Mostafa_ahmed

Members

View Profile See their activity

Posts
11
Joined
December 1, 2019
Last visited
January 29, 2020

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by Mostafa_ahmed

Remove kms virus

Mostafa_ahmed replied to Mostafa_ahmed's topic in Resolved Malware Removal Logs

Thank you very much ❤️
- December 7, 2019
- 18 replies
Remove kms virus

Mostafa_ahmed replied to Mostafa_ahmed's topic in Resolved Malware Removal Logs

thank youuuu!!!! the problem was solved as my windows update service was disabled thank you once again ❤️
- December 6, 2019
- 18 replies
Remove kms virus

Mostafa_ahmed replied to Mostafa_ahmed's topic in Resolved Malware Removal Logs

Windows has no problem now But it's not updating
- December 4, 2019
- 18 replies
Remove kms virus

Mostafa_ahmed replied to Mostafa_ahmed's topic in Resolved Malware Removal Logs

So now i removed kms?
- December 4, 2019
- 18 replies
Remove kms virus

Mostafa_ahmed replied to Mostafa_ahmed's topic in Resolved Malware Removal Logs

Thank you, so now i enter my windows pro key And excuse me what is the problem with google chrome sync
- December 4, 2019
- 18 replies
Remove kms virus

Mostafa_ahmed replied to Mostafa_ahmed's topic in Resolved Malware Removal Logs

this is another log ran it right now also new addition is attached Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-12-2019 Ran by HP (administrator) on MOSTAFA-NADA (LENOVO 80YL) (03-12-2019 18:31:30) Running from C:\Users\HP\Desktop Loaded Profiles: HP (Available Profiles: defaultuser0 & HP) Platform: Windows 10 Enterprise Version 1607 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\arcai.com\netcut_windows.exe (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Arcai.com) [File not signed] C:\Program Files (x86)\arcai.com\aips.exe (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (Filipe Lourenço) [File not signed] F:\programs\BatteryCarePortable\BatteryCare.exe (Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\HP\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Windows Hardware Compatibility PublisAddition.txther -> ) C:\Windows\System32\fpCSEvtSvc.exe (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) C:\Program Files\txgameassistant\AppMarket\QMEmulatorService.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180736 2019-11-05] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2017-10-12] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-03-07] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [139624 2019-11-14] (IDSA Production signing key -> Intel) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3115792 2019-10-15] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7117464 2018-05-02] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\Run: [BatteryCare] => F:\programs\BatteryCarePortable\BatteryCare.exe [821760 2019-11-10] (Filipe Lourenço) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-22] (Google LLC -> Google LLC) GroupPolicy: Restriction ? <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {035E45A6-6078-45E6-8A57-9F63EE976437} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {0BA58EBC-FC75-4B9D-88CD-A37551545A25} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {0D23BADC-20D7-4E4A-8033-D141531C054A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\afe2e010-804f-4ebb-a27b-368a2a5d043b => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) Task: {131C166C-01AD-4D0B-843C-625E5352BB64} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2503008315-2274245127-1317639094-1003 => C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61} Task: {17C62FB3-5E2F-4482-A179-9339638A0BF0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61} Task: {2E40F828-39B6-4B50-A84A-2779FBBB7982} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {35888797-850F-4D8A-B76E-E68ECBDEB900} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {3683F125-080C-4BD2-96FD-22B59171D288} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {36DFDCDA-D056-466F-8AAF-1FD0C8BDCF9A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4AB36953-D46C-483B-94BE-873DC9318CCB} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {4C191BF6-F9F7-4AAA-9722-C338976F7229} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {4C5BC642-EAB0-4BE1-8F7C-095C4124676F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation) Task: {51A7EC66-E52B-46F0-8CB2-D5E0005A1ACD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {51A94E46-BEB3-4C13-80CA-BB019F5DB953} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {53B28AEE-937F-4020-826A-6B5974C73DAB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {59B87804-A7FF-43AC-AB90-EFA8453BA2DE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {5DB065DF-74BC-4166-85A4-288C33D9097B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {60AD0DC7-FA6F-4C50-B094-4C1A986FC60F} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-mostafa.terios@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {6331461E-B08D-44F4-8D5C-4C7748055EAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-16] (Google Inc -> Google Inc.) Task: {64FFAA65-C452-4F43-A3FC-1C1FC314C8DE} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6787EA6F-6BDD-49E9-AA25-765445BBF6F4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {69ECD425-3D29-4EEB-95F5-26224E96596F} - System32\Tasks\{50503296-8FE5-4562-85CA-16BC549305CE} => C:\Windows\system32\pcalua.exe -a "F:\Games\FIFA 18\FIFASetup\fifaconfig.exe" -d "F:\Games\FIFA 18\FIFASetup\" Task: {820A983A-3308-4E21-BADF-22923EE3E77D} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {8707DB6A-D7A5-471C-AEA9-CF36A735DDA3} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe Task: {8D85B517-1E95-4F2E-887E-2A4B7AEFEFAE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-27] (Adobe Inc. -> Adobe) Task: {8DDCA0E2-06C2-4681-99AC-4F7EF13F3D68} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\99a328ae-a004-4dd6-9514-595365914c07 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) Task: {8E4EBFF5-17BA-4F74-9CCE-4135378259D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-27] (Adobe Inc. -> Adobe) Task: {93BCA715-4DF2-4C17-9600-BB648A67FB88} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation) Task: {9B8FDE69-B178-4E2A-AAF4-157473CB3230} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d56bcdad-26c7-4a46-ba94-43421c880acc => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) Task: {A8512343-9FD5-4041-9CD2-1B261F8D4221} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {AD364C51-54CB-42E5-8C16-39C01F06909C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AFDE2CA8-892C-4098-8260-FF6784C11100} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2503008315-2274245127-1317639094-1001 => C:\Users\HP\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [116008 2019-09-12] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {B23E7C40-D6CE-4C95-9B26-F1C1B3D8BD75} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-08-01] (Lenovo -> ) Task: {BF441DE1-03CE-4C69-855A-719CC851CB13} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C9A2A21C-F5FC-456A-A949-011D81CA7843} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D2D0CDED-B00A-468F-8034-A61B4BCD74A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-16] (Google Inc -> Google Inc.) Task: {D5CBD4E0-435A-4CBA-A97A-F3F67B9DEE69} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-08-01] (Lenovo -> ) Task: {E2FF421C-6972-4294-BBF8-75E9CB74D3DD} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E3F00B5F-5E29-44F1-AAB5-959A4DB7DA1C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {E4896DC4-27BE-46BF-99BB-14F2173F3FB8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EEA11AE2-2E36-401A-85A1-FBB532C73088} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation) Task: {F1CF30D4-E419-45D1-9FD3-C9FF7D5B7E6E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [54144 2019-09-23] (Lenovo -> Lenovo Group Ltd.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{3b4a9f47-0b93-42b6-bbbd-1ba74c6c69e0}: [DhcpNameServer] 192.168.43.1 Internet Explorer: ================== HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-eg/?ocid=iehp BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-10-18] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-10-18] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== DownloadDir: C:\Users\HP\Downloads FireFox: ======== FF DefaultProfile: n9xx1eyh.default FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\n9xx1eyh.default [2019-12-02] FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\g5sr2vxj.default-release [2019-12-02] FF HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2019-09-19] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json] FF HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5 [2017-11-02] [Legacy] [not signed] FF HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-27] (Adobe Inc. -> ) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-27] (Adobe Inc. -> ) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-16] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR StartupUrls: Default -> "hxxp://ar.hao123.com/?tn=epom_pay_hp_02_hao123_ar" CHR NewTab: Default -> Active:"chrome-extension://akgkjeeanidoelhjgmoimmnolgfmdkpp/start/index.html" CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2019-12-03] CHR DownloadDir: F:\Intranet CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghbiahbpaijignceidepookljebhfak [2019-09-27] CHR Extension: (Superman Wallpapers HD 'Man of Steel' New Tab) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\akgkjeeanidoelhjgmoimmnolgfmdkpp [2019-09-13] CHR Extension: (Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-02] CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-02] CHR Extension: (AdGuard AdBlocker) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2019-11-21] CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-02] CHR Extension: (Tanki Online) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo [2017-11-02] CHR Extension: (Adobe Acrobat) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-01] CHR Extension: (Full Page Screen Capture) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2019-11-27] CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (KIXEYE Flash Game Enabler) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\hffmfihlnmlgjniohpolledajiiiegfl [2019-11-06] CHR Extension: (Grammarly for Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-11-29] CHR Extension: (IDM Integration Module) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-08-26] CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15] CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-10-25] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-10-25] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) R2 AIPS; C:\Program Files (x86)\arcai.com\aips.exe [2677760 2018-05-11] (Arcai.com) [File not signed] R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [37736 2019-11-14] (IDSA Production signing key -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [142696 2019-11-14] (IDSA Production signing key -> Intel) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2243136 2019-11-05] (ESET, spol. s r.o. -> ESET) S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel(R) Software Development Products -> ) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144600 2017-10-22] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) R2 fpCsEvtSvc; C:\Windows\system32\fpCSEvtSvc.exe [13824 2015-04-28] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [172784 2016-05-23] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation) S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2348336 2019-10-15] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3228976 2019-10-15] (Electronic Arts, Inc. -> Electronic Arts) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed] R2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [148840 2019-10-17] (Tencent Technology(Shenzhen) Company Limited -> Tencent) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 RtkBtManServ; C:\Windows\RtkBtManServ.exe [687560 2018-06-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [252008 2016-03-03] (Synaptics Incorporated -> Synaptics Incorporated) R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [195832 2018-12-19] (Intel(R) Software Development Products -> ) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH -> TeamViewer GmbH) S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel(R) Software Development Products -> ) S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [76296 2015-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare) S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare Technology Co.,Ltd -> Wondershare) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [53424 2015-07-11] (Hewlett-Packard Company -> Hewlett-Packard) R2 aow_drv; C:\Program Files\TxGameAssistant\UI\2.0.12963.123\aow_drv_x64_ev.sys [863616 2019-10-18] (Tencent Technology (Shenzhen) Company Limited -> Tencent) S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider) S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-09-04] (Bluestack Systems, Inc. -> Bluestack System Inc. ) S3 clwvd8; C:\Windows\system32\DRIVERS\clwvd8.sys [61056 2018-08-23] (CyberLink Corp. -> CyberLink Corporation) R3 cpuz143; C:\Users\HP\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2019-12-02] (CPUID -> CPUID) <==== ATTENTION S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-05] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [103264 2019-11-05] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-05] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50712 2019-11-05] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [77184 2019-11-05] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [114136 2019-11-05] (ESET, spol. s r.o. -> ESET) R3 ETDHCF; C:\Windows\System32\drivers\ETDHCF.sys [29256 2017-10-22] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [40624 2015-07-11] (Hewlett-Packard Company -> Hewlett-Packard) S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [30752 2016-01-06] (Hewlett-Packard Company -> Hewlett Packard) R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98976 2017-09-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1094000 2019-03-07] (Intel(R) Rapid Storage Technology -> Intel Corporation) S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> ) S3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7231248 2016-06-17] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_e087c6d3d3ba2d69\nvlddmkm.sys [22744688 2019-11-21] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1010648 2017-12-13] (Realtek Semiconductor Corp. -> Realtek ) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [758208 2018-06-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [777944 2016-05-25] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation) S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [428024 2017-03-12] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3224576 2016-12-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [8139600 2018-03-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation ) S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-12-19] (Intel Corporation -> ) S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42600 2015-10-25] (Synaptics Incorporated -> Synaptics Incorporated) S3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv64.sys [760832 2016-03-10] (Sunplus Innovation Technology Inc. -> Sunplus) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project) S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [442128 2019-10-19] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 TesSafe; C:\Windows\system32\TesSafe.sys [555064 2019-11-16] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [631200 2019-04-08] (IDRIX -> IDRIX) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Windows -> Microsoft Corporation) S3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31656 2016-04-14] (Hewlett-Packard Company -> HP) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-03 18:31 - 2019-12-03 18:31 - 000000000 ____D C:\Users\HP\Desktop\New folder 2019-12-03 18:20 - 2019-12-03 18:33 - 000041969 _____ C:\Users\HP\Desktop\FRST.txt 2019-12-03 16:10 - 2019-12-03 16:14 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cadence Release 17.2-2016 2019-12-03 16:10 - 2019-12-03 16:10 - 000000000 ____D C:\Users\HP\AppData\Roaming\InstallShield Installation Information 2019-12-02 22:36 - 2019-12-02 22:39 - 000027165 _____ C:\Users\HP\Desktop\Fixlog.txt 2019-12-02 22:36 - 2019-12-02 22:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC 2019-12-02 22:36 - 2019-12-02 22:36 - 000000000 ___HD C:\ProgramData\Documents\AdobeGC 2019-12-02 22:36 - 2019-12-02 22:36 - 000000000 ____D C:\Users\HP\Desktop\FRST-OlderVersion 2019-12-02 18:15 - 2019-12-03 18:32 - 000000000 ____D C:\FRST 2019-12-02 18:14 - 2019-12-02 22:36 - 002263040 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe 2019-12-02 14:36 - 2019-12-02 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orcad Family Release 9.2 2019-12-02 14:36 - 2000-04-19 15:31 - 001046288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet35.dll 2019-12-02 14:36 - 1999-09-23 16:51 - 000978192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VFPODBC.DLL 2019-12-02 14:36 - 1999-09-23 16:49 - 000901120 _____ (Three /D/ Graphics, Inc.) C:\Windows\SysWOW64\sscsdk32.dll 2019-12-02 14:36 - 1999-09-23 16:48 - 000024576 _____ (Smithware, Inc.) C:\Windows\SysWOW64\sbtrvd32.dll 2019-12-02 14:36 - 1999-09-23 16:47 - 000079872 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\s2sqlprs.dll 2019-12-02 14:36 - 1999-09-23 16:47 - 000062976 _____ (Smithware, Inc.) C:\Windows\SysWOW64\s2dtconv.dll 2019-12-02 14:36 - 1999-09-23 16:46 - 000014316 _____ C:\Windows\SysWOW64\rule1.llr 2019-12-02 14:36 - 1999-09-23 16:46 - 000006664 _____ C:\Windows\SysWOW64\rule1.dfa 2019-12-02 14:36 - 1999-09-23 16:45 - 000000796 _____ C:\Windows\SysWOW64\qecr.lic 2019-12-02 14:36 - 1999-09-23 16:44 - 000206848 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2sodbc.dll 2019-12-02 14:36 - 1999-09-23 16:44 - 000189952 _____ (Seagate Software, Inc) C:\Windows\SysWOW64\p2smon.dll 2019-12-02 14:36 - 1999-09-23 16:44 - 000138752 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2sevt.dll 2019-12-02 14:36 - 1999-09-23 16:43 - 000112640 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2irdao.dll 2019-12-02 14:36 - 1999-09-23 16:43 - 000081408 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2ctdao.dll 2019-12-02 14:36 - 1999-09-23 16:42 - 000152576 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2bdao.dll 2019-12-02 14:36 - 1999-09-23 16:42 - 000059392 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2bbnd.dll 2019-12-02 14:36 - 1999-09-23 16:41 - 000251904 _____ C:\Windows\SysWOW64\orant71.dll 2019-12-02 14:36 - 1999-09-23 16:39 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ODBCTL32.DLL 2019-12-02 14:36 - 1999-09-23 16:38 - 000034816 _____ (Oracle Corporation) C:\Windows\SysWOW64\ociw32.dll 2019-12-02 14:36 - 1999-09-23 16:37 - 000274704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntwdblib.dll 2019-12-02 14:36 - 1999-09-23 16:37 - 000178176 _____ (MapInfo) C:\Windows\SysWOW64\mxintl30.dll 2019-12-02 14:36 - 1999-09-23 16:34 - 000965904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjt3032.dll 2019-12-02 14:36 - 1999-09-23 16:34 - 000065536 _____ (MapInfo) C:\Windows\SysWOW64\mitmin30.dll 2019-12-02 14:36 - 1999-09-23 16:33 - 000903168 _____ C:\Windows\SysWOW64\mitmdl30.dll 2019-12-02 14:36 - 1999-09-23 16:33 - 000026624 _____ (MapInfo) C:\Windows\SysWOW64\midlin30.dll 2019-12-02 14:36 - 1999-09-23 16:32 - 000139264 _____ (MapInfo) C:\Windows\SysWOW64\midlg30.dll 2019-12-02 14:36 - 1999-09-23 16:31 - 000736768 _____ (MapInfo) C:\Windows\SysWOW64\mapx30.ocx 2019-12-02 14:36 - 1999-09-23 16:30 - 000085184 _____ C:\Windows\SysWOW64\mapInfow.prj 2019-12-02 14:36 - 1999-09-23 16:30 - 000000451 _____ C:\Windows\SysWOW64\mapx30.lic 2019-12-02 14:36 - 1999-09-23 16:29 - 000019456 _____ C:\Windows\SysWOW64\lfwpg60n.dll 2019-12-02 14:36 - 1999-09-23 16:29 - 000019456 _____ C:\Windows\SysWOW64\lfwmf60n.dll 2019-12-02 14:36 - 1999-09-23 16:28 - 000046080 _____ C:\Windows\SysWOW64\lftif60n.dll 2019-12-02 14:36 - 1999-09-23 16:28 - 000019968 _____ C:\Windows\SysWOW64\lftga60n.dll 2019-12-02 14:36 - 1999-09-23 16:27 - 000110080 _____ C:\Windows\SysWOW64\lfpng60n.dll 2019-12-02 14:36 - 1999-09-23 16:27 - 000020480 _____ C:\Windows\SysWOW64\lfpsd60n.dll 2019-12-02 14:36 - 1999-09-23 16:26 - 000023552 _____ C:\Windows\SysWOW64\lfpcx60n.dll 2019-12-02 14:36 - 1999-09-23 16:26 - 000022528 _____ C:\Windows\SysWOW64\lfpct60n.dll 2019-12-02 14:36 - 1999-09-23 16:25 - 000018432 _____ C:\Windows\SysWOW64\lfmsp60n.dll 2019-12-02 14:36 - 1999-09-23 16:25 - 000017920 _____ C:\Windows\SysWOW64\lfmac60n.dll 2019-12-02 14:36 - 1999-09-23 16:24 - 000176128 _____ C:\Windows\SysWOW64\lffax60n.dll 2019-12-02 14:36 - 1999-09-23 16:24 - 000141824 _____ C:\Windows\SysWOW64\lfcmp60n.dll 2019-12-02 14:36 - 1999-09-23 16:24 - 000022528 _____ C:\Windows\SysWOW64\lfeps60n.dll 2019-12-02 14:36 - 1999-09-23 16:23 - 000022016 _____ C:\Windows\SysWOW64\lfbmp60n.dll 2019-12-02 14:36 - 1999-09-23 16:23 - 000018944 _____ ( ) C:\Windows\SysWOW64\implode.dll 2019-12-02 14:36 - 1999-09-23 16:22 - 000047759 _____ C:\Windows\SysWOW64\foxpro.int 2019-12-02 14:36 - 1999-09-23 16:20 - 000993996 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\crystl32.ocx 2019-12-02 14:36 - 1999-09-23 16:20 - 000060416 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\crxlat32.dll 2019-12-02 14:36 - 1999-09-23 16:19 - 000303616 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crutl13.dll 2019-12-02 14:36 - 1999-09-23 16:19 - 000066560 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\crwrap32.dll 2019-12-02 14:36 - 1999-09-23 16:18 - 000159232 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crsyb13.dll 2019-12-02 14:36 - 1999-09-23 16:18 - 000026135 _____ C:\Windows\SysWOW64\crsyb13.hlp 2019-12-02 14:36 - 1999-09-23 16:17 - 005350912 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\crpe32.dll 2019-12-02 14:36 - 1999-09-23 16:16 - 000229888 _____ (Seagate Software, Information Management Group, Inc.) C:\Windows\SysWOW64\crpaig32.dll 2019-12-02 14:36 - 1999-09-23 16:16 - 000157696 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\cror813.dll 2019-12-02 14:36 - 1999-09-23 16:16 - 000007587 _____ C:\Windows\SysWOW64\crpe32.dep 2019-12-02 14:36 - 1999-09-23 16:15 - 000138752 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\cror713.dll 2019-12-02 14:36 - 1999-09-23 16:15 - 000112640 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crgup13.dll 2019-12-02 14:36 - 1999-09-23 16:14 - 000346112 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crflt13.dll 2019-12-02 14:36 - 1999-09-23 16:14 - 000320000 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crbas13.dll 2019-12-02 14:36 - 1999-09-23 16:14 - 000111616 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crdb213.dll 2019-12-02 14:36 - 1999-09-23 16:13 - 004822528 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\craxdrt.dll 2019-12-02 14:36 - 1999-09-23 16:13 - 000413184 _____ (Seagate Software, Inc) C:\Windows\SysWOW64\cpeaut32.dll 2019-12-02 14:36 - 1999-09-23 16:12 - 000369296 _____ (Seagate Software) C:\Windows\SysWOW64\crviewer.dll 2019-12-02 14:36 - 1999-09-23 16:12 - 000236544 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\c2supprt.dll 2019-12-02 14:35 - 2019-12-02 14:39 - 000000000 ____D C:\Program Files\Orcad 2019-12-02 14:35 - 2019-12-02 14:35 - 000000000 ____D C:\Windows\Crystal 2019-12-02 14:29 - 1999-09-23 16:32 - 000133904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCANS32.DLL 2019-12-02 14:25 - 1998-10-29 17:45 - 000306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe 2019-12-01 16:13 - 2019-12-03 16:03 - 000000000 ____D C:\emu8086 2019-12-01 16:13 - 2019-12-01 16:13 - 000001491 _____ C:\Users\HP\Desktop\emu8086.lnk 2019-12-01 16:13 - 2019-12-01 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\emu8086 2019-11-29 18:33 - 2019-11-30 16:55 - 000004205 _____ C:\Users\HP\AppData\Roaming\LTspiceXVII.ini 2019-11-29 18:30 - 2019-11-30 16:55 - 000000000 ____D C:\Users\HP\Documents\LTspiceXVII 2019-11-29 18:29 - 2019-11-29 18:29 - 000001045 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\LTspice XVII.lnk 2019-11-29 18:29 - 2019-11-29 18:29 - 000001021 _____ C:\Users\HP\Desktop\LTspice XVII.lnk 2019-11-29 18:28 - 2019-11-29 18:28 - 000000000 ____D C:\Program Files\LTC 2019-11-29 18:10 - 2019-11-29 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2019-11-29 18:09 - 2017-01-16 08:26 - 000165504 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys 2019-11-29 18:09 - 2017-01-16 08:26 - 000131712 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys 2019-11-29 17:21 - 2019-11-29 17:48 - 000000068 _____ C:\Users\HP\AppData\Local\uts.ini 2019-11-29 17:21 - 2019-11-29 17:21 - 000000000 ____D C:\Users\HP\AppData\Local\uts 2019-11-29 17:20 - 2019-11-29 19:26 - 000000000 ____D C:\Program Files (x86)\Kingo ROOT 2019-11-29 13:42 - 2019-11-29 13:42 - 000000000 ____D C:\Users\HP\AppData\Roaming\BatteryCare 2019-11-28 09:17 - 2019-11-28 09:17 - 000000000 ____D C:\Users\HP\Documents\Polyspace_Workspace 2019-11-27 21:36 - 2019-11-21 17:45 - 001073872 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2019-11-27 21:36 - 2019-11-21 17:45 - 001073872 _____ C:\Windows\system32\vulkan-1.dll 2019-11-27 21:36 - 2019-11-21 17:45 - 000931536 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2019-11-27 21:36 - 2019-11-21 17:45 - 000931536 _____ C:\Windows\SysWOW64\vulkan-1.dll 2019-11-27 21:36 - 2019-11-21 17:45 - 000848592 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2019-11-27 21:36 - 2019-11-21 17:45 - 000848592 _____ C:\Windows\system32\vulkaninfo.exe 2019-11-27 21:36 - 2019-11-21 17:45 - 000706256 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2019-11-27 21:36 - 2019-11-21 17:45 - 000706256 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2019-11-27 21:36 - 2019-11-21 17:45 - 000450976 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2019-11-27 21:36 - 2019-11-21 17:45 - 000352512 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2019-11-27 21:36 - 2019-11-21 17:44 - 011843184 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2019-11-27 21:36 - 2019-11-21 17:44 - 010167432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 017458840 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 015027776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 005380736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 004716176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 002074712 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001733264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444141.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001567688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001491568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444141.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001482376 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001370256 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001144920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001064408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000813656 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000685800 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000676824 _____ C:\Windows\system32\nvofapi64.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000659088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000556672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000544728 _____ C:\Windows\SysWOW64\nvofapi.dll 2019-11-27 21:36 - 2019-11-21 17:42 - 040511064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2019-11-27 21:36 - 2019-11-21 17:42 - 035380336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2019-11-27 20:51 - 2019-11-27 20:51 - 000004524 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2019-11-27 20:51 - 2019-11-27 20:51 - 000004370 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2019-11-26 13:09 - 2019-12-03 16:15 - 000063202 _____ C:\Program Files\Uninstall.exe 2019-11-26 13:09 - 2019-12-02 14:36 - 000000261 _____ C:\Windows\ODBC.INI 2019-11-26 13:09 - 2019-11-26 13:09 - 000000191 _____ C:\Windows\ODBCINST.INI 2019-11-26 13:09 - 2019-11-26 13:09 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SQLite ODBC Driver for Win64 2019-11-26 13:09 - 2014-09-20 18:00 - 000150528 _____ C:\Windows\system32\sqlite3_mod_fts3.dll 2019-11-26 13:09 - 2014-09-20 18:00 - 000062464 _____ C:\Windows\system32\sqlite3_mod_rtree.dll 2019-11-26 13:09 - 2014-09-20 18:00 - 000059904 _____ C:\Windows\system32\sqlite3_mod_extfunc.dll 2019-11-26 13:09 - 2014-09-20 17:59 - 000858624 _____ (Christian Werner Software & Consulting) C:\Windows\system32\sqlite3odbc.dll 2019-11-26 13:09 - 2014-09-20 17:59 - 000101376 _____ C:\Windows\system32\sqlite3_mod_zipfile.dll 2019-11-26 13:09 - 2014-09-20 17:59 - 000078848 _____ (Christian Werner Software & Consulting) C:\Windows\system32\sqlite3_mod_blobtoxy.dll 2019-11-26 13:09 - 2014-09-20 17:59 - 000062464 _____ C:\Windows\system32\sqlite3_mod_csvtable.dll 2019-11-26 13:09 - 2014-09-20 17:59 - 000057344 _____ C:\Windows\system32\sqlite3_mod_impexp.dll 2019-11-26 13:03 - 2019-11-27 08:16 - 000000000 ____D C:\Users\HP\AppData\Roaming\SPB_Data 2019-11-26 13:03 - 2019-11-26 13:03 - 000000000 ____D C:\Cadence 2019-11-23 08:07 - 2019-11-23 08:07 - 000000000 ____D C:\Users\HP\AppData\Roaming\Cadence 2019-11-19 21:58 - 2019-11-19 21:58 - 000000123 _____ C:\Users\Public\Desktop\netcut.url 2019-11-19 21:58 - 2019-11-19 21:58 - 000000123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netcut.url 2019-11-19 21:58 - 2019-11-19 21:58 - 000000123 _____ C:\ProgramData\Desktop\netcut.url 2019-11-19 21:58 - 2019-11-19 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netcut 2019-11-12 21:32 - 2019-11-08 12:06 - 001734256 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444120.dll 2019-11-12 21:32 - 2019-11-08 12:06 - 001492696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444120.dll 2019-11-09 14:52 - 2019-11-09 14:52 - 000000000 ____D C:\Users\HP\Documents\Rockstar Games 2019-11-09 14:52 - 2019-11-09 14:52 - 000000000 ____D C:\Users\HP\AppData\Local\Rockstar Games 2019-11-09 14:52 - 2019-11-09 14:52 - 000000000 ____D C:\ProgramData\Steam 2019-11-09 14:52 - 2019-11-09 14:52 - 000000000 ____D C:\ProgramData\Socialclub 2019-11-09 09:31 - 2019-11-09 09:31 - 000000589 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk 2019-11-09 09:31 - 2019-11-09 09:31 - 000000589 _____ C:\ProgramData\Desktop\Grand Theft Auto V.lnk 2019-11-08 10:15 - 2019-11-08 10:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2019-11-08 10:15 - 2019-11-08 10:15 - 000000000 ____D C:\Program Files\7-Zip 2019-11-07 13:30 - 2019-11-28 10:34 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-11-07 12:06 - 2019-11-07 12:06 - 000000000 ___HD C:\$Windows.~WS 2019-11-06 17:25 - 2019-11-07 12:51 - 000000000 ____D C:\ESD 2019-11-06 11:14 - 2004-01-21 16:49 - 000389120 _____ (WinMain Software (hxxp://www.winmain.com)) C:\Windows\SysWOW64\cmax20.ocx 2019-11-05 07:43 - 2019-11-21 21:42 - 004205568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2019-11-05 07:43 - 2019-10-25 11:41 - 001733464 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444112.dll 2019-11-05 07:43 - 2019-10-25 11:41 - 001491472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444112.dll ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-03 18:29 - 2017-11-02 20:13 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps 2019-12-03 18:18 - 2017-07-16 14:45 - 000000000 ____D C:\ProgramData\NVIDIA 2019-12-03 18:17 - 2018-12-01 11:48 - 000004156 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{8F1323CB-21BB-4BB5-977B-9C0A543A6848} 2019-12-03 18:14 - 2017-07-16 14:39 - 000000000 __SHD C:\Users\HP\IntelGraphicsProfiles 2019-12-03 16:02 - 2019-05-11 15:33 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update 2019-12-03 10:00 - 2017-07-16 14:30 - 000000000 ____D C:\Users\HP 2019-12-02 22:40 - 2017-12-15 19:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-12-02 22:40 - 2017-07-16 14:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-12-02 22:39 - 2016-07-16 08:04 - 001048576 _____ C:\Windows\system32\config\BBI 2019-12-02 22:37 - 2017-11-06 11:25 - 000000000 ____D C:\Windows\system32\Tasks\TVT 2019-12-02 22:36 - 2017-11-03 00:07 - 000000000 ____D C:\Windows\system32\Tasks\R@1n-KMS 2019-12-02 18:38 - 2017-11-02 22:57 - 000000000 ____D C:\Users\HP\AppData\Local\ElevatedDiagnostics 2019-12-02 18:14 - 2017-11-02 23:52 - 000000000 ____D C:\Users\HP\AppData\Roaming\DMCache 2019-12-02 14:15 - 2019-05-11 15:33 - 000000000 ____D C:\Program Files\CCleaner 2019-12-02 14:02 - 2019-04-28 14:06 - 000000000 ____D C:\Users\HP\Documents\MATLAB 2019-12-02 13:59 - 2017-07-16 14:21 - 000000000 ____D C:\Windows\system32\SleepStudy 2019-12-01 19:34 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\NDF 2019-11-29 22:39 - 2019-10-09 10:08 - 000000000 ____D C:\ADS2009 2019-11-29 20:11 - 2019-09-08 16:30 - 000000000 ____D C:\Users\HP\AppData\Local\Spotify 2019-11-29 20:02 - 2019-09-08 16:26 - 000000000 ____D C:\Users\HP\AppData\Roaming\Spotify 2019-11-29 18:28 - 2019-05-01 12:58 - 000000000 ____D C:\Users\HP\AppData\Roaming\Samsung 2019-11-29 18:28 - 2019-05-01 12:58 - 000000000 ____D C:\Program Files (x86)\Samsung 2019-11-29 18:28 - 2017-12-05 14:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2019-11-29 18:17 - 2019-05-01 13:06 - 000000000 ____D C:\Users\HP\AppData\Local\Samsung 2019-11-29 18:15 - 2019-05-01 12:58 - 000000000 ____D C:\ProgramData\Samsung 2019-11-29 18:13 - 2019-05-01 13:00 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log 2019-11-29 18:13 - 2019-05-01 13:00 - 000000000 ____D C:\ProgramData\Documents\NativeFus_Log 2019-11-29 18:09 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF 2019-11-29 17:59 - 2019-04-09 23:32 - 000000000 ____D C:\Users\HP\Documents\Wondershare Filmora 9 2019-11-29 17:22 - 2019-03-17 21:24 - 000000000 ____D C:\Users\HP\.android 2019-11-29 16:52 - 2019-05-11 15:33 - 000000000 ____D C:\Program Files\Recuva 2019-11-29 16:45 - 2019-08-02 22:47 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Mozilla 2019-11-29 15:15 - 2019-10-01 07:22 - 000002334 _____ C:\Users\HP\Desktop\Any.do.lnk 2019-11-29 13:39 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness 2019-11-29 13:30 - 2017-07-16 14:31 - 000000000 ____D C:\Users\HP\AppData\Local\Packages 2019-11-29 13:27 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps 2019-11-28 10:34 - 2019-08-02 22:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-11-27 22:16 - 2019-09-05 17:43 - 000000000 ____D C:\Users\HP\AppData\Local\NVIDIA 2019-11-27 20:52 - 2017-11-07 15:01 - 000000000 ____D C:\Users\HP\AppData\Local\Adobe 2019-11-27 20:51 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-11-27 20:51 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\Macromed 2019-11-27 20:46 - 2019-08-02 22:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-11-23 09:25 - 2019-02-23 21:10 - 000000000 ____D C:\Users\HP\AppData\Local\Eclipse 2019-11-22 16:29 - 2017-07-16 14:31 - 000000000 ____D C:\Users\HP\AppData\Local\VirtualStore 2019-11-22 08:28 - 2017-07-16 14:38 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-11-22 08:28 - 2017-07-16 14:35 - 001718314 _____ C:\Windows\system32\PerfStringBackup.INI 2019-11-22 08:26 - 2018-07-06 18:16 - 000000000 ____D C:\Program Files (x86)\arcai.com 2019-11-21 21:42 - 2019-09-05 17:50 - 004937584 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2019-11-21 10:27 - 2017-07-16 14:43 - 000000000 ____D C:\ProgramData\Package Cache 2019-11-21 10:26 - 2019-10-18 11:30 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2019-11-21 02:56 - 2019-09-05 17:50 - 000056258 _____ C:\Windows\system32\nvinfo.pb 2019-11-21 00:44 - 2019-09-05 17:54 - 005549368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 002652168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 001767448 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 000668200 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 000454968 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 000152048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 000130584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 000082784 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2019-11-20 19:54 - 2019-09-05 17:54 - 008785212 _____ C:\Windows\system32\nvcoproc.bin 2019-11-16 22:14 - 2019-10-19 20:30 - 000000000 ____D C:\Program Files\txgameassistant 2019-11-16 21:04 - 2017-07-16 14:39 - 000000000 ____D C:\Program Files (x86)\Intel 2019-11-16 20:54 - 2019-09-08 22:02 - 000555064 _____ (TENCENT) C:\Windows\system32\TesSafe.sys 2019-11-13 21:24 - 2019-05-19 12:38 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-11-09 14:51 - 2017-12-04 17:04 - 000000000 ____D C:\Windows\SysWOW64\directx 2019-11-07 12:51 - 2017-07-17 00:20 - 000000000 ____D C:\Windows\Panther 2019-11-06 17:28 - 2019-07-24 12:30 - 000000400 __RSH C:\ProgramData\ntuser.pol 2019-11-06 11:12 - 2017-11-02 23:53 - 000000000 ____D C:\Users\HP\AppData\Roaming\IDM 2019-11-06 10:56 - 2019-03-27 17:34 - 000002937 _____ C:\Users\HP\.octave_hist 2019-11-05 23:01 - 2019-10-09 19:59 - 000000000 ____D C:\Users\HP\AppData\Roaming\Psiphon3 2019-11-05 07:14 - 2019-09-05 17:43 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:14 - 2019-09-05 17:43 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:14 - 2017-07-16 14:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2019-11-05 07:14 - 2017-07-16 14:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2019-11-05 07:13 - 2019-09-05 17:43 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2017-07-16 14:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2019-11-05 07:08 - 2018-12-19 21:25 - 000000000 ____D C:\Users\HP\Downloads\Intel Driver and Support Assistant 2019-11-05 06:58 - 2017-11-02 23:52 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager 2019-11-05 06:57 - 2017-07-16 14:38 - 000003420 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2019-11-05 06:57 - 2017-07-16 14:38 - 000003296 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2019-11-05 06:57 - 2017-07-16 14:38 - 000000000 ____D C:\Program Files (x86)\Google 2019-11-05 06:56 - 2018-01-19 15:32 - 000149944 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys 2019-11-05 06:56 - 2018-01-19 15:32 - 000114136 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys 2019-11-05 06:56 - 2018-01-19 15:31 - 000189512 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys 2019-11-05 06:56 - 2018-01-19 15:31 - 000103264 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys 2019-11-05 06:56 - 2018-01-19 15:31 - 000077184 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys 2019-11-05 06:56 - 2018-01-19 15:31 - 000050712 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys ==================== Files in the root of some directories ======== 2014-09-20 17:59 - 2014-09-20 17:59 - 000070656 _____ (Christian Werner Software & Consulting) C:\Program Files\adddsn.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000070656 _____ (Christian Werner Software & Consulting) C:\Program Files\addsysdsn.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000073216 _____ (Christian Werner Software & Consulting) C:\Program Files\inst.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000073216 _____ (Christian Werner Software & Consulting) C:\Program Files\instq.exe 2004-11-13 08:12 - 2004-11-13 08:12 - 000001456 _____ () C:\Program Files\license.terms 2014-09-20 18:00 - 2014-09-20 18:00 - 000001482 _____ () C:\Program Files\license.txt 2014-09-20 17:34 - 2014-09-20 17:34 - 000011410 _____ () C:\Program Files\README 2014-09-20 17:34 - 2014-09-20 17:34 - 000011410 _____ () C:\Program Files\readme.txt 2014-09-20 17:59 - 2014-09-20 17:59 - 000070656 _____ (Christian Werner Software & Consulting) C:\Program Files\remdsn.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000070656 _____ (Christian Werner Software & Consulting) C:\Program Files\remsysdsn.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000067584 _____ () C:\Program Files\sqlite3.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000858624 _____ (Christian Werner Software & Consulting) C:\Program Files\sqlite3odbc.dll 2014-09-20 18:00 - 2014-09-20 18:00 - 000852992 _____ (Christian Werner Software & Consulting) C:\Program Files\sqlite3odbcnw.dll 2014-09-20 17:59 - 2014-09-20 17:59 - 000078848 _____ (Christian Werner Software & Consulting) C:\Program Files\sqlite3_mod_blobtoxy.dll 2014-09-20 17:59 - 2014-09-20 17:59 - 000062464 _____ () C:\Program Files\sqlite3_mod_csvtable.dll 2014-09-20 18:00 - 2014-09-20 18:00 - 000059904 _____ () C:\Program Files\sqlite3_mod_extfunc.dll 2014-09-20 18:00 - 2014-09-20 18:00 - 000150528 _____ () C:\Program Files\sqlite3_mod_fts3.dll 2014-09-20 17:59 - 2014-09-20 17:59 - 000057344 _____ () C:\Program Files\sqlite3_mod_impexp.dll 2014-09-20 18:00 - 2014-09-20 18:00 - 000062464 _____ () C:\Program Files\sqlite3_mod_rtree.dll 2014-09-20 17:59 - 2014-09-20 17:59 - 000101376 _____ () C:\Program Files\sqlite3_mod_zipfile.dll 2014-09-20 17:59 - 2014-09-20 17:59 - 000073216 _____ (Christian Werner Software & Consulting) C:\Program Files\uninst.exe 2019-11-26 13:09 - 2019-12-03 16:15 - 000063202 _____ () C:\Program Files\Uninstall.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000073216 _____ (Christian Werner Software & Consulting) C:\Program Files\uninstq.exe 2019-11-29 18:33 - 2019-11-30 16:55 - 000004205 _____ () C:\Users\HP\AppData\Roaming\LTspiceXVII.ini 2018-09-29 19:56 - 2018-09-29 19:56 - 000000000 _____ () C:\Users\HP\AppData\Local\oobelibMkey.log 2019-11-29 17:21 - 2019-11-29 17:48 - 000000068 _____ () C:\Users\HP\AppData\Local\uts.ini 2019-03-17 20:54 - 2019-03-19 20:11 - 000017408 _____ () C:\Users\HP\AppData\Local\WebpageIcons.db ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-11-30 09:21 ==================== End of FRST.txt ========================
- December 3, 2019
- 18 replies
Remove kms virus

Mostafa_ahmed replied to Mostafa_ahmed's topic in Resolved Malware Removal Logs

hi chrome is synced with my two mobiles and another pc which is mine too here are the new logs the additionn.txt is attached and this is the frst.txt ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-11-30 09:21 ==================== End of FRST.txt ======================== Addition.txt
- December 3, 2019
- 18 replies
Remove kms virus

Mostafa_ahmed replied to Mostafa_ahmed's topic in Resolved Malware Removal Logs

it still tell me that my windows is activated
- December 2, 2019
- 18 replies
Remove kms virus

Mostafa_ahmed replied to Mostafa_ahmed's topic in Resolved Malware Removal Logs

here you are where now to type my key ? Fixlog.txt
- December 2, 2019
- 18 replies
Remove kms virus

Mostafa_ahmed replied to Mostafa_ahmed's topic in Resolved Malware Removal Logs

hi, this is the frst.txt and i've attached the addition.txt as well thank you in advanceAddition.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-12-2019 Ran by HP (administrator) on MOSTAFA-NADA (LENOVO 80YL) (02-12-2019 18:15:53) Running from C:\Users\HP\Desktop Loaded Profiles: HP (Available Profiles: defaultuser0 & HP) Platform: Windows 10 Enterprise Version 1607 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\arcai.com\netcut_windows.exe () [File not signed] C:\Windows\KMS-R@1n.exe () [File not signed] C:\Windows\KMS-R@1nHook.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Arcai.com) [File not signed] C:\Program Files (x86)\arcai.com\aips.exe (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (Filipe Lourenço) [File not signed] F:\programs\BatteryCarePortable\BatteryCare.exe (Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_90f68cd0dc48b625\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\HP\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe (Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) C:\Program Files\txgameassistant\AppMarket\QMEmulatorService.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180736 2019-11-05] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2017-10-12] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-03-07] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [139624 2019-11-14] (IDSA Production signing key -> Intel) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3115792 2019-10-15] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7117464 2018-05-02] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\Run: [BatteryCare] => F:\programs\BatteryCarePortable\BatteryCare.exe [821760 2019-11-10] (Filipe Lourenço) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-22] (Google LLC -> Google LLC) IFEO\LogTransport2.exe: [Debugger] 0 IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe GroupPolicy: Restriction ? <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {035E45A6-6078-45E6-8A57-9F63EE976437} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {0A8F442D-7CB9-4BCF-9B94-8854FF483343} - System32\Tasks\R@1n-KMS\Windows64Enterprise => wmic path SoftwareLicensingProduct where (ID="73111121-5638-40f6-bc11-f1d7b0d64300") call Activate Task: {0BA58EBC-FC75-4B9D-88CD-A37551545A25} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {131C166C-01AD-4D0B-843C-625E5352BB64} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2503008315-2274245127-1317639094-1003 => C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61} Task: {17C62FB3-5E2F-4482-A179-9339638A0BF0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61} Task: {2E40F828-39B6-4B50-A84A-2779FBBB7982} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {35888797-850F-4D8A-B76E-E68ECBDEB900} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {3683F125-080C-4BD2-96FD-22B59171D288} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {36DFDCDA-D056-466F-8AAF-1FD0C8BDCF9A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4AB36953-D46C-483B-94BE-873DC9318CCB} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {4C191BF6-F9F7-4AAA-9722-C338976F7229} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {4C5BC642-EAB0-4BE1-8F7C-095C4124676F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation) Task: {51A7EC66-E52B-46F0-8CB2-D5E0005A1ACD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {51A94E46-BEB3-4C13-80CA-BB019F5DB953} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {53B28AEE-937F-4020-826A-6B5974C73DAB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {59B87804-A7FF-43AC-AB90-EFA8453BA2DE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {5DB065DF-74BC-4166-85A4-288C33D9097B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {60AD0DC7-FA6F-4C50-B094-4C1A986FC60F} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-mostafa.terios@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {6331461E-B08D-44F4-8D5C-4C7748055EAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-16] (Google Inc -> Google Inc.) Task: {64FFAA65-C452-4F43-A3FC-1C1FC314C8DE} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6787EA6F-6BDD-49E9-AA25-765445BBF6F4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {69ECD425-3D29-4EEB-95F5-26224E96596F} - System32\Tasks\{50503296-8FE5-4562-85CA-16BC549305CE} => C:\Windows\system32\pcalua.exe -a "F:\Games\FIFA 18\FIFASetup\fifaconfig.exe" -d "F:\Games\FIFA 18\FIFASetup\" Task: {820A983A-3308-4E21-BADF-22923EE3E77D} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {8707DB6A-D7A5-471C-AEA9-CF36A735DDA3} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe Task: {88B54878-38FA-45A7-80A3-EAAC399A665B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c9509f32-a625-40a4-bf33-b768020422ad => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) Task: {898E12C0-5C9E-42DF-B165-A4DAFB814DDF} - System32\Tasks\R@1n-KMS\Office14ProPlus => wmic path OfficeSoftwareProtectionProduct where (ID="6f327760-8c5c-417c-9b61-836a98287e0c") call Activate Task: {8D85B517-1E95-4F2E-887E-2A4B7AEFEFAE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-27] (Adobe Inc. -> Adobe) Task: {8E4EBFF5-17BA-4F74-9CCE-4135378259D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-27] (Adobe Inc. -> Adobe) Task: {93BCA715-4DF2-4C17-9600-BB648A67FB88} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation) Task: {A8512343-9FD5-4041-9CD2-1B261F8D4221} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {AD364C51-54CB-42E5-8C16-39C01F06909C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AFDE2CA8-892C-4098-8260-FF6784C11100} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2503008315-2274245127-1317639094-1001 => C:\Users\HP\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [116008 2019-09-12] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {B23E7C40-D6CE-4C95-9B26-F1C1B3D8BD75} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-08-01] (Lenovo -> ) Task: {BF441DE1-03CE-4C69-855A-719CC851CB13} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C3AA1C8E-64F9-4E15-B159-86E8D3FB21AE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d251d881-2279-49af-a163-a46fb5dc1e16 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) Task: {C9A2A21C-F5FC-456A-A949-011D81CA7843} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D2D0CDED-B00A-468F-8034-A61B4BCD74A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-16] (Google Inc -> Google Inc.) Task: {D5CBD4E0-435A-4CBA-A97A-F3F67B9DEE69} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-08-01] (Lenovo -> ) Task: {E2FF421C-6972-4294-BBF8-75E9CB74D3DD} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E3F00B5F-5E29-44F1-AAB5-959A4DB7DA1C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {E4896DC4-27BE-46BF-99BB-14F2173F3FB8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EEA11AE2-2E36-401A-85A1-FBB532C73088} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation) Task: {F1CF30D4-E419-45D1-9FD3-C9FF7D5B7E6E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [54144 2019-09-23] (Lenovo -> Lenovo Group Ltd.) Task: {F5F6B48C-7147-4F60-932B-949B994588E9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6d172892-6112-4f71-919c-5c5578ab9cf1 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{3b4a9f47-0b93-42b6-bbbd-1ba74c6c69e0}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-eg/?ocid=iehp BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-10-18] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-10-18] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== DownloadDir: C:\Users\HP\Downloads FireFox: ======== FF DefaultProfile: n9xx1eyh.default FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\n9xx1eyh.default [2019-08-03] FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\g5sr2vxj.default-release [2019-12-02] FF HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2019-09-19] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json] FF HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\HP\AppData\Roaming\IDM\idmmzcc5 [2017-11-02] [Legacy] [not signed] FF HKU\S-1-5-21-2503008315-2274245127-1317639094-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-27] (Adobe Inc. -> ) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-27] (Adobe Inc. -> ) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-16] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR StartupUrls: Default -> "hxxp://ar.hao123.com/?tn=epom_pay_hp_02_hao123_ar" CHR NewTab: Default -> Active:"chrome-extension://akgkjeeanidoelhjgmoimmnolgfmdkpp/start/index.html" CHR Notifications: Default -> hxxps://myegy.io; hxxps://tomato-timer.com; hxxps://web.whatsapp.com; hxxps://www.facebook.com CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2019-12-02] CHR DownloadDir: F:\Intranet CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghbiahbpaijignceidepookljebhfak [2019-09-27] CHR Extension: (Superman Wallpapers HD 'Man of Steel' New Tab) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\akgkjeeanidoelhjgmoimmnolgfmdkpp [2019-09-13] CHR Extension: (Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-02] CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-02] CHR Extension: (AdGuard AdBlocker) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2019-11-21] CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-02] CHR Extension: (Tanki Online) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo [2017-11-02] CHR Extension: (Adobe Acrobat) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-01] CHR Extension: (Full Page Screen Capture) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2019-11-27] CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (KIXEYE Flash Game Enabler) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\hffmfihlnmlgjniohpolledajiiiegfl [2019-11-06] CHR Extension: (Grammarly for Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-11-29] CHR Extension: (IDM Integration Module) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-08-26] CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15] CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-10-25] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-10-25] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) R2 AIPS; C:\Program Files (x86)\arcai.com\aips.exe [2677760 2018-05-11] (Arcai.com) [File not signed] R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [37736 2019-11-14] (IDSA Production signing key -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [142696 2019-11-14] (IDSA Production signing key -> Intel) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2243136 2019-11-05] (ESET, spol. s r.o. -> ESET) S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel(R) Software Development Products -> ) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144600 2017-10-22] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) R2 fpCsEvtSvc; C:\Windows\system32\fpCSEvtSvc.exe [13824 2015-04-28] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [172784 2016-05-23] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation) S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-11-03] () [File not signed] S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2348336 2019-10-15] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3228976 2019-10-15] (Electronic Arts, Inc. -> Electronic Arts) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed] R2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [148840 2019-10-17] (Tencent Technology(Shenzhen) Company Limited -> Tencent) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 RtkBtManServ; C:\Windows\RtkBtManServ.exe [687560 2018-06-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [252008 2016-03-03] (Synaptics Incorporated -> Synaptics Incorporated) R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [195832 2018-12-19] (Intel(R) Software Development Products -> ) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH -> TeamViewer GmbH) S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] (Intel(R) Software Development Products -> ) S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [76296 2015-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare) S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare Technology Co.,Ltd -> Wondershare) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [53424 2015-07-11] (Hewlett-Packard Company -> Hewlett-Packard) R2 aow_drv; C:\Program Files\TxGameAssistant\UI\2.0.12963.123\aow_drv_x64_ev.sys [863616 2019-10-18] (Tencent Technology (Shenzhen) Company Limited -> Tencent) S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider) S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-09-04] (Bluestack Systems, Inc. -> Bluestack System Inc. ) S3 clwvd8; C:\Windows\system32\DRIVERS\clwvd8.sys [61056 2018-08-23] (CyberLink Corp. -> CyberLink Corporation) R3 cpuz143; C:\Users\HP\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2019-12-01] (CPUID -> CPUID) <==== ATTENTION S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-05] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [103264 2019-11-05] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-05] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50712 2019-11-05] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [77184 2019-11-05] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [114136 2019-11-05] (ESET, spol. s r.o. -> ESET) R3 ETDHCF; C:\Windows\System32\drivers\ETDHCF.sys [29256 2017-10-22] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [40624 2015-07-11] (Hewlett-Packard Company -> Hewlett-Packard) S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [30752 2016-01-06] (Hewlett-Packard Company -> Hewlett Packard) R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98976 2017-09-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1094000 2019-03-07] (Intel(R) Rapid Storage Technology -> Intel Corporation) S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> ) S3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7231248 2016-06-17] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_e087c6d3d3ba2d69\nvlddmkm.sys [22744688 2019-11-21] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1010648 2017-12-13] (Realtek Semiconductor Corp. -> Realtek ) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [758208 2018-06-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [777944 2016-05-25] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation) S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [428024 2017-03-12] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3224576 2016-12-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [8139600 2018-03-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation ) S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-12-19] (Intel Corporation -> ) S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42600 2015-10-25] (Synaptics Incorporated -> Synaptics Incorporated) S3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv64.sys [760832 2016-03-10] (Sunplus Innovation Technology Inc. -> Sunplus) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project) S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [442128 2019-10-19] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 TesSafe; C:\Windows\system32\TesSafe.sys [555064 2019-11-16] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [631200 2019-04-08] (IDRIX -> IDRIX) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Windows -> Microsoft Corporation) S3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31656 2016-04-14] (Hewlett-Packard Company -> HP) U3 SwitchBoard; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-02 18:15 - 2019-12-02 18:17 - 000043255 _____ C:\Users\HP\Desktop\FRST.txt 2019-12-02 18:15 - 2019-12-02 18:16 - 000000000 ____D C:\FRST 2019-12-02 18:14 - 2019-12-02 18:14 - 002262528 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe 2019-12-02 14:36 - 2019-12-02 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orcad Family Release 9.2 2019-12-02 14:36 - 2000-04-19 15:31 - 001046288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet35.dll 2019-12-02 14:36 - 1999-09-23 16:51 - 000978192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VFPODBC.DLL 2019-12-02 14:36 - 1999-09-23 16:49 - 000901120 _____ (Three /D/ Graphics, Inc.) C:\Windows\SysWOW64\sscsdk32.dll 2019-12-02 14:36 - 1999-09-23 16:48 - 000024576 _____ (Smithware, Inc.) C:\Windows\SysWOW64\sbtrvd32.dll 2019-12-02 14:36 - 1999-09-23 16:47 - 000079872 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\s2sqlprs.dll 2019-12-02 14:36 - 1999-09-23 16:47 - 000062976 _____ (Smithware, Inc.) C:\Windows\SysWOW64\s2dtconv.dll 2019-12-02 14:36 - 1999-09-23 16:46 - 000014316 _____ C:\Windows\SysWOW64\rule1.llr 2019-12-02 14:36 - 1999-09-23 16:46 - 000006664 _____ C:\Windows\SysWOW64\rule1.dfa 2019-12-02 14:36 - 1999-09-23 16:45 - 000000796 _____ C:\Windows\SysWOW64\qecr.lic 2019-12-02 14:36 - 1999-09-23 16:44 - 000206848 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2sodbc.dll 2019-12-02 14:36 - 1999-09-23 16:44 - 000189952 _____ (Seagate Software, Inc) C:\Windows\SysWOW64\p2smon.dll 2019-12-02 14:36 - 1999-09-23 16:44 - 000138752 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2sevt.dll 2019-12-02 14:36 - 1999-09-23 16:43 - 000112640 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2irdao.dll 2019-12-02 14:36 - 1999-09-23 16:43 - 000081408 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2ctdao.dll 2019-12-02 14:36 - 1999-09-23 16:42 - 000152576 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2bdao.dll 2019-12-02 14:36 - 1999-09-23 16:42 - 000059392 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\p2bbnd.dll 2019-12-02 14:36 - 1999-09-23 16:41 - 000251904 _____ C:\Windows\SysWOW64\orant71.dll 2019-12-02 14:36 - 1999-09-23 16:39 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ODBCTL32.DLL 2019-12-02 14:36 - 1999-09-23 16:38 - 000034816 _____ (Oracle Corporation) C:\Windows\SysWOW64\ociw32.dll 2019-12-02 14:36 - 1999-09-23 16:37 - 000274704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntwdblib.dll 2019-12-02 14:36 - 1999-09-23 16:37 - 000178176 _____ (MapInfo) C:\Windows\SysWOW64\mxintl30.dll 2019-12-02 14:36 - 1999-09-23 16:34 - 000965904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjt3032.dll 2019-12-02 14:36 - 1999-09-23 16:34 - 000065536 _____ (MapInfo) C:\Windows\SysWOW64\mitmin30.dll 2019-12-02 14:36 - 1999-09-23 16:33 - 000903168 _____ C:\Windows\SysWOW64\mitmdl30.dll 2019-12-02 14:36 - 1999-09-23 16:33 - 000026624 _____ (MapInfo) C:\Windows\SysWOW64\midlin30.dll 2019-12-02 14:36 - 1999-09-23 16:32 - 000139264 _____ (MapInfo) C:\Windows\SysWOW64\midlg30.dll 2019-12-02 14:36 - 1999-09-23 16:31 - 000736768 _____ (MapInfo) C:\Windows\SysWOW64\mapx30.ocx 2019-12-02 14:36 - 1999-09-23 16:30 - 000085184 _____ C:\Windows\SysWOW64\mapInfow.prj 2019-12-02 14:36 - 1999-09-23 16:30 - 000000451 _____ C:\Windows\SysWOW64\mapx30.lic 2019-12-02 14:36 - 1999-09-23 16:29 - 000019456 _____ C:\Windows\SysWOW64\lfwpg60n.dll 2019-12-02 14:36 - 1999-09-23 16:29 - 000019456 _____ C:\Windows\SysWOW64\lfwmf60n.dll 2019-12-02 14:36 - 1999-09-23 16:28 - 000046080 _____ C:\Windows\SysWOW64\lftif60n.dll 2019-12-02 14:36 - 1999-09-23 16:28 - 000019968 _____ C:\Windows\SysWOW64\lftga60n.dll 2019-12-02 14:36 - 1999-09-23 16:27 - 000110080 _____ C:\Windows\SysWOW64\lfpng60n.dll 2019-12-02 14:36 - 1999-09-23 16:27 - 000020480 _____ C:\Windows\SysWOW64\lfpsd60n.dll 2019-12-02 14:36 - 1999-09-23 16:26 - 000023552 _____ C:\Windows\SysWOW64\lfpcx60n.dll 2019-12-02 14:36 - 1999-09-23 16:26 - 000022528 _____ C:\Windows\SysWOW64\lfpct60n.dll 2019-12-02 14:36 - 1999-09-23 16:25 - 000018432 _____ C:\Windows\SysWOW64\lfmsp60n.dll 2019-12-02 14:36 - 1999-09-23 16:25 - 000017920 _____ C:\Windows\SysWOW64\lfmac60n.dll 2019-12-02 14:36 - 1999-09-23 16:24 - 000176128 _____ C:\Windows\SysWOW64\lffax60n.dll 2019-12-02 14:36 - 1999-09-23 16:24 - 000141824 _____ C:\Windows\SysWOW64\lfcmp60n.dll 2019-12-02 14:36 - 1999-09-23 16:24 - 000022528 _____ C:\Windows\SysWOW64\lfeps60n.dll 2019-12-02 14:36 - 1999-09-23 16:23 - 000022016 _____ C:\Windows\SysWOW64\lfbmp60n.dll 2019-12-02 14:36 - 1999-09-23 16:23 - 000018944 _____ ( ) C:\Windows\SysWOW64\implode.dll 2019-12-02 14:36 - 1999-09-23 16:22 - 000047759 _____ C:\Windows\SysWOW64\foxpro.int 2019-12-02 14:36 - 1999-09-23 16:20 - 000993996 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\crystl32.ocx 2019-12-02 14:36 - 1999-09-23 16:20 - 000060416 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\crxlat32.dll 2019-12-02 14:36 - 1999-09-23 16:19 - 000303616 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crutl13.dll 2019-12-02 14:36 - 1999-09-23 16:19 - 000066560 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\crwrap32.dll 2019-12-02 14:36 - 1999-09-23 16:18 - 000159232 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crsyb13.dll 2019-12-02 14:36 - 1999-09-23 16:18 - 000026135 _____ C:\Windows\SysWOW64\crsyb13.hlp 2019-12-02 14:36 - 1999-09-23 16:17 - 005350912 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\crpe32.dll 2019-12-02 14:36 - 1999-09-23 16:16 - 000229888 _____ (Seagate Software, Information Management Group, Inc.) C:\Windows\SysWOW64\crpaig32.dll 2019-12-02 14:36 - 1999-09-23 16:16 - 000157696 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\cror813.dll 2019-12-02 14:36 - 1999-09-23 16:16 - 000007587 _____ C:\Windows\SysWOW64\crpe32.dep 2019-12-02 14:36 - 1999-09-23 16:15 - 000138752 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\cror713.dll 2019-12-02 14:36 - 1999-09-23 16:15 - 000112640 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crgup13.dll 2019-12-02 14:36 - 1999-09-23 16:14 - 000346112 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crflt13.dll 2019-12-02 14:36 - 1999-09-23 16:14 - 000320000 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crbas13.dll 2019-12-02 14:36 - 1999-09-23 16:14 - 000111616 _____ (INTERSOLV, Inc.) C:\Windows\SysWOW64\crdb213.dll 2019-12-02 14:36 - 1999-09-23 16:13 - 004822528 _____ (Seagate Software, Inc.) C:\Windows\SysWOW64\craxdrt.dll 2019-12-02 14:36 - 1999-09-23 16:13 - 000413184 _____ (Seagate Software, Inc) C:\Windows\SysWOW64\cpeaut32.dll 2019-12-02 14:36 - 1999-09-23 16:12 - 000369296 _____ (Seagate Software) C:\Windows\SysWOW64\crviewer.dll 2019-12-02 14:36 - 1999-09-23 16:12 - 000236544 _____ (Seagate Software Information Management Group, Inc.) C:\Windows\SysWOW64\c2supprt.dll 2019-12-02 14:35 - 2019-12-02 14:39 - 000000000 ____D C:\Program Files\Orcad 2019-12-02 14:35 - 2019-12-02 14:35 - 000000000 ____D C:\Windows\Crystal 2019-12-02 14:29 - 1999-09-23 16:32 - 000133904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCANS32.DLL 2019-12-02 14:25 - 1998-10-29 17:45 - 000306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe 2019-12-01 16:13 - 2019-12-02 13:02 - 000000000 ____D C:\emu8086 2019-12-01 16:13 - 2019-12-01 16:13 - 000001491 _____ C:\Users\HP\Desktop\emu8086.lnk 2019-12-01 16:13 - 2019-12-01 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\emu8086 2019-11-29 18:33 - 2019-11-30 16:55 - 000004205 _____ C:\Users\HP\AppData\Roaming\LTspiceXVII.ini 2019-11-29 18:30 - 2019-11-30 16:55 - 000000000 ____D C:\Users\HP\Documents\LTspiceXVII 2019-11-29 18:29 - 2019-11-29 18:29 - 000001045 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\LTspice XVII.lnk 2019-11-29 18:29 - 2019-11-29 18:29 - 000001021 _____ C:\Users\HP\Desktop\LTspice XVII.lnk 2019-11-29 18:28 - 2019-11-29 18:28 - 000000000 ____D C:\Program Files\LTC 2019-11-29 18:10 - 2019-11-29 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2019-11-29 18:09 - 2017-01-16 08:26 - 000165504 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys 2019-11-29 18:09 - 2017-01-16 08:26 - 000131712 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys 2019-11-29 17:21 - 2019-11-29 17:48 - 000000068 _____ C:\Users\HP\AppData\Local\uts.ini 2019-11-29 17:21 - 2019-11-29 17:21 - 000000000 ____D C:\Users\HP\AppData\Local\uts 2019-11-29 17:20 - 2019-11-29 19:26 - 000000000 ____D C:\Program Files (x86)\Kingo ROOT 2019-11-29 13:42 - 2019-11-29 13:42 - 000000000 ____D C:\Users\HP\AppData\Roaming\BatteryCare 2019-11-28 09:17 - 2019-11-28 09:17 - 000000000 ____D C:\Users\HP\Documents\Polyspace_Workspace 2019-11-27 21:36 - 2019-11-21 17:45 - 001073872 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2019-11-27 21:36 - 2019-11-21 17:45 - 001073872 _____ C:\Windows\system32\vulkan-1.dll 2019-11-27 21:36 - 2019-11-21 17:45 - 000931536 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2019-11-27 21:36 - 2019-11-21 17:45 - 000931536 _____ C:\Windows\SysWOW64\vulkan-1.dll 2019-11-27 21:36 - 2019-11-21 17:45 - 000848592 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2019-11-27 21:36 - 2019-11-21 17:45 - 000848592 _____ C:\Windows\system32\vulkaninfo.exe 2019-11-27 21:36 - 2019-11-21 17:45 - 000706256 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2019-11-27 21:36 - 2019-11-21 17:45 - 000706256 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2019-11-27 21:36 - 2019-11-21 17:45 - 000450976 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2019-11-27 21:36 - 2019-11-21 17:45 - 000352512 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2019-11-27 21:36 - 2019-11-21 17:44 - 011843184 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2019-11-27 21:36 - 2019-11-21 17:44 - 010167432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 017458840 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 015027776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 005380736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 004716176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 002074712 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001733264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444141.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001567688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001491568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444141.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001482376 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001370256 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001144920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 001064408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000813656 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000685800 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000676824 _____ C:\Windows\system32\nvofapi64.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000659088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000556672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2019-11-27 21:36 - 2019-11-21 17:43 - 000544728 _____ C:\Windows\SysWOW64\nvofapi.dll 2019-11-27 21:36 - 2019-11-21 17:42 - 040511064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2019-11-27 21:36 - 2019-11-21 17:42 - 035380336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2019-11-27 20:51 - 2019-11-27 20:51 - 000004524 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2019-11-27 20:51 - 2019-11-27 20:51 - 000004370 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2019-11-26 13:09 - 2019-12-02 14:36 - 000000261 _____ C:\Windows\ODBC.INI 2019-11-26 13:09 - 2019-11-26 13:09 - 000063202 _____ C:\Program Files\Uninstall.exe 2019-11-26 13:09 - 2019-11-26 13:09 - 000000191 _____ C:\Windows\ODBCINST.INI 2019-11-26 13:09 - 2019-11-26 13:09 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SQLite ODBC Driver for Win64 2019-11-26 13:09 - 2014-09-20 18:00 - 000150528 _____ C:\Windows\system32\sqlite3_mod_fts3.dll 2019-11-26 13:09 - 2014-09-20 18:00 - 000062464 _____ C:\Windows\system32\sqlite3_mod_rtree.dll 2019-11-26 13:09 - 2014-09-20 18:00 - 000059904 _____ C:\Windows\system32\sqlite3_mod_extfunc.dll 2019-11-26 13:09 - 2014-09-20 17:59 - 000858624 _____ (Christian Werner Software & Consulting) C:\Windows\system32\sqlite3odbc.dll 2019-11-26 13:09 - 2014-09-20 17:59 - 000101376 _____ C:\Windows\system32\sqlite3_mod_zipfile.dll 2019-11-26 13:09 - 2014-09-20 17:59 - 000078848 _____ (Christian Werner Software & Consulting) C:\Windows\system32\sqlite3_mod_blobtoxy.dll 2019-11-26 13:09 - 2014-09-20 17:59 - 000062464 _____ C:\Windows\system32\sqlite3_mod_csvtable.dll 2019-11-26 13:09 - 2014-09-20 17:59 - 000057344 _____ C:\Windows\system32\sqlite3_mod_impexp.dll 2019-11-26 13:03 - 2019-11-27 08:16 - 000000000 ____D C:\Users\HP\AppData\Roaming\SPB_Data 2019-11-26 13:03 - 2019-11-26 13:03 - 000000000 ____D C:\Cadence 2019-11-23 08:07 - 2019-11-23 08:07 - 000000000 ____D C:\Users\HP\AppData\Roaming\Cadence 2019-11-19 21:58 - 2019-11-19 21:58 - 000000123 _____ C:\Users\Public\Desktop\netcut.url 2019-11-19 21:58 - 2019-11-19 21:58 - 000000123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netcut.url 2019-11-19 21:58 - 2019-11-19 21:58 - 000000123 _____ C:\ProgramData\Desktop\netcut.url 2019-11-19 21:58 - 2019-11-19 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netcut 2019-11-12 21:32 - 2019-11-08 12:06 - 001734256 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444120.dll 2019-11-12 21:32 - 2019-11-08 12:06 - 001492696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444120.dll 2019-11-09 14:52 - 2019-11-09 14:52 - 000000000 ____D C:\Users\HP\Documents\Rockstar Games 2019-11-09 14:52 - 2019-11-09 14:52 - 000000000 ____D C:\Users\HP\AppData\Local\Rockstar Games 2019-11-09 14:52 - 2019-11-09 14:52 - 000000000 ____D C:\ProgramData\Steam 2019-11-09 14:52 - 2019-11-09 14:52 - 000000000 ____D C:\ProgramData\Socialclub 2019-11-09 09:31 - 2019-11-09 09:31 - 000000589 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk 2019-11-09 09:31 - 2019-11-09 09:31 - 000000589 _____ C:\ProgramData\Desktop\Grand Theft Auto V.lnk 2019-11-08 10:15 - 2019-11-08 10:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2019-11-08 10:15 - 2019-11-08 10:15 - 000000000 ____D C:\Program Files\7-Zip 2019-11-07 13:30 - 2019-11-28 10:34 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-11-07 12:06 - 2019-11-07 12:06 - 000000000 ___HD C:\$Windows.~WS 2019-11-06 17:25 - 2019-11-07 12:51 - 000000000 ____D C:\ESD 2019-11-06 11:14 - 2004-01-21 16:49 - 000389120 _____ (WinMain Software (hxxp://www.winmain.com)) C:\Windows\SysWOW64\cmax20.ocx 2019-11-05 07:43 - 2019-11-21 21:42 - 004205568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2019-11-05 07:43 - 2019-10-25 11:41 - 001733464 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444112.dll 2019-11-05 07:43 - 2019-10-25 11:41 - 001491472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444112.dll ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-02 18:14 - 2017-11-02 23:52 - 000000000 ____D C:\Users\HP\AppData\Roaming\DMCache 2019-12-02 18:07 - 2018-12-01 11:48 - 000004156 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{8F1323CB-21BB-4BB5-977B-9C0A543A6848} 2019-12-02 18:06 - 2017-07-16 14:45 - 000000000 ____D C:\ProgramData\NVIDIA 2019-12-02 18:03 - 2017-07-16 14:39 - 000000000 __SHD C:\Users\HP\IntelGraphicsProfiles 2019-12-02 14:15 - 2019-05-11 15:33 - 000000000 ____D C:\Program Files\CCleaner 2019-12-02 14:02 - 2019-04-28 14:06 - 000000000 ____D C:\Users\HP\Documents\MATLAB 2019-12-02 13:59 - 2017-07-16 14:21 - 000000000 ____D C:\Windows\system32\SleepStudy 2019-12-01 19:40 - 2017-11-06 11:25 - 000000000 ____D C:\Windows\system32\Tasks\TVT 2019-12-01 19:34 - 2019-05-11 15:33 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update 2019-12-01 19:34 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\NDF 2019-12-01 15:51 - 2017-11-02 20:13 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps 2019-12-01 15:50 - 2017-12-15 19:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-12-01 15:49 - 2017-07-16 14:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-12-01 15:49 - 2016-07-16 08:04 - 001048576 _____ C:\Windows\system32\config\BBI 2019-11-29 22:39 - 2019-10-09 10:08 - 000000000 ____D C:\ADS2009 2019-11-29 20:11 - 2019-09-08 16:30 - 000000000 ____D C:\Users\HP\AppData\Local\Spotify 2019-11-29 20:02 - 2019-09-08 16:26 - 000000000 ____D C:\Users\HP\AppData\Roaming\Spotify 2019-11-29 18:28 - 2019-05-01 12:58 - 000000000 ____D C:\Users\HP\AppData\Roaming\Samsung 2019-11-29 18:28 - 2019-05-01 12:58 - 000000000 ____D C:\Program Files (x86)\Samsung 2019-11-29 18:28 - 2017-12-05 14:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2019-11-29 18:17 - 2019-05-01 13:06 - 000000000 ____D C:\Users\HP\AppData\Local\Samsung 2019-11-29 18:15 - 2019-05-01 12:58 - 000000000 ____D C:\ProgramData\Samsung 2019-11-29 18:13 - 2019-05-01 13:00 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log 2019-11-29 18:13 - 2019-05-01 13:00 - 000000000 ____D C:\ProgramData\Documents\NativeFus_Log 2019-11-29 18:09 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF 2019-11-29 17:59 - 2019-04-09 23:32 - 000000000 ____D C:\Users\HP\Documents\Wondershare Filmora 9 2019-11-29 17:22 - 2019-03-17 21:24 - 000000000 ____D C:\Users\HP\.android 2019-11-29 16:52 - 2019-05-11 15:33 - 000000000 ____D C:\Program Files\Recuva 2019-11-29 16:45 - 2019-08-02 22:47 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Mozilla 2019-11-29 15:15 - 2019-10-01 07:22 - 000002334 _____ C:\Users\HP\Desktop\Any.do.lnk 2019-11-29 13:39 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness 2019-11-29 13:30 - 2017-07-16 14:31 - 000000000 ____D C:\Users\HP\AppData\Local\Packages 2019-11-29 13:27 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps 2019-11-28 10:34 - 2019-08-02 22:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-11-27 22:16 - 2019-09-05 17:43 - 000000000 ____D C:\Users\HP\AppData\Local\NVIDIA 2019-11-27 20:52 - 2017-11-07 15:01 - 000000000 ____D C:\Users\HP\AppData\Local\Adobe 2019-11-27 20:51 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-11-27 20:51 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\Macromed 2019-11-27 20:46 - 2019-08-02 22:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-11-23 09:43 - 2017-07-16 14:30 - 000000000 ____D C:\Users\HP 2019-11-23 09:25 - 2019-02-23 21:10 - 000000000 ____D C:\Users\HP\AppData\Local\Eclipse 2019-11-22 16:29 - 2017-07-16 14:31 - 000000000 ____D C:\Users\HP\AppData\Local\VirtualStore 2019-11-22 08:28 - 2017-07-16 14:38 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-11-22 08:28 - 2017-07-16 14:35 - 001718314 _____ C:\Windows\system32\PerfStringBackup.INI 2019-11-22 08:26 - 2018-07-06 18:16 - 000000000 ____D C:\Program Files (x86)\arcai.com 2019-11-21 21:42 - 2019-09-05 17:50 - 004937584 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2019-11-21 10:27 - 2017-07-16 14:43 - 000000000 ____D C:\ProgramData\Package Cache 2019-11-21 10:26 - 2019-10-18 11:30 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2019-11-21 02:56 - 2019-09-05 17:50 - 000056258 _____ C:\Windows\system32\nvinfo.pb 2019-11-21 00:44 - 2019-09-05 17:54 - 005549368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 002652168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 001767448 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 000668200 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 000454968 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 000152048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 000130584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2019-11-21 00:44 - 2019-09-05 17:54 - 000082784 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2019-11-20 19:54 - 2019-09-05 17:54 - 008785212 _____ C:\Windows\system32\nvcoproc.bin 2019-11-16 22:14 - 2019-10-19 20:30 - 000000000 ____D C:\Program Files\txgameassistant 2019-11-16 21:04 - 2017-07-16 14:39 - 000000000 ____D C:\Program Files (x86)\Intel 2019-11-16 20:54 - 2019-09-08 22:02 - 000555064 _____ (TENCENT) C:\Windows\system32\TesSafe.sys 2019-11-13 21:24 - 2019-05-19 12:38 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-11-09 14:51 - 2017-12-04 17:04 - 000000000 ____D C:\Windows\SysWOW64\directx 2019-11-07 12:51 - 2017-07-17 00:20 - 000000000 ____D C:\Windows\Panther 2019-11-06 17:28 - 2019-07-24 12:30 - 000000400 __RSH C:\ProgramData\ntuser.pol 2019-11-06 11:12 - 2017-11-02 23:53 - 000000000 ____D C:\Users\HP\AppData\Roaming\IDM 2019-11-06 10:56 - 2019-03-27 17:34 - 000002937 _____ C:\Users\HP\.octave_hist 2019-11-05 23:01 - 2019-10-09 19:59 - 000000000 ____D C:\Users\HP\AppData\Roaming\Psiphon3 2019-11-05 07:14 - 2019-09-05 17:43 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:14 - 2019-09-05 17:43 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:14 - 2017-07-16 14:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2019-11-05 07:14 - 2017-07-16 14:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2019-11-05 07:13 - 2019-09-05 17:43 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2019-09-05 17:43 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-11-05 07:13 - 2017-07-16 14:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2019-11-05 07:08 - 2018-12-19 21:25 - 000000000 ____D C:\Users\HP\Downloads\Intel Driver and Support Assistant 2019-11-05 06:58 - 2017-11-02 23:52 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager 2019-11-05 06:57 - 2017-07-16 14:38 - 000003420 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2019-11-05 06:57 - 2017-07-16 14:38 - 000003296 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2019-11-05 06:57 - 2017-07-16 14:38 - 000000000 ____D C:\Program Files (x86)\Google 2019-11-05 06:56 - 2018-01-19 15:32 - 000149944 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys 2019-11-05 06:56 - 2018-01-19 15:32 - 000114136 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys 2019-11-05 06:56 - 2018-01-19 15:31 - 000189512 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys 2019-11-05 06:56 - 2018-01-19 15:31 - 000103264 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys 2019-11-05 06:56 - 2018-01-19 15:31 - 000077184 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys 2019-11-05 06:56 - 2018-01-19 15:31 - 000050712 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys ==================== Files in the root of some directories ======== 2014-09-20 17:59 - 2014-09-20 17:59 - 000070656 _____ (Christian Werner Software & Consulting) C:\Program Files\adddsn.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000070656 _____ (Christian Werner Software & Consulting) C:\Program Files\addsysdsn.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000073216 _____ (Christian Werner Software & Consulting) C:\Program Files\inst.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000073216 _____ (Christian Werner Software & Consulting) C:\Program Files\instq.exe 2004-11-13 08:12 - 2004-11-13 08:12 - 000001456 _____ () C:\Program Files\license.terms 2014-09-20 18:00 - 2014-09-20 18:00 - 000001482 _____ () C:\Program Files\license.txt 2014-09-20 17:34 - 2014-09-20 17:34 - 000011410 _____ () C:\Program Files\README 2014-09-20 17:34 - 2014-09-20 17:34 - 000011410 _____ () C:\Program Files\readme.txt 2014-09-20 17:59 - 2014-09-20 17:59 - 000070656 _____ (Christian Werner Software & Consulting) C:\Program Files\remdsn.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000070656 _____ (Christian Werner Software & Consulting) C:\Program Files\remsysdsn.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000067584 _____ () C:\Program Files\sqlite3.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000858624 _____ (Christian Werner Software & Consulting) C:\Program Files\sqlite3odbc.dll 2014-09-20 18:00 - 2014-09-20 18:00 - 000852992 _____ (Christian Werner Software & Consulting) C:\Program Files\sqlite3odbcnw.dll 2014-09-20 17:59 - 2014-09-20 17:59 - 000078848 _____ (Christian Werner Software & Consulting) C:\Program Files\sqlite3_mod_blobtoxy.dll 2014-09-20 17:59 - 2014-09-20 17:59 - 000062464 _____ () C:\Program Files\sqlite3_mod_csvtable.dll 2014-09-20 18:00 - 2014-09-20 18:00 - 000059904 _____ () C:\Program Files\sqlite3_mod_extfunc.dll 2014-09-20 18:00 - 2014-09-20 18:00 - 000150528 _____ () C:\Program Files\sqlite3_mod_fts3.dll 2014-09-20 17:59 - 2014-09-20 17:59 - 000057344 _____ () C:\Program Files\sqlite3_mod_impexp.dll 2014-09-20 18:00 - 2014-09-20 18:00 - 000062464 _____ () C:\Program Files\sqlite3_mod_rtree.dll 2014-09-20 17:59 - 2014-09-20 17:59 - 000101376 _____ () C:\Program Files\sqlite3_mod_zipfile.dll 2014-09-20 17:59 - 2014-09-20 17:59 - 000073216 _____ (Christian Werner Software & Consulting) C:\Program Files\uninst.exe 2019-11-26 13:09 - 2019-11-26 13:09 - 000063202 _____ () C:\Program Files\Uninstall.exe 2014-09-20 17:59 - 2014-09-20 17:59 - 000073216 _____ (Christian Werner Software & Consulting) C:\Program Files\uninstq.exe 2019-11-29 18:33 - 2019-11-30 16:55 - 000004205 _____ () C:\Users\HP\AppData\Roaming\LTspiceXVII.ini 2018-09-29 19:56 - 2018-09-29 19:56 - 000000000 _____ () C:\Users\HP\AppData\Local\oobelibMkey.log 2019-11-29 17:21 - 2019-11-29 17:48 - 000000068 _____ () C:\Users\HP\AppData\Local\uts.ini 2019-03-17 20:54 - 2019-03-19 20:11 - 000017408 _____ () C:\Users\HP\AppData\Local\WebpageIcons.db ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-11-30 09:21 ==================== End of FRST.txt ========================
- December 2, 2019
- 18 replies
Remove kms virus

Mostafa_ahmed posted a topic in Resolved Malware Removal Logs

How to remove kms please I got my laptop with no windows And then store installed windows and activated it with kms tool Now i bought a key and i would like to change from windows enterprise to pro and to remove kms tool Thank you in advance
- December 1, 2019
- 18 replies

Sign In

Mostafa_ahmed

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Everything posted by Mostafa_ahmed

Remove kms virus

Remove kms virus

Remove kms virus

Remove kms virus

Remove kms virus

Remove kms virus

Remove kms virus

Remove kms virus

Remove kms virus

Remove kms virus

Remove kms virus

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information