Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.11.
2018
Ran by My DELL (14-11-2018 20:40:13)
Running from C:\Users\My DELL\Downloads
Windows 10 Pro Version 1803 17134.407 (X64) (2018-05-22 18:31:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2624762605-3417080125-3309590312-500 - Administrator -

Disabled)
DefaultAccount (S-1-5-21-2624762605-3417080125-3309590312-503 - Limited - Disabled)
Guest (S-1-5-21-2624762605-3417080125-3309590312-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2624762605-3417080125-3309590312-1002 - Limited - Enabled)
My DELL (S-1-5-21-2624762605-3417080125-3309590312-1000 - Administrator - Enabled)
=> C:\Users\My DELL
WDAGUtilityAccount (S-1-5-21-2624762605-3417080125-3309590312-504 - Limited -
Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to
unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2624762605-3417080125-3309590312-1000\...\uTorrent)
(Version: 3.5.4.44520 - BitTorrent Inc.)
3uTools (HKLM-x32\...\3uTools) (Version: 2.0 - ShangHai ZhangZheng Network
Technology Co., Ltd.)
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version:
18.011.20038 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100})
(Version: 19.008.20081 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05
- Creative Technology Ltd)
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-
EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Akai Professional - Internal MIDI (HKLM-x32\...\Internal MIDI) (Version: 1.1 - Akai
Pro)
Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-
32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-
12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B})
(Version: 11.0.2.4 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-
D38F370118B3}_is1) (Version: 7.0.11.0 - Auslogics Labs Pty Ltd)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
AVS Video Editor 8.0.3 (HKLM-x32\...\AVS Video Editor_is1) (Version: 8.0.3.303 -
Online Media Technologies Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
ClipGrab 3.6.6 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:
- Philipp Schmieder Medien)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec
Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
CrX 4 (HKU\S-1-5-21-2624762605-3417080125-3309590312-1000\...\CrX 4) (Version: - )
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0637 - Disc Soft
Ltd)
Debian-Installer loader (HKLM-x32\...\Debian-Installer Loader) (Version: 0.8.4
+kernels - The Debian Project)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dell Custom Help (HKLM\...\{BE1CF6CA-3182-45D8-9535-A18055B73607}) (Version:
16.01.1000.0235 - Intel Corporation) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:
10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative
Technology Ltd)
Duplicate Sweeper (HKLM-x32\...\{02C94243-9CE7-42CA-9F77-E8AE00BB1DF5}) (Version:
1.87 - Wide Angle Software)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.215 - Dell
Inc.)
Electra2 full (HKLM\...\Tone2 Electra2 full_is1) (Version: 2.1.0 - Tone2)
ElectraX full (HKLM\...\Tone2 ElectraX full_is1) (Version: - Tone2)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-
F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-
009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA})
(Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2})
(Version: 1.3.24.7 - Google Inc.) Hidden
Hybrid Content (HKLM-x32\...\{9E822C67-B1C4-4E85-870C-23ADE106BB4F}) (Version:
3.0.0.18468 - AIR Music Tech GmbH)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version:
1.0.6491.0 - IDT)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-
C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA})
(Version: 10.18.10.4425 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-
4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b6b417a3-1f40-4618-aadd-
49628bda7836}) (Version: 16.1.1 - Intel Corporation)
iSpring Free Cam 8 (HKLM-x32\...\{9E6D2789-25C1-4884-ACAA-32F187F96410}) (Version:
8.3.15297 - iSpring Solutions Inc.)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version:
8.0.1510.12 - Oracle Corporation)
Luxonix Purity VSTi v1.1.2 (HKLM-x32\...\Luxonix Purity VSTi_is1) (Version: - )
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-
0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2624762605-3417080125-3309590312-
1000\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version:
5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-
51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-
3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-
6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-
38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-
F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\
{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft
Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-
B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\
{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft
Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\
{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft
Corporation)
{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft
Corporation)
{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft
Corporation)
{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft
Corporation)
MPC 1.1.0 (HKLM-x32\...\MPC_is1) (Version: 1.1.0 - Akai Professional)
MPC 1.9.6 (HKLM\...\com.akaipro.mpc.standard_is1) (Version: 1.9.6 - Akai
Professional)
MPC Factory Content 1.1.0 (HKLM-x32\...\MPC Factory Content_is1) (Version: 1.1.0 -
Akai Professional)
MPC Studio driver (HKLM\...\USB_AUDIO_DEusb-audio.deAkaiACV1) (Version: - )
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:
5.6.6.16 - Native Instruments)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA 3D Vision Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA nView 148.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView)
(Version: 148.03 - NVIDIA Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\{D535FC73-1F63-4347-896A-
C97A45F11E9C}) (Version: 3.0.07.44 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{D535FC73-
1F63-4347-896A-C97A45F11E9C}) (Version: 3.0.07.44 - O2Micro International LTD.)
Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version:
2.7.0 - Microleaves) Hidden <==== ATTENTION
Open RegEdit (HKLM-x32\...\Open RegEdit2.0) (Version: 2.0 - Easy Desk Software)
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version:
4.13.9783 - Apache Software Foundation)
Oracle VM VirtualBox 5.2.8 (HKLM\...\{A7F49FA5-9FCA-4936-8652-CD00206D9300})
(Version: 5.2.8 - Oracle Corporation)
Proteus VX (HKLM-x32\...\Proteus VX) (Version: - )
qBittorrent 4.1.3 (HKLM-x32\...\qBittorrent) (Version: 4.1.3 - The qBittorrent
project)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-
49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-
x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 -
Renesas Electronics Corporation)
Reveal Sound Spire (HKLM-x32\...\Reveal Sound Spire) (Version: 1.1.9 - Reveal
Sound)
Sandboxie 5.26 (64-bit) (HKLM\...\Sandboxie) (Version: 5.26 - Sandboxie Holdings,
LLC)
SearchAwesome (HKLM-x32\...\ZDRhNmY4ZjhlNzYzOG) (Version: 13.14.1.308 (i1.0) -
SearchAwesome) <==== ATTENTION
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-
9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0046 - ST Microelectronics)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Uninstall Tool Setup 3.5.6.0 (HKLM-x32\...\Uninstall Tool Setup 3.5.6.0) (Version:
3.5.6.0 - CrystalIDEA Software)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 -
LunarG, Inc.)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1)
(Version: 3.49.2 - HTTrack)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.7-0 - Bitnami)
Zero Install (current user) (HKU\S-1-5-21-2624762605-3417080125-3309590312-
1000\...\Zero Install_is1) (Version: 2.14.6 - 0install.de)
ZMatrix 1.5.2 (HKLM-x32\...\ZMatrix_is1) (Version: 1.5.2 - Happy Dude)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2624762605-3417080125-3309590312-1000_Classes\CLSID\
{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 ->
C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [# MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-
BA2E9197FF8C} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [# MEGA (Synced)] -> {05B38830-F4E9-4329-978B-
1DD28605D202} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [# MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-
873BE6890637} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>
C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-10] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [# MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-
BA2E9197FF8C} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [# MEGA (Synced)] -> {05B38830-F4E9-4329-978B-
1DD28605D202} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [# MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-
873BE6890637} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>
C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-
18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat
Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>
C:\Program Files\Notepad++\NppShell_06.dll [2018-03-18] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-
0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-09-22]
(Piriform Ltd)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7}
=> C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-
0228EC7D5F17} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-
1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (Disc
Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-
12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (Disc
Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>
C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No
File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>
C:\WINDOWS\system32\igfxDTCM.dll [2016-06-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-
BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-
18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat
Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-
0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-09-22]
(Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>
C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
Task: {00820D5B-FDD8-4B29-99FE-8A5A645367F3} -
System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {074B27E0-B98A-4A2A-88EC-E855A56C78C6} -
System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks =>
Task: {07B0D032-0CC2-4EE2-99BE-D6A7E346054D} -
System32\Tasks\industriousnessindustriousness => C:\Program Files
(x86)\Hyssop\scherer.exe [2018-10-08] ()
Task: {0D0D692C-58A9-487E-86CF-E9596989F4FE} - System32\Tasks\CCleanerSkipUAC =>
C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {0FD29AC3-A27E-43E1-BE0B-114D8C22A3AA} -
System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery =>
Task: {1116E05D-152F-43CB-9A92-03D23E19CED2} -
System32\Tasks\Microsoft\Windows\Media Center\mcupdate =>
C:\WINDOWS\ehome\mcupdate.exe
Task: {1372E9EC-4DDC-4EE9-AF99-3B2859507C78} -
System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch =>
Task: {16D68719-7811-4AD3-8EC4-7A59D9A4A228} -
System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot =>
Task: {2058BB52-166F-49BA-8C39-52810756BAFE} - System32\Tasks\nWizard_{B2FE1952-
0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
[2017-03-14] ()
Task: {20ADF1F2-A8FF-4F6F-ADDB-9432BFCDFFDD} -
System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.)
Task: {2A5D18DD-DA5A-481A-8AB6-51044D717E24} - System32\Tasks\S-1-5-21-2624762605-
3417080125-3309590312-1000\DataSenseLiveTileTask =>
C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {3DAE6CAB-2F2F-42C1-9A91-278C033ECD10} - System32\Tasks\Adobe Flash Player
Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-
08-18] (Adobe Systems Incorporated)
Task: {45476D15-BF70-497A-861A-49E1DA3B9544} - System32\Tasks\sidewinder
collectivitysidewinder collectivity => C:\Program Files
(x86)\Snooping\Diversification.exe
Task: {471F63E3-2C06-437B-B7EC-4950BAB372ED} - System32\Tasks\Online Application
V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-
Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {4800A4AA-7BC2-4513-BBE8-DEAC836C6DEF} - System32\Tasks\Microsoft\Microsoft
Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {4840A0A8-4481-4380-9A0E-B3BD0B2D7F46} -
System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup =>
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe
[2018-10-22] (Microsoft Corporation)
Task: {4A21430B-06A3-4986-AD0C-0A0CD2E88D85} - System32\Tasks\antiabortion_monrovia
=> C:\Program Files (x86)\Snooping\Cocky.exe
Task: {4DB34289-2640-4655-80C4-581CCE176030} - System32\Tasks\AdobeGCInvoker-1.0-
MicrosoftAccount-puzzlestrack@gmail.com => C:\Program Files (x86)\Common
Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems,
Incorporated)
Task: {51E82CE4-D6E3-4D69-988D-B9FA090B1DB8} -
System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery =>
Task: {52325727-8286-4242-82D2-0569ECCF3CFD} - System32\Tasks\Avast
Software\Overseer => C:\Program Files\Common Files\avast
software\overseer\overseer.exe [2018-10-29] (AVAST Software) <==== ATTENTION
Task: {574EB072-4447-4EC9-AB17-35A29BB87403} -
System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart =>
C:\WINDOWS\ehome\ehrec.exe
Task: {615846FA-AA85-4752-8EC9-48621E7017CF} -
System32\Tasks\antiabortion_monroviaantiabortion_monrovia => C:\Program Files
(x86)\Snooping\Cocky.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} -
System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask =>
C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {75926C1A-1CDF-4C9A-AA82-F244E5CE58F1} -
System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask =>
Task: {7F491E86-C3E2-42E5-A7F9-C1997074AE7B} - System32\Tasks\Microsoft\Microsoft
Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft
Security Client\\MpCmdRun.exe
Task: {9089D418-4517-445A-A4BB-FE04EEC8A031} -
System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService =>
Task: {934087EB-4107-42FD-A95C-29F813CD6D98} -
System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit =>
Task: {9BED1151-ABF3-46CF-BE22-C202B48AEA55} - System32\Tasks\industriousness =>
C:\Program Files (x86)\Hyssop\scherer.exe [2018-10-08] ()
Task: {9CB3D307-747D-42B9-BB65-D95B08C523A5} -
System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask =>
Task: {A241C4E9-F4DA-49A4-9857-73E7ED2E6C0B} -
System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification =>
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe
Task: {A2B89AD4-DD09-4E4C-B887-04F4D462E5C1} -
System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache
Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-
0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {A32CA824-9E57-4B26-A097-2E63BFDBC371} - System32\Tasks\Online Application
Task: {A79F4F67-F5AC-438C-950C-D65F9BDEC3AA} -
System32\Tasks\Microsoft\Windows\Media Center\StartRecording =>
C:\WINDOWS\ehome\ehrec.exe
Task: {B7B9D6F0-1DBF-40A8-ADF6-8C8C2FD95167} -
System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry =>
C:\WINDOWS\ehome\MCUpdate.exe
Task: {C5534E03-5A18-430C-89BD-28ABD67B6944} - System32\Tasks\Online Application
Task: {C7140BA1-B04B-4CC3-9CA9-C8DDA568FF25} - System32\Tasks\Online Application
Task: {CD2E8EAD-7E9D-44E3-963C-CC393CC6134A} - System32\Tasks\Online Application
Task: {CDFE3431-0C0E-462F-B544-C4F1A625931C} -
System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan
=> C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe
Task: {CE70FC58-2130-49C2-B47E-13FEA9BEAE8D} -
System32\Tasks\Updater_Online_Application => C:\Program Files
(x86)\Microleaves\Online Application\Online Application Updater.exe [2017-11-09]
(Microleaves) <==== ATTENTION
Task: {D38CAB9A-9B63-459A-9CCD-28184630C6F3} -
System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 =>
Task: {DB093597-8055-4402-A916-DA87D3A1A61E} - System32\Tasks\Online Application
Task: {DC3B082F-D257-4D81-9FBD-4E0F39EE3C91} -
System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath =>
Task: {E17138C5-8F39-4B03-A58D-63F69795DA89} -
System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch =>
Task: {E5FB7FE7-001F-4117-9E47-142AFFB24F45} - System32\Tasks\Adobe Acrobat Update
Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13]
(Adobe Systems Incorporated)
Task: {EC5ECCFE-C19F-4979-9B72-466F0571FE66} -
System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 =>
Task: {ECD4797C-C4DD-4F9E-82D5-006FF3498643} - System32\Tasks\Avast Emergency
Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-10] (AVAST
Software)
Task: {ED9235A8-3066-483A-9D42-69C8F8564673} -
System32\Tasks\Microsoft\Windows\Media Center\OCURActivate =>
Task: {F38EF840-176C-48E5-B4CE-560C850011E0} - System32\Tasks\sidewinder
collectivity => C:\Program Files (x86)\Snooping\Diversification.exe
Task: {F4FBA863-448B-42F1-806F-5A97A7E2AD08} -
System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask =>
Task: {FA3B1F5C-0B36-4035-AC5B-0BCFD4C8A514} -
System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask =>
Task: {FCD28BC3-CB2B-4029-8E46-4C2236B44E2D} -
System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask =>
Task: {FCD57076-EFA5-4FB4-9C6F-15CD8F0DACA5} -
System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The
file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files

(x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <====
ATTENTION
ATTENTION
ATTENTION
ATTENTION
ATTENTION
ATTENTION
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files
(x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\My DELL\AppData\Roaming\Microsoft\Internet

Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files
(x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\My DELL\AppData\Roaming\Microsoft\Internet
Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files
(x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google
Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google
Inc.) -> --disable-quic
==================== Loaded Modules (Whitelisted) ==============
2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common

Files\Apple\Apple Application Support\zlib1.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common
Files\Apple\Apple Application Support\libxml2.dll
2018-10-09 14:14 - 2018-10-27 19:39 - 002695360 ____C () C:\PROGRAM
FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-08-21 18:44 - 2016-12-29 08:16 - 000134712 _____ () C:\Program Files\NVIDIA
Corporation\Display\NvSmartMax64.dll
2018-10-08 04:29 - 2018-10-08 04:29 - 000061431 _____ () C:\Program Files
(x86)\Hyssop\scherer.exe
2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ ()
C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 _____ ()
C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 002759168 _____ ()
C:\Windows\ShellComponents\TaskFlowUI.dll
2018-03-18 18:40 - 2018-03-18 18:40 - 000230064 _____ () C:\Program Files\Notepad+
+\NppShell_06.dll
2018-11-13 15:03 - 2018-11-13 15:03 - 001967256 _____ () C:\Program
Files\ZDRhNmY4ZjhlNzYzOG\NzNjNDE1OTVi.exe
2018-11-13 16:29 - 2018-11-01 01:55 - 002185216 ____C ()
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-22 17:35 - 2018-10-22 17:35 - 035118592 _____ () C:\Program
Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.
exe
2018-10-22 17:35 - 2018-10-22 17:35 - 000290816 _____ () C:\Program
Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.
dll
2018-10-22 17:35 - 2018-10-22 17:35 - 005987328 _____ () C:\Program
Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon
.dll
2017-09-26 09:40 - 2017-09-26 09:40 - 003553704 _____ () C:\Program
Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft
.UI.Xaml.dll
2018-10-22 17:35 - 2018-10-22 17:35 - 009064448 _____ () C:\Program
Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.d
ll
2018-11-13 20:32 - 2018-11-13 20:32 - 000183808 _____ () C:\Program
Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundH
ost.exe
2016-01-06 11:41 - 2015-06-24 20:23 - 000020288 _____ () C:\Program
Files\CCleaner\branding.dll
2015-04-10 16:38 - 2003-04-18 07:36 - 000008192 _____ ()
C:\Windows\SysWOW64\srvany.exe
2018-09-25 17:33 - 2018-09-25 17:33 - 000479232 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Mi
crosoft.Photos.exe
2018-09-25 17:33 - 2018-09-25 17:33 - 069128192 _____ () C:\Program
crosoft.Photos.dll
2017-10-05 14:09 - 2017-10-05 14:11 - 002523136 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Un
ityEngineDelegates.dll
2018-09-25 17:33 - 2018-09-25 17:33 - 000010752 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Re
nderingPlugin.dll
2018-04-26 13:37 - 2018-04-26 13:38 - 000009216 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Im
agePipelineNative.dll
2018-08-31 19:35 - 2018-08-31 19:35 - 003699200 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Me
diaEngineCSWrapper.dll
2018-08-31 19:35 - 2018-08-31 19:35 - 000035328 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Wi
nMLWrapper.UWP.dll
2018-08-17 11:06 - 2018-08-17 11:07 - 002480640 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\op
encv_imgproc320.dll
2018-08-17 11:06 - 2018-08-17 11:07 - 002280960 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\op
encv_core320.dll
2018-04-05 17:08 - 2018-04-05 17:10 - 002283008 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Tr
ackingDLLUWP.dll
2018-09-25 17:33 - 2018-09-25 17:33 - 014171648 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Ph
otosApp.Windows.dll
2018-08-31 19:35 - 2018-08-31 19:35 - 003544576 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Me
diaEngine.dll
2018-09-25 17:33 - 2018-09-25 17:33 - 002866176 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Ap
pCore.Windows.dll
2018-08-31 19:35 - 2018-08-31 19:35 - 000973312 _____ () C:\Program
Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Ru
ntimeConfiguration.dll
2018-07-27 10:14 - 2018-07-27 10:15 - 004584960 _____ () C:\Program
crosoft.UI.Xaml.dll
2018-10-06 15:31 - 2018-10-06 15:32 - 032535040 _____ () C:\Program
Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\Music.UI.
exe
2018-10-06 15:31 - 2018-10-06 15:32 - 000290816 _____ () C:\Program
Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\SharedUI.
dll
2017-12-01 10:08 - 2017-12-01 10:08 - 000902656 _____ () C:\Program
Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\Microsoft
.Membership.MeControl.UI.Xaml.dll
2017-09-26 09:40 - 2017-09-26 09:40 - 003553704 _____ () C:\Program
Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\Microsoft
.UI.Xaml.dll
2018-10-06 15:31 - 2018-10-06 15:31 - 005951488 _____ () C:\Program
Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\EntCommon
.dll
2018-11-12 17:59 - 2018-11-08 17:14 - 005020504 ____C () C:\Program Files
(x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll
2018-11-12 17:59 - 2018-11-08 17:14 - 000116056 ____C () C:\Program Files
(x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll
2018-10-10 18:33 - 2018-10-10 18:33 - 000919256 _____ () c:\program files\avast
software\avast\anen.dll
software\avast\streamback.dll
software\avast\defs\18111404\algo.dll
2018-10-10 18:33 - 2018-10-10 18:33 - 000496856 _____ () C:\Program Files\AVAST
Software\Avast\gui_cache.dll
Software\Avast\hns_tools.dll
Software\Avast\shepherdsync.dll
2018-11-14 14:53 - 2018-11-14 14:53 - 001577984 _____ () C:\WINDOWS\qmkmsrhjn.qmkms
2015-04-10 16:43 - 2013-11-13 14:23 - 001242584 _____ () C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
Software\Avast\libcef.dll
2017-10-04 15:43 - 2016-10-08 16:03 - 001506304 ____C () C:\Program Files
(x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2017-10-04 15:43 - 2016-07-21 09:54 - 000137728 ____C () C:\Program Files
(x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2018-11-06 14:02 - 2018-11-06 14:02 - 030684144 ____C () C:\Program Files
(x86)\Adobe\Acrobat DC\Acrobat\Acrobat.dll
2018-11-06 14:02 - 2018-11-06 14:02 - 000423408 ____C () C:\Program Files
(x86)\Adobe\Acrobat DC\Acrobat\sqlite.dll
2018-11-06 14:02 - 2018-11-06 14:02 - 082922992 ____C () C:\Program Files
(x86)\Adobe\Acrobat DC\Acrobat\AcroCEF\libcef.dll
2017-11-02 05:51 - 2017-11-02 05:51 - 000199864 _____ () C:\Program Files
(x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
"AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to
default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2018-11-13 11:49 - 000000858 ____C

C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2624762605-3417080125-3309590312-1000\Control Panel\Desktop\\Wallpaper
-> C:\Users\My DELL\Downloads\http___wallvie.com_wp-content_uploads_2018_05_High-
Quality-Of-Boondocks-Wallpaper-The-Mobile.jpg
DNS Servers: 8.8.8.8 - 4.2.2.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =>
(ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers =>
ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run32: => "Dell Webcam Central"

HKU\S-1-5-21-2624762605-3417080125-3309590312-1000\...\StartupApproved\Run: =>
"OneDrive"
"DAEMON Tools Pro Agent"
"Real Hide IP"
"uTorrent"
"CyberGhost"
==================== FirewallRules (Whitelisted) ===============
FirewallRules: [{50D09FCA-99A4-4F22-85E0-C2272C3B2913}] => (Allow) C:\Program Files

(x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{B56ECEEF-66B4-4E73-8756-E27669949A12}] => (Allow) LPort=80
FirewallRules: [{4763198C-AECB-4741-A342-2B8146B8AFEF}] => (Allow) C:\Program Files
(x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe
FirewallRules: [{95ACF2C6-5E4A-45A2-B8D8-7FD9BBE17D49}] => (Allow) C:\Program Files
(x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe
FirewallRules: [{145313D2-D8F2-4093-86D1-6803EF1B9BE0}] => (Block) C:\program files
(x86)\keepvid\keepvid pro (desktop)\downloadres\urlreqservice.exe
FirewallRules: [{436DE458-B096-4F09-9826-0AB5E1CCA76D}] => (Block) C:\program files
(x86)\keepvid\keepvid pro (desktop)\downloadres\urlreqservice.exe
FirewallRules: [UDP Query User{FEFCBB20-E21D-4F32-833F-C82A81B089AC}C:\program
files (x86)\keepvid\keepvid pro (desktop)\downloadres\urlreqservice.exe] => (Allow)
C:\program files (x86)\keepvid\keepvid pro (desktop)\downloadres\urlreqservice.exe
FirewallRules: [TCP Query User{71DCC47F-4312-4A19-B9B9-F94BAE655F61}C:\program
files (x86)\keepvid\keepvid pro (desktop)\downloadres\urlreqservice.exe] => (Allow)
C:\program files (x86)\keepvid\keepvid pro (desktop)\downloadres\urlreqservice.exe
FirewallRules: [{499CCAEF-537C-47A7-97FA-9C57CD250E7F}] => (Allow) C:\Users\My
DELL\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D49AFA76-5065-4026-A104-CBD673AC61A7}] => (Allow) C:\Users\My
DELL\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{868B38AB-A68F-4CC6-947D-
06E3E13F3856}C:\xampp\apache\bin\httpd.exe] => (Allow)
C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{B9767CAA-5057-4590-A50C-
4A842CE866A0}C:\xampp\apache\bin\httpd.exe] => (Allow)
FirewallRules: [{BCA16421-03FA-47D2-855D-991417B36A85}] => (Block)
FirewallRules: [{FA06EF24-6D9C-4C2C-93B1-735C65C7C744}] => (Block)
FirewallRules: [TCP Query User{88042604-54F9-4A35-838B-
035A7027F3E8}C:\xampp\mysql\bin\mysqld.exe] => (Allow)
C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{EA60F2BD-1AE9-4BCF-9C19-
BF1D28C94392}C:\xampp\mysql\bin\mysqld.exe] => (Allow)
FirewallRules: [{A84FF1D1-C384-4733-AFAE-971B60422331}] => (Block)
FirewallRules: [{3AEDC320-28EC-4329-8DE8-88C0A4385CC9}] => (Block)
FirewallRules: [{0E4F054F-0FB8-46AB-AD25-E59A9BF226F2}] => (Allow) C:\Program
Files\qBittorrent\qbittorrent.exe
FirewallRules: [{8E9BEF0F-A34F-4A43-B34A-59B75FFCEA08}] => (Allow) C:\Program
Files\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{BE5A2A4B-5F62-431B-9B61-266AEA8DE0FD}C:\program
files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] =>
(Allow) C:\program
files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [UDP Query User{78863652-8971-4248-9C0B-8970A9094EFD}C:\program
files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] =>
(Allow) C:\program
files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{84554234-775B-4DEA-8943-1999CBF35655}] => (Allow) C:\Program Files
(x86)\Inguinal\Cocky.exe
FirewallRules: [{D76CE313-A755-4CB1-B83D-5A0EF5A333C1}] => (Allow) C:\Program Files
(x86)\Snooping\Cocky.exe
FirewallRules: [{D43FC784-7B0C-4048-BD49-8F73AA9A38D1}] => (Allow) C:\Program Files
(x86)\misapprehension\Diversification.exe
FirewallRules: [{84CFB3EE-270F-4D83-A5B6-6432B72CF013}] => (Allow) C:\Program Files
(x86)\Snooping\Diversification.exe
FirewallRules: [{8C220819-A9C3-4F08-8F99-82A5014D7112}] => (Allow) C:\Program
Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [{879DDBCB-A7DC-409F-A663-80BA58D4B993}] => (Allow) C:\Program
Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{ABC6A99B-B1E6-450D-8249-20BC1D035A61}] => (Allow) C:\Program
Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{945A17D0-8A10-4A24-A3B7-4D3A27F8D9B6}C:\program
files\qbittorrent\qbittorrent.exe] => (Allow) C:\program
files\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{12CED1F8-2EFE-4AF2-88C6-471DFD2F0F3A}C:\program
files\qbittorrent\qbittorrent.exe] => (Allow) C:\program
files\qbittorrent\qbittorrent.exe
FirewallRules: [{E22AC7A6-2BCC-4809-90CB-05B33B984CF7}] => (Allow) C:\Program Files
(x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
09-11-2018 00:28:37 Windows Modules Installer

14-11-2018 16:07:00 Installed Adobe Acrobat DC.
==================== Faulty Device Manager Devices =============
Name: Intel(R) 82579LM Gigabit Network Connection #2

Description: Intel(R) 82579LM Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1cexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This
starts the Enable Device wizard. Follow the instructions.
Name: AudioBox USB

Description: AudioBox USB
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which
starts the Hardware Update wizard.
Name: USB Mass Storage Device

Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : Windows cannot use this hardware device because it has been prepared for
safe removal, but it has not been removed from the computer. (Code 47)
Resolution: Unplug the device, and then plug it in again. Alternately, restart the
computer to make the device available.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/14/2018 08:38:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 14.11.2018.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Security and Maintenance control panel.
Process ID: 12a8
Start Time: 01d47c8391643379

Termination Time: 4294967295
Application Path: C:\Users\My DELL\Downloads\FRST64.exe
Report Id: 64c7c258-f19b-4c12-a0ab-5ed40576a4a9
Faulting package full name:
Faulting package-relative application ID:
Error: (11/14/2018 07:31:33 PM) (Source: Application Error) (EventID: 1000)

(User: )
Description: Faulting application name: ShellExperienceHost.exe, version:
10.0.17134.1, time stamp: 0x5ace103a
Faulting module name: StartTileData.dll, version: 10.0.17134.376, time stamp:
0xeeb93c7e
Exception code: 0xc0000005
Fault offset: 0x000000000035a9aa
Faulting process id: 0x1e0c
Faulting application start time: 0x01d47c6c53d7b449
Faulting application path:
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\StartTileData.dll
Report Id: 0ba5af0e-00f9-441e-820a-1d8117bcaab4
Faulting package full name:
Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (11/14/2018 05:58:03 PM) (Source: ESENT) (EventID: 455) (User: )

Description: taskhostw (900,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) occurred
while opening logfile C:\Users\My
DELL\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (11/14/2018 05:58:03 PM) (Source: ESENT) (EventID: 490) (User: )

Description: taskhostw (900,R,98) WebCacheLocal: An attempt to open the file
"C:\Users\My DELL\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read /
write access failed with system error 32 (0x00000020): "The process cannot access
the file because it is being used by another process. ". The open file operation
will fail with error -1032 (0xfffffbf8).
Error: (11/14/2018 05:48:21 PM) (Source: COM) (EventID: 10031) (User: )

Description: An unmarshaling policy check was performed when unmarshaling a custom
marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected



System errors:
=============
Error: (11/14/2018 08:40:25 PM) (Source: DCOM) (EventID: 10010) (User: MYDELL-PC)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register
with DCOM within the required timeout.
Description: The server {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} did not register
Description: The application-specific permission settings do not grant Local
Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user MyDELL-PC\My DELL SID (S-1-5-21-2624762605-3417080125-3309590312-1000)
from address LocalHost (Using LRPC) running in the application container
Unavailable SID (Unavailable). This security permission can be modified using the
Component Services administrative tool.
Windows Defender:
===================================
Date: 2018-11-14 16:51:14.338
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted
software.
For more information please see the following:
https://go.microsoft.com/fwlink/?
linkid=37020&name=HackTool:Win32/Patcher&threatid=2147659947&enterprise=0
Name: HackTool:Win32/Patcher
ID: 2147659947
Severity: High
Category: Tool
Path: file:_C:\Users\My DELL\AppData\Local\Temp\7zE4423215B\amtemu.v0.9.2-
painter.exe; file:_C:\Users\MYDELL~1\AppData\Local\Temp\7zE4423215B\amtemu.v0.9.2-
painter.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.281.90.0, AS: 1.281.90.0, NIS: 1.281.90.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5
Date: 2018-11-14 16:50:56.101

Description:
software.
ID: 2147659947
Severity: High
Category: Tool
Path: file:_C:\Users\My DELL\AppData\Local\Temp\7zE4423215B\amtemu.v0.9.2-
painter.exe; file:_C:\Users\MYDELL~1\AppData\Local\Temp\7zE4423215B\amtemu.v0.9.2-
painter.exe
Process Name: C:\Windows\explorer.exe
Date: 2018-11-14 16:50:51.401

Description:
software.
ID: 2147659947
Severity: High
Category: Tool
Path: file:_C:\Users\MYDELL~1\AppData\Local\Temp\7zE4423215B\amtemu.v0.9.2-
painter.exe
Process Name: C:\Program Files\7-Zip\7zFM.exe
Date: 2018-11-14 16:50:39.547

Description:
software.
ID: 2147659947
Severity: High
Category: Tool
Path: file:_C:\Users\My DELL\AppData\Local\Temp\7zO44286C0B\amtemu.v0.9.2-
painter.exe; file:_C:\Users\MYDELL~1\AppData\Local\Temp\7zO44286C0B\amtemu.v0.9.2-
painter.exe
Date: 2018-11-14 16:50:34.714

Description:
software.
ID: 2147659947
Severity: High
Category: Tool
Path: file:_C:\Users\MYDELL~1\AppData\Local\Temp\7zO44286C0B\amtemu.v0.9.2-
painter.exe
Date: 2018-11-12 00:16:23.060

Description:
Windows Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000006
Resource: file:C:\Windows\WinSxS\amd64_microsoft-windows-
servicingstack_31bf3856ad364e35_10.0.17134.281_none_eada712a1d8142be\TiWorker.exe
Date: 2018-11-01 23:17:19.396

Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error
and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This
may be due to low resource conditions.
Date: 2018-10-24 21:36:08.528

Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.279.441.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15400.4
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2018-10-24 21:36:08.528
Description:
Update Type: Full
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2018-10-22 14:43:35.800

Description:
Update Type: Full
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For
information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2018-11-12 00:16:53.814

Description:
Code Integrity is unable to verify the image integrity of the file
\Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-
page image hashes could not be found on the system.
Date: 2018-11-12 00:16:53.805

Description:
Date: 2018-11-12 00:16:53.712

Description:
Date: 2018-11-12 00:16:53.703

Description:
Date: 2018-11-12 00:16:53.675

Description:
\Device\HarddiskVolume2\Windows\System32\dsreg.dll because the set of per-page
image hashes could not be found on the system.
Date: 2018-11-12 00:16:53.667
Description:
\Device\HarddiskVolume2\Windows\System32\dsreg.dll because the set of per-page
Date: 2018-11-12 00:16:49.480

Description:
\Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page
Date: 2018-11-12 00:16:49.163

Description:
\Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3360M CPU @ 2.80GHz

Percentage of memory in use: 49%
Total physical RAM: 8065.5 MB
Available physical RAM: 4053.1 MB
Total Virtual: 16257.5 MB
Available Virtual: 10730.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.2 GB) (Free:10.05 GB) NTFS

Drive f: (Puzzles) (Fixed) (Total:931.51 GB) (Free:13.58 GB) NTFS
\\?\Volume{87e47ab9-dfac-11e4-b5bf-806e6f6e6963}\ (System Reserved) (Fixed)

(Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{a2aaa8f9-0000-0000-0000-705374000000}\ () (Fixed) (Total:0.46 GB)
(Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: A2AAA8F9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=468 MB) - (Type=27)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 05E18849)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================

Addition

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Addition

Загружено:

Авторское право:

Доступные форматы

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.11.

==================== Accounts: =============================

Administrator (S-1-5-21-2624762605-3417080125-3309590312-500 - Administrator -

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}

==================== Installed Programs ======================

==================== Custom CLSID (Whitelisted): ==========================

==================== Scheduled Tasks (Whitelisted) =============

Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\My DELL\AppData\Roaming\Microsoft\Internet

==================== Loaded Modules (Whitelisted) ==============

2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

==================== Hosts content: ===============================

2009-07-13 21:34 - 2018-11-13 11:49 - 000000858 ____C

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "Dell Webcam Central"

==================== FirewallRules (Whitelisted) ===============

FirewallRules: [{50D09FCA-99A4-4F22-85E0-C2272C3B2913}] => (Allow) C:\Program Files

==================== Restore Points =========================

09-11-2018 00:28:37 Windows Modules Installer

==================== Faulty Device Manager Devices =============

Name: Intel(R) 82579LM Gigabit Network Connection #2

Name: AudioBox USB

Name: USB Mass Storage Device

==================== Event log errors: =========================

Process ID: 12a8

Start Time: 01d47c8391643379

Application Path: C:\Users\My DELL\Downloads\FRST64.exe

Report Id: 64c7c258-f19b-4c12-a0ab-5ed40576a4a9

Faulting package full name:

Faulting package-relative application ID:

Error: (11/14/2018 07:31:33 PM) (Source: Application Error) (EventID: 1000)

Error: (11/14/2018 05:58:03 PM) (Source: ESENT) (EventID: 455) (User: )

Error: (11/14/2018 05:58:03 PM) (Source: ESENT) (EventID: 490) (User: )

Error: (11/14/2018 05:48:21 PM) (Source: COM) (EventID: 10031) (User: )

Error: (11/14/2018 05:48:21 PM) (Source: COM) (EventID: 10031) (User: )

Error: (11/14/2018 05:05:26 PM) (Source: COM) (EventID: 10031) (User: )

Error: (11/14/2018 05:05:26 PM) (Source: COM) (EventID: 10031) (User: )

Date: 2018-11-14 16:50:56.101

Date: 2018-11-14 16:50:51.401

Date: 2018-11-14 16:50:39.547

Date: 2018-11-14 16:50:34.714

Date: 2018-11-12 00:16:23.060

Date: 2018-11-01 23:17:19.396

Date: 2018-10-24 21:36:08.528

Date: 2018-10-22 14:43:35.800

Date: 2018-11-12 00:16:53.814

Date: 2018-11-12 00:16:53.805

Date: 2018-11-12 00:16:53.712

Date: 2018-11-12 00:16:53.703

Date: 2018-11-12 00:16:53.675

Date: 2018-11-12 00:16:49.480

Date: 2018-11-12 00:16:49.163

==================== Memory info ===========================