueCoreInterfaceTrayApp"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "Skype for Desktop"

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [UDP Query User{B4BBEFFA-D6F9-40EE-B1AA-62F3E33811BC}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [TCP Query User{98EF0F8A-EA8F-4BC6-BD89-BDA31E78E6A0}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{017DE5D4-AD84-4DC0-95E5-ABD8BF8EE798}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{F52C28C9-9366-459C-A3B0-6C8254768177}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{4E23B58B-772A-4715-8147-E6F9CE0F8DA8}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{4BDE54F4-F4AA-418C-B827-5D846D7B60D8}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{0153588C-5FB3-4D90-8EFF-896EA03A5163}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{833CA06F-2383-4DE5-BCFE-5A188FE9C97B}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{5C5718B9-8431-45F5-9680-332D313FB851}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{5F4B4C58-67ED-4C3E-BF28-8A222859F44D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe => No File
    FirewallRules: [{3B00B3BB-D7B1-4959-B94E-F2C3C4197294}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe => No File
    FirewallRules: [{C68F0323-BF3C-4B18-93E6-5C71B4E0004B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe => No File
    FirewallRules: [{F8471373-7EBC-4765-BA54-9DEA00BE2D59}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe => No File
    FirewallRules: [{9075C3E2-1C35-4E00-A903-70DA441A9695}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe => No File
    FirewallRules: [{52166BF9-0F9A-4E5D-AECD-DE1891C690BF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe => No File
    FirewallRules: [{3F940AA2-3D16-4E16-8EFA-86CECCA919A4}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
    FirewallRules: [{A63FB4BF-0BCA-40BE-BCB9-500EA0672707}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{311A8BD1-BF43-4133-848C-85E82D700222}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{251D6BEC-47FD-4DBB-91BB-701F9A5308C0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
    FirewallRules: [{BD44DEAD-03E8-4C67-A61E-526547D9837A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{DF6DC4B7-3E77-4BDB-843F-C58306E2AD4D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{8D8BCE91-46A0-4AA7-9DDA-0C711CDFB03F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{CA1583A6-95A2-4EF1-B998-1E7D28852466}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{6864749C-43B2-47C4-9E3B-763CA1593B3C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe (Hewlett-Packard Co.) [File not signed]
    FirewallRules: [{8ADED271-20FF-4CDB-96C1-0E7D9F007AEE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{3B78500B-C9E9-4833-9B29-1C46AA276348}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{9472BDAA-662C-4F29-98B0-F714B153823B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{6283E653-DEE2-4E9D-8C74-B703E4567583}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{AFBDFC6D-17BC-4E03-8CBC-83BB1321047A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{21454B6C-61C2-426A-A63C-2AF316F2136D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{ECBAF2CC-E2CC-42DA-89A5-6A2B10F9FBEC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{D5D81A35-A848-4BBE-BC40-163CFB49E067}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{85C72577-23C7-4ADC-A6AF-A4769E09CF0F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{D35F49DC-8A11-49AD-ADC4-E786156CEA02}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{7C11E1D0-001D-40B3-8239-B4A851C674FF}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
    FirewallRules: [{A00A74F3-7F75-4658-8241-C2A62B52A4E0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
    FirewallRules: [{136EA3A9-FCF2-498C-A2D1-3C64CF935121}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
    FirewallRules: [{07A9E33B-637E-44C4-92F6-EA1B6593A40A}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{B8AED7C4-57CF-4BDD-BF0A-6C95BB4DDD9D}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{59C3339F-516B-4E70-8E88-76BCE2D043C1}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{06892A88-06A5-4BF4-9F47-AFBC50AAA457}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{E55B8E25-78E6-4B2F-A90C-17F0E934666F}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{F2140B2B-F580-4E87-9161-671669890C72}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{819D00F5-A1E6-4C58-B35F-E4C807B36E9F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe => No File
    FirewallRules: [{94730DE6-53B6-46EA-BCDA-41F5D74CC353}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe => No File
    FirewallRules: [{60A21992-E398-45A0-AF2D-A17B779B4092}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{BDC37857-2E60-42C9-980D-A80853E8482D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{16BEC197-F2C0-4637-AEDF-39DD6253E835}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{4AF58AC9-0DC3-4BD1-AB98-1A8B0E9ADEA4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{52F0F72F-5953-4EF6-A2C6-CFB2E691E464}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{4DF68B5B-2658-4C83-A9E0-8CF8D60766E6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{573CF173-FCF2-46F6-AE50-D5E55A198771}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{69B17E52-9949-4B1D-9AFD-1885A282EB3C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [TCP Query User{1355592A-4A96-4249-93CB-99AAE9C7F540}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [UDP Query User{2888709D-154C-4049-9F14-A948FBAC2BC0}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{619D3753-3ED0-4DBE-B0EC-7AA30E3D707F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{C7E88DF9-0421-4A89-B2A3-3AD2DAC1536D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{227E8EAD-057D-42F5-9A97-F7E721B5FDA9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{D72F1822-3965-4AF2-8290-FC68EB482EF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{4D3AB164-9A42-46CF-AB38-1C0E810539E5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{ECF6277C-8D06-4D59-9AF7-24DB15C72DC1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{1F8496B5-5B4C-4E27-8B99-5B7B6A34830A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{4EB500C6-955C-4757-90B2-DD602E3A77CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{64C945B8-CEBE-4501-80DC-BEF8850ADB50}] => (Allow) C:\Users\molli\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{ED574D08-AD4D-43BD-B1BD-3A36B1248963}] => (Allow) C:\Users\molli\AppData\Roaming\Zoom\bin\airhost.exe => No File
    FirewallRules: [{23DDCAE4-ECE6-4C75-870E-5A64B5906071}] => (Allow) C:\Users\molli\AppData\Roaming\Zoom\bin\airhost.exe => No File
    FirewallRules: [{5A0236EA-1A5C-45C7-95ED-61D6E814FF54}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
    FirewallRules: [{3BE48C7E-3B17-4669-AB60-7897039C9A13}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
    FirewallRules: [{E71D5BF6-E3F8-4F94-99B8-E84B313CE7E9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    FirewallRules: [{D12DE27A-DD71-4F7A-B35E-DAB9E9E32A06}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    FirewallRules: [{03BA5ABB-3835-4518-B295-548C5843D66B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{0AD7C750-9939-4440-8A4D-C64B4E11D7C7}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
    FirewallRules: [{9E847F8E-0DE9-4540-974B-8D7DAC3F4290}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    FirewallRules: [{F557AF5F-83B9-41EC-8E7F-3D3246E0816D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    FirewallRules: [{3271DA3E-5AA4-4E70-9CFB-A344BA5A722D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    FirewallRules: [{483D915E-5473-43F8-BBA2-AF8DA3975012}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
    FirewallRules: [{7236B0E4-92B2-4063-92BF-A3D9B510776B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

    ==================== Restore Points =========================

    02-06-2021 00:00:09 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices ============


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (06/02/2021 12:21:45 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
    Description: The storage optimizer couldn't complete retrim on LENOVO (D because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

    Error: (06/01/2021 11:25:40 PM) (Source: SecurityCenter) (EventID: 17) (User: )
    Description: Security Center failed to validate caller with error %1.

    Error: (06/01/2021 02:35:26 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: svchost.exe_Dnscache, version: 10.0.19041.546, time stamp: 0x058e175a
    Faulting module name: DNSAPI.dll, version: 10.0.19041.928, time stamp: 0x15e35b5b
    Exception code: 0xc0000005
    Fault offset: 0x0000000000025eb0
    Faulting process id: 0xaf4
    Faulting application start time: 0x01d75649aa271bbd
    Faulting application path: C:\WINDOWS\system32\svchost.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\DNSAPI.dll
    Report Id: 7bb9c77f-3952-42c0-ae0a-9d50929f39a6
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (05/31/2021 02:10:50 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ETDCtrl.exe, version: 11.59.4.35, time stamp: 0x55cc984f
    Faulting module name: ntdll.dll, version: 10.0.19041.964, time stamp: 0xbd2c3c23
    Exception code: 0xc0000005
    Fault offset: 0x00000000000a3d13
    Faulting process id: 0x1b2c
    Faulting application start time: 0x01d749a5756adebd
    Faulting application path: C:\Program Files\Elantech\ETDCtrl.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
    Report Id: 77ddf379-e32b-44ad-a8ba-5b706721d8e9
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (05/29/2021 09:37:31 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-3VS60BL9)
    Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

    Error: (05/28/2021 09:56:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program Video.UI.exe version 10.21021.1031.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 38d4

    Start Time: 01d753fdefc9833f

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.21021.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe

    Report Id: c4aff1c9-4454-4366-9ad3-0bb64ee970e8

    Faulting package full name: Microsoft.ZuneVideo_10.21021.10311.0_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: Microsoft.ZuneVideo

    Hang type: Cross-process

    Error: (05/27/2021 08:55:02 PM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

    Error: (05/27/2021 08:55:01 PM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.


    System errors:
    =============
    Error: (06/02/2021 02:06:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The System Interface Foundation Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/02/2021 02:06:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The LenovoVantageService service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/02/2021 02:06:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Dolby DAX2 API Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/02/2021 02:06:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The HP Print Scan Doctor Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

    Error: (06/02/2021 02:06:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/02/2021 02:06:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The System Update service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/02/2021 02:06:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The RogueKiller RTP service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

    Error: (06/02/2021 02:06:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Microsoft Office ClickToRun Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.


    CodeIntegrity:
    ===============
    Date: 2021-06-02 21:30:36
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


    ==================== Memory info ===========================

    BIOS: LENOVO CECN43WW 09/15/2015
    Motherboard: LENOVO Allsparks 5B
    Processor: AMD FX-8800P Radeon R7, 12 Compute Cores 4C+8G
    Percentage of memory in use: 75%
    Total physical RAM: 7127.18 MB
    Available physical RAM: 1760.49 MB
    Total Virtual: 20951.18 MB
    Available Virtual: 13915.38 MB

    ==================== Drives ================================

    Drive c: (Windows) (Fixed) (Total:885.92 GB) (Free:49.57 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.14 GB) NTFS

    \\?\Volume{fe75932f-00b7-47b2-a944-89a1e2c3e23e}\ () (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
    \\?\Volume{0919af76-0e0f-4460-9657-7a2ecada3e3a}\ (LENOVO_PART) (Fixed) (Total:18.37 GB) (Free:6.39 GB) NTFS
    \\?\Volume{1d2c27e8-96fa-4a45-ae0c-42bcf61cbb5b}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: C57589EA)

    Partition: GPT.

    ==================== End of Addition.txt =======================

  15. #15
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,493
    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
    Attached Files Attached Files

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •