Академический Документы
Профессиональный Документы
Культура Документы
2018
Ran by My DELL (14-11-2018 20:40:13)
Running from C:\Users\My DELL\Downloads
Windows 10 Pro Version 1803 17134.407 (X64) (2018-05-22 18:31:44)
Boot Mode: Normal
==========================================================
(Only the adware programs with "Hidden" flag could be added to the fixlist to
unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2624762605-3417080125-3309590312-1000\...\uTorrent)
(Version: 3.5.4.44520 - BitTorrent Inc.)
3uTools (HKLM-x32\...\3uTools) (Version: 2.0 - ShangHai ZhangZheng Network
Technology Co., Ltd.)
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version:
18.011.20038 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100})
(Version: 19.008.20081 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05
- Creative Technology Ltd)
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-
EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Akai Professional - Internal MIDI (HKLM-x32\...\Internal MIDI) (Version: 1.1 - Akai
Pro)
Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-
32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-
12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B})
(Version: 11.0.2.4 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-
D38F370118B3}_is1) (Version: 7.0.11.0 - Auslogics Labs Pty Ltd)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
AVS Video Editor 8.0.3 (HKLM-x32\...\AVS Video Editor_is1) (Version: 8.0.3.303 -
Online Media Technologies Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
ClipGrab 3.6.6 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:
- Philipp Schmieder Medien)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec
Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
CrX 4 (HKU\S-1-5-21-2624762605-3417080125-3309590312-1000\...\CrX 4) (Version: - )
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0637 - Disc Soft
Ltd)
Debian-Installer loader (HKLM-x32\...\Debian-Installer Loader) (Version: 0.8.4
+kernels - The Debian Project)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dell Custom Help (HKLM\...\{BE1CF6CA-3182-45D8-9535-A18055B73607}) (Version:
16.01.1000.0235 - Intel Corporation) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:
10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative
Technology Ltd)
Duplicate Sweeper (HKLM-x32\...\{02C94243-9CE7-42CA-9F77-E8AE00BB1DF5}) (Version:
1.87 - Wide Angle Software)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.215 - Dell
Inc.)
Electra2 full (HKLM\...\Tone2 Electra2 full_is1) (Version: 2.1.0 - Tone2)
ElectraX full (HKLM\...\Tone2 ElectraX full_is1) (Version: - Tone2)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-
F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-
009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA})
(Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2})
(Version: 1.3.24.7 - Google Inc.) Hidden
Hybrid Content (HKLM-x32\...\{9E822C67-B1C4-4E85-870C-23ADE106BB4F}) (Version:
3.0.0.18468 - AIR Music Tech GmbH)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version:
1.0.6491.0 - IDT)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-
C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA})
(Version: 10.18.10.4425 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-
4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b6b417a3-1f40-4618-aadd-
49628bda7836}) (Version: 16.1.1 - Intel Corporation)
iSpring Free Cam 8 (HKLM-x32\...\{9E6D2789-25C1-4884-ACAA-32F187F96410}) (Version:
8.3.15297 - iSpring Solutions Inc.)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version:
8.0.1510.12 - Oracle Corporation)
Luxonix Purity VSTi v1.1.2 (HKLM-x32\...\Luxonix Purity VSTi_is1) (Version: - )
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-
0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2624762605-3417080125-3309590312-
1000\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version:
5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-
51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-
3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-
6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-
38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-
F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\
{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft
Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-
B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\
{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft
Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\
{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft
Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\
{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft
Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\
{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft
Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\
{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft
Corporation)
MPC 1.1.0 (HKLM-x32\...\MPC_is1) (Version: 1.1.0 - Akai Professional)
MPC 1.9.6 (HKLM\...\com.akaipro.mpc.standard_is1) (Version: 1.9.6 - Akai
Professional)
MPC Factory Content 1.1.0 (HKLM-x32\...\MPC Factory Content_is1) (Version: 1.1.0 -
Akai Professional)
MPC Studio driver (HKLM\...\USB_AUDIO_DEusb-audio.deAkaiACV1) (Version: - )
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:
5.6.6.16 - Native Instruments)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA 3D Vision Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA nView 148.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView)
(Version: 148.03 - NVIDIA Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\{D535FC73-1F63-4347-896A-
C97A45F11E9C}) (Version: 3.0.07.44 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{D535FC73-
1F63-4347-896A-C97A45F11E9C}) (Version: 3.0.07.44 - O2Micro International LTD.)
Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version:
2.7.0 - Microleaves) Hidden <==== ATTENTION
Open RegEdit (HKLM-x32\...\Open RegEdit2.0) (Version: 2.0 - Easy Desk Software)
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version:
4.13.9783 - Apache Software Foundation)
Oracle VM VirtualBox 5.2.8 (HKLM\...\{A7F49FA5-9FCA-4936-8652-CD00206D9300})
(Version: 5.2.8 - Oracle Corporation)
Proteus VX (HKLM-x32\...\Proteus VX) (Version: - )
qBittorrent 4.1.3 (HKLM-x32\...\qBittorrent) (Version: 4.1.3 - The qBittorrent
project)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-
49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-
x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 -
Renesas Electronics Corporation)
Reveal Sound Spire (HKLM-x32\...\Reveal Sound Spire) (Version: 1.1.9 - Reveal
Sound)
Sandboxie 5.26 (64-bit) (HKLM\...\Sandboxie) (Version: 5.26 - Sandboxie Holdings,
LLC)
SearchAwesome (HKLM-x32\...\ZDRhNmY4ZjhlNzYzOG) (Version: 13.14.1.308 (i1.0) -
SearchAwesome) <==== ATTENTION
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-
9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0046 - ST Microelectronics)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Uninstall Tool Setup 3.5.6.0 (HKLM-x32\...\Uninstall Tool Setup 3.5.6.0) (Version:
3.5.6.0 - CrystalIDEA Software)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 -
LunarG, Inc.)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1)
(Version: 3.49.2 - HTTrack)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.7-0 - Bitnami)
Zero Install (current user) (HKU\S-1-5-21-2624762605-3417080125-3309590312-
1000\...\Zero Install_is1) (Version: 2.14.6 - 0install.de)
ZMatrix 1.5.2 (HKLM-x32\...\ZMatrix_is1) (Version: 1.5.2 - Happy Dude)
(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2624762605-3417080125-3309590312-1000_Classes\CLSID\
{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 ->
C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [# MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-
BA2E9197FF8C} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [# MEGA (Synced)] -> {05B38830-F4E9-4329-978B-
1DD28605D202} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [# MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-
873BE6890637} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>
C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-10] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [# MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-
BA2E9197FF8C} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [# MEGA (Synced)] -> {05B38830-F4E9-4329-978B-
1DD28605D202} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [# MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-
873BE6890637} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>
C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-
18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat
Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>
C:\Program Files\Notepad++\NppShell_06.dll [2018-03-18] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>
C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-10] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-
0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-09-22]
(Piriform Ltd)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7}
=> C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-
0228EC7D5F17} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-
1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (Disc
Soft Ltd)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7}
=> C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-
0228EC7D5F17} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>
C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-10] (AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-
12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (Disc
Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>
C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-
0228EC7D5F17} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>
C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-
0228EC7D5F17} => C:\Users\My DELL\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No
File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>
C:\WINDOWS\system32\igfxDTCM.dll [2016-06-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-
BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>
C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-
18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat
Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>
C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-10] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-
0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-09-22]
(Piriform Ltd)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7}
=> C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>
C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)
Task: {00820D5B-FDD8-4B29-99FE-8A5A645367F3} -
System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {074B27E0-B98A-4A2A-88EC-E855A56C78C6} -
System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {07B0D032-0CC2-4EE2-99BE-D6A7E346054D} -
System32\Tasks\industriousnessindustriousness => C:\Program Files
(x86)\Hyssop\scherer.exe [2018-10-08] ()
Task: {0D0D692C-58A9-487E-86CF-E9596989F4FE} - System32\Tasks\CCleanerSkipUAC =>
C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {0FD29AC3-A27E-43E1-BE0B-114D8C22A3AA} -
System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1116E05D-152F-43CB-9A92-03D23E19CED2} -
System32\Tasks\Microsoft\Windows\Media Center\mcupdate =>
C:\WINDOWS\ehome\mcupdate.exe
Task: {1372E9EC-4DDC-4EE9-AF99-3B2859507C78} -
System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16D68719-7811-4AD3-8EC4-7A59D9A4A228} -
System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2058BB52-166F-49BA-8C39-52810756BAFE} - System32\Tasks\nWizard_{B2FE1952-
0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
[2017-03-14] ()
Task: {20ADF1F2-A8FF-4F6F-ADDB-9432BFCDFFDD} -
System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.)
Task: {2A5D18DD-DA5A-481A-8AB6-51044D717E24} - System32\Tasks\S-1-5-21-2624762605-
3417080125-3309590312-1000\DataSenseLiveTileTask =>
C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {3DAE6CAB-2F2F-42C1-9A91-278C033ECD10} - System32\Tasks\Adobe Flash Player
Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-
08-18] (Adobe Systems Incorporated)
Task: {45476D15-BF70-497A-861A-49E1DA3B9544} - System32\Tasks\sidewinder
collectivitysidewinder collectivity => C:\Program Files
(x86)\Snooping\Diversification.exe
Task: {471F63E3-2C06-437B-B7EC-4950BAB372ED} - System32\Tasks\Online Application
V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-
Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {4800A4AA-7BC2-4513-BBE8-DEAC836C6DEF} - System32\Tasks\Microsoft\Microsoft
Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {4840A0A8-4481-4380-9A0E-B3BD0B2D7F46} -
System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup =>
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe
[2018-10-22] (Microsoft Corporation)
Task: {4A21430B-06A3-4986-AD0C-0A0CD2E88D85} - System32\Tasks\antiabortion_monrovia
=> C:\Program Files (x86)\Snooping\Cocky.exe
Task: {4DB34289-2640-4655-80C4-581CCE176030} - System32\Tasks\AdobeGCInvoker-1.0-
MicrosoftAccount-puzzlestrack@gmail.com => C:\Program Files (x86)\Common
Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems,
Incorporated)
Task: {51E82CE4-D6E3-4D69-988D-B9FA090B1DB8} -
System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {52325727-8286-4242-82D2-0569ECCF3CFD} - System32\Tasks\Avast
Software\Overseer => C:\Program Files\Common Files\avast
software\overseer\overseer.exe [2018-10-29] (AVAST Software) <==== ATTENTION
Task: {574EB072-4447-4EC9-AB17-35A29BB87403} -
System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart =>
C:\WINDOWS\ehome\ehrec.exe
Task: {615846FA-AA85-4752-8EC9-48621E7017CF} -
System32\Tasks\antiabortion_monroviaantiabortion_monrovia => C:\Program Files
(x86)\Snooping\Cocky.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} -
System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask =>
C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {75926C1A-1CDF-4C9A-AA82-F244E5CE58F1} -
System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask =>
C:\WINDOWS\ehome\mcupdate.exe
Task: {7F491E86-C3E2-42E5-A7F9-C1997074AE7B} - System32\Tasks\Microsoft\Microsoft
Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft
Security Client\\MpCmdRun.exe
Task: {9089D418-4517-445A-A4BB-FE04EEC8A031} -
System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {934087EB-4107-42FD-A95C-29F813CD6D98} -
System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9BED1151-ABF3-46CF-BE22-C202B48AEA55} - System32\Tasks\industriousness =>
C:\Program Files (x86)\Hyssop\scherer.exe [2018-10-08] ()
Task: {9CB3D307-747D-42B9-BB65-D95B08C523A5} -
System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask =>
C:\WINDOWS\ehome\mcupdate.exe
Task: {A241C4E9-F4DA-49A4-9857-73E7ED2E6C0B} -
System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification =>
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe
[2018-10-22] (Microsoft Corporation)
Task: {A2B89AD4-DD09-4E4C-B887-04F4D462E5C1} -
System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache
Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-
0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {A32CA824-9E57-4B26-A097-2E63BFDBC371} - System32\Tasks\Online Application
V2G6 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-
Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {A79F4F67-F5AC-438C-950C-D65F9BDEC3AA} -
System32\Tasks\Microsoft\Windows\Media Center\StartRecording =>
C:\WINDOWS\ehome\ehrec.exe
Task: {B7B9D6F0-1DBF-40A8-ADF6-8C8C2FD95167} -
System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry =>
C:\WINDOWS\ehome\MCUpdate.exe
Task: {C5534E03-5A18-430C-89BD-28ABD67B6944} - System32\Tasks\Online Application
V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-
Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {C7140BA1-B04B-4CC3-9CA9-C8DDA568FF25} - System32\Tasks\Online Application
V2G4 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-
Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {CD2E8EAD-7E9D-44E3-963C-CC393CC6134A} - System32\Tasks\Online Application
V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-
Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {CDFE3431-0C0E-462F-B544-C4F1A625931C} -
System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan
=> C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe
[2018-10-22] (Microsoft Corporation)
Task: {CE70FC58-2130-49C2-B47E-13FEA9BEAE8D} -
System32\Tasks\Updater_Online_Application => C:\Program Files
(x86)\Microleaves\Online Application\Online Application Updater.exe [2017-11-09]
(Microleaves) <==== ATTENTION
Task: {D38CAB9A-9B63-459A-9CCD-28184630C6F3} -
System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB093597-8055-4402-A916-DA87D3A1A61E} - System32\Tasks\Online Application
V2G5 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-
Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {DC3B082F-D257-4D81-9FBD-4E0F39EE3C91} -
System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E17138C5-8F39-4B03-A58D-63F69795DA89} -
System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5FB7FE7-001F-4117-9E47-142AFFB24F45} - System32\Tasks\Adobe Acrobat Update
Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13]
(Adobe Systems Incorporated)
Task: {EC5ECCFE-C19F-4979-9B72-466F0571FE66} -
System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ECD4797C-C4DD-4F9E-82D5-006FF3498643} - System32\Tasks\Avast Emergency
Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-10] (AVAST
Software)
Task: {ED9235A8-3066-483A-9D42-69C8F8564673} -
System32\Tasks\Microsoft\Windows\Media Center\OCURActivate =>
C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F38EF840-176C-48E5-B4CE-560C850011E0} - System32\Tasks\sidewinder
collectivity => C:\Program Files (x86)\Snooping\Diversification.exe
Task: {F4FBA863-448B-42F1-806F-5A97A7E2AD08} -
System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask =>
C:\WINDOWS\ehome\mcupdate.exe
Task: {FA3B1F5C-0B36-4035-AC5B-0BCFD4C8A514} -
System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask =>
C:\WINDOWS\ehome\mcupdate.exe
Task: {FCD28BC3-CB2B-4029-8E46-4C2236B44E2D} -
System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask =>
C:\WINDOWS\ehome\mcupdate.exe
Task: {FCD57076-EFA5-4FB4-9C6F-15CD8F0DACA5} -
System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The
file which is running by the task will not be moved.)
(If an entry is included in the fixlist, only the ADS will be removed.)
(If an entry is included in the fixlist, it will be removed from the registry. The
"AlternateShell" will be restored.)
(If an entry is included in the fixlist, the registry item will be restored to
default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
HKU\S-1-5-21-2624762605-3417080125-3309590312-1000\Control Panel\Desktop\\Wallpaper
-> C:\Users\My DELL\Downloads\http___wallvie.com_wp-content_uploads_2018_05_High-
Quality-Of-Boondocks-Wallpaper-The-Mobile.jpg
DNS Servers: 8.8.8.8 - 4.2.2.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =>
(ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers =>
ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)
Application errors:
==================
Error: (11/14/2018 08:38:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 14.11.2018.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Security and Maintenance control panel.
System errors:
=============
Error: (11/14/2018 08:40:25 PM) (Source: DCOM) (EventID: 10010) (User: MYDELL-PC)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register
with DCOM within the required timeout.
Error: (11/14/2018 08:38:25 PM) (Source: DCOM) (EventID: 10010) (User: MYDELL-PC)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register
with DCOM within the required timeout.
Error: (11/14/2018 08:36:25 PM) (Source: DCOM) (EventID: 10010) (User: MYDELL-PC)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register
with DCOM within the required timeout.
Error: (11/14/2018 08:34:25 PM) (Source: DCOM) (EventID: 10010) (User: MYDELL-PC)
Description: The server {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} did not register
with DCOM within the required timeout.
Error: (11/14/2018 08:32:25 PM) (Source: DCOM) (EventID: 10010) (User: MYDELL-PC)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register
with DCOM within the required timeout.
Error: (11/14/2018 08:30:25 PM) (Source: DCOM) (EventID: 10010) (User: MYDELL-PC)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register
with DCOM within the required timeout.
Error: (11/14/2018 08:28:25 PM) (Source: DCOM) (EventID: 10010) (User: MYDELL-PC)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register
with DCOM within the required timeout.
Error: (11/14/2018 08:28:23 PM) (Source: DCOM) (EventID: 10016) (User: MYDELL-PC)
Description: The application-specific permission settings do not grant Local
Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user MyDELL-PC\My DELL SID (S-1-5-21-2624762605-3417080125-3309590312-1000)
from address LocalHost (Using LRPC) running in the application container
Unavailable SID (Unavailable). This security permission can be modified using the
Component Services administrative tool.
Windows Defender:
===================================
Date: 2018-11-14 16:51:14.338
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted
software.
For more information please see the following:
https://go.microsoft.com/fwlink/?
linkid=37020&name=HackTool:Win32/Patcher&threatid=2147659947&enterprise=0
Name: HackTool:Win32/Patcher
ID: 2147659947
Severity: High
Category: Tool
Path: file:_C:\Users\My DELL\AppData\Local\Temp\7zE4423215B\amtemu.v0.9.2-
painter.exe; file:_C:\Users\MYDELL~1\AppData\Local\Temp\7zE4423215B\amtemu.v0.9.2-
painter.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.281.90.0, AS: 1.281.90.0, NIS: 1.281.90.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5
CodeIntegrity:
===================================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: A2AAA8F9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=468 MB) - (Type=27)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 05E18849)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)