| der_phil | 17.01.2020 00:01 |
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by Boran (16-01-2020 23:51:06)
Running from C:\Users\Boran\Downloads
Windows 7 Professional Service Pack 1 (X64) (2012-11-02 09:42:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
5320D5B9A1FF4D6CAC6C (S-1-5-21-3628080025-3129989591-1433067816-1004 - Limited - Enabled)
Administrator (S-1-5-21-3628080025-3129989591-1433067816-500 - Administrator - Disabled)
Boran (S-1-5-21-3628080025-3129989591-1433067816-1001 - Administrator - Enabled) => C:\Users\Boran
Guest (S-1-5-21-3628080025-3129989591-1433067816-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3628080025-3129989591-1433067816-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3628080025-3129989591-1433067816-1001\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
3D Youtube Downloader (x64) (HKU\S-1-5-21-3628080025-3129989591-1433067816-1001\...\3D Youtube Downloader (x64)) (Version: 1.16.11 - 3DYD Soft)
Adobe Acrobat Reader DC - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
AIDA64 Extreme v5.20 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.20 - FinalWire Ltd.)
AOMEI Partition Assistant Standard Edition 6.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.29.2.24183 - Avira Operations GmbH & Co. KG)
BankID säkerhetsprogram (HKLM-x32\...\{2D6973ED-BBF2-434E-993C-37E05087B8C8}) (Version: 5.1.3.2 - Finansiell ID-Teknik BID AB)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPUID CPU-Z 1.81 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.81 - ) <==== ATTENTION
CPUID HWMonitor 1.36 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.36 - CPUID, Inc.)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{C6A49D2B-7359-4ED1-BC9F-F76A1957BC7A}) (Version: 12.5.4019 - Blackmagic Design)
Digital Media Converter 4.1 (HKLM-x32\...\Digital Media Converter 4.0_is1) (Version: - Deskshare Inc.)
Discord (HKU\S-1-5-21-3628080025-3129989591-1433067816-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.70 - NVIDIA Corporation) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
DriverEasy 4.9.2 (HKLM\...\DriverEasy_is1) (Version: 4.9.2.0 - Easeware)
DriverTools 1.0 (HKLM-x32\...\DriverTools) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Dropbox (HKU\S-1-5-21-3628080025-3129989591-1433067816-1001\...\Dropbox) (Version: 88.4.172 - Dropbox, Inc.)
EaseUS Todo Backup Free 10.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd)
Electa Live Screen Recorder (HKLM-x32\...\{ACBEFFFE-9499-407A-8D44-C1DDB3DB94F0}) (Version: 1.2 - ELECTA COMMUNICATIONS LTD)
Epic Games Launcher (HKLM-x32\...\{42D23AAF-7D6F-48C7-A62C-8E02D6234156}) (Version: 1.1.147.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version: - epubfilereader.com)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotor 3.4.1 (HKLM-x32\...\Fotor) (Version: 3.4.1 - Everimaging Co., Ltd.)
FreeStyle Libre (HKLM-x32\...\FreeStyle Libre 1.0) (Version: 1.0 - Abbott Diabetes Care)
Geeks3D FurMark 1.15.2.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GNU Prolog version 1.4.4 (HKLM-x32\...\GNU Prolog_is1) (Version: 1.4.4 - Daniel Diaz)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.22.3 - Google Inc.) Hidden
GoPro App (HKLM-x32\...\{F521FF84-E690-40CF-977C-4103A4D8E5D0}) (Version: 5.7.549 - GoPro, Inc.) Hidden
GoPro Studio 2.5.7 (HKLM-x32\...\{b996dca2-156c-4d2c-b9a3-59fac08cef33}) (Version: 2.5.7.549 - GoPro, Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - Huawei Technologies Co.,Ltd)
Hotspot Shield 8.5.1 (HKLM-x32\...\{60e71019-80e3-4075-921f-b49829aa6f3b}) (Version: 8.5.1.11368 - AnchorFree Inc.)
Hotspot Shield 8.5.1 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925D177BF8B}) (Version: 8.5.1.11368 - AnchorFree Inc.) Hidden
Hotspot Shield 8.5.1 (HKLM-x32\...\HotspotShield) (Version: 8.5.1 - AnchorFree Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
KaloMa 4.94 (HKLM-x32\...\KaloMa_is1) (Version: - Frank Böpple)
K-Lite Mega Codec Pack 11.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Learn to Play Bridge (HKLM-x32\...\Learn_to_Play_Bridge) (Version: - )
LibreView Device Drivers (HKLM-x32\...\{D2200BF1-9BF0-4C1C-9282-A727FFCC5046}) (Version: 3.2.1 - Newyu)
License Support (HKLM\...\{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Malwarebytes Version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.12325.20288 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{9085041F-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3628080025-3129989591-1433067816-1001\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.2.2 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
muvee Reveal Runtime (HKLM-x32\...\{708779B0-2F3A-4D5B-8750-24617AF1913D}) (Version: 12.0.0.28286 - muvee Technologies Pte Ltd)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.0.0 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 411.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Graphics Driver 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 411.70 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20280 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Photomizer 3 (HKLM\...\{6F959846-943B-406B-8829-46B9396BB0EF}) (Version: 3.0.5809.29131 - Engelmann Media GmbH) Hidden
Photomizer 3 (HKLM-x32\...\{f2f91df4-e865-40fc-b5ed-05333af16802}) (Version: 3.0.5809.29237 - Engelmann Media GmbH)
Pokemon GO Live Map (HKU\S-1-5-21-3628080025-3129989591-1433067816-1001\...\pokemon) (Version: 0.2.1 - Mike Christopher)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.4 - Power Software Ltd)
Python 3.3.0 (64-bit) (HKLM\...\{290329c4-a276-3aec-b633-9f5a39d8dd96}) (Version: 3.3.150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RawTherapee version 5.5 (HKLM\...\RawTherapee5.5_is1) (Version: 5.5 - rawtherapee.com)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
Scrivener Update (HKLM-x32\...\Scrivener 1860) (Version: 1970 - Literature and Latte)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Voice Changer (HKU\S-1-5-21-3628080025-3129989591-1433067816-1001\...\d8f4b4d52e33052f) (Version: 1.4.0.0 - Mark Heath)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.14 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.4.0.7 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3628080025-3129989591-1433067816-1001\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPER © v2015.build.65+Recorder (2015/05/31) Version v2015.buil (HKLM-x32\...\{8E2A29F2-96BF-8859-4DB7-5C16C91728A3}_is1) (Version: v2015.build.65+Recorder - eRightSoft)
SWI-Prolog (remove only) (HKLM\...\SWI-Prolog) (Version: - )
System Requirements Lab Detection (HKLM-x32\...\{8EB8C737-1C4D-4070-8B35-65FEDDE2A406}) (Version: 6.1.4.0 - Husdawg, LLC)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-3628080025-3129989591-1433067816-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.7.1965 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VFW_Codec32 (HKLM-x32\...\{FD85BB37-D0AD-4684-B052-4CE9DF72455A}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{68413D4F-C3C9-4B6F-9B39-AC7444C8C05C}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.0 - VideoLAN)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 1.2.2.1 - Voicemod S.L.)
Vovoid VSXu 0.4.2 (HKLM-x32\...\VSXu 0.4.2) (Version: 0.4.2 - Vovoid Media Technologies AB)
WhatsApp (HKU\S-1-5-21-3628080025-3129989591-1433067816-1001\...\WhatsApp) (Version: 0.2.1880 - WhatsApp)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wondershare Filmora(Build 8.0.0) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Xvid 1.2.1 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3628080025-3129989591-1433067816-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-08-24] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-08-24] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-08-24] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3628080025-3129989591-1433067816-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3628080025-3129989591-1433067816-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3628080025-3129989591-1433067816-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Boran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3570688 2014-12-21] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [254976 2014-11-14] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2015-02-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1332736 2015-10-02] (CineForm Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\i420vfw.dll [70656 2004-01-24] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3588608 2014-12-21] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2008-12-04] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2015-02-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1117184 2015-10-02] (CineForm Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\yv12vfw.dll [70656 2004-01-24] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Boran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Readium.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fepbnnnkkadjhjahcafoaglimekefifl
ShortcutWithArgument: C:\Users\Boran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Readium.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fepbnnnkkadjhjahcafoaglimekefifl
ShortcutWithArgument: C:\Users\Boran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Simple EPUB Reader.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ojhbgcchcbdjdenibfmjofobklkkhofc
==================== Loaded Modules (Whitelisted) =============
2019-03-27 22:34 - 2019-03-27 22:34 - 000130560 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2019-03-04 14:01 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3628080025-3129989591-1433067816-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Boran\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^Users^Boran^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Boran^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chromium => "c:\users\boran\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\Boran\AppData\Local\Discord\app-0.0.301\Discord.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Boran\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
MSCONFIG\startupreg: Facebook Update => "C:\Users\Boran\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreeStyleLibreautorunexe => C:\Program Files (x86)\FreeStyle Libre\MASLaunchClient.FreeStyleLibre.exe
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: GoPro Studio Importer => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Boran\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Boran\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: Voicemod => "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{67C74436-E5ED-43D2-B98E-761015360144}] => (Allow) C:\Users\Boran\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{435FF687-32AA-4E26-9490-A31696E3D5DF}] => (Allow) C:\Users\Boran\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{DD48487F-BCDE-438E-98BF-26AE399C1B0D}C:\users\boran\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\boran\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{3A2954AD-CD5F-4045-8DAB-28596C7E1F49}C:\users\boran\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\boran\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{F5227C32-CB0C-4D25-962B-87F12A94510B}C:\users\boran\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\boran\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{A4DAE80A-9752-4DE7-95A7-07085F0EA643}C:\users\boran\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\boran\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4FA0B8D0-5F27-48C2-AADD-EE2009B3F7F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F6ADE026-EE6D-4B7C-B8CE-8032F0CDBB10}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{82B1BCB5-C53B-4648-BC22-02CB2138CEC9}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{92965D41-3E44-4ADA-8617-4B3AAA834FDC}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1FDE414F-09D7-47EE-B9BE-E8A53BE7D052}] => (Block) %ProgramFiles% (x86)\Image-Line\FL Studio 11\FL.exe No File
FirewallRules: [{F4A17A76-353D-4046-BEE5-670E91C79278}] => (Allow) C:\Users\Boran\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Software Sarl -> Skype Limited)
FirewallRules: [{3CB8B1B4-AC05-45B6-8671-5A18468D296F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{691E4CF5-E2E0-4CC1-ACD9-348195B802B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{2E0BB3F2-8343-412D-B207-DCD2120FB18E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{6DD401CC-E567-496E-9368-10D39F1E13FF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F97D78C-2AD7-47E9-8192-44DDEEA6D645}] => (Allow) LPort=2869
FirewallRules: [{E8F1756A-1AAF-4ACD-AD8C-F202AF6CB4F4}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{0139D613-D0DA-4C6D-84AD-EEFF0E1C7A82}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe (Valve -> )
FirewallRules: [UDP Query User{C491BBCD-BD47-4547-95A4-27F959567B2A}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe (Valve -> )
FirewallRules: [{2566776E-9B8A-4F08-A038-80025EE29245}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{35278324-B8BB-4FE7-AC04-AA75C3585BC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{68B637DE-4796-43E7-8CAD-7863BCCFF7EC}] => (Allow) C:\Users\Boran\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21EE89FD-DD3D-44E1-A8C4-65B58385A512}] => (Allow) C:\Users\Boran\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5FBDBBAF-68F8-4B5A-A711-3FC0A4750F21}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{18AF57B9-D5AB-4EE2-A96F-8D2B2DAE3F9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F1F9E1BC-D69F-4A04-9599-6F306CBF0E3E}] => (Allow) C:\Users\Boran\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{977A47CC-C782-42A3-AC3A-63AE57113666}] => (Allow) C:\Users\Boran\AppData\Roaming\Nox\bin\Nox.exe (Duodian Online Technology Co. Ltd. -> Duodian Technology Co. Ltd.)
FirewallRules: [TCP Query User{7DE972A9-5C08-46B6-97B3-8430F0B8C5D0}C:\users\boran\appdata\local\pokemon\app-0.2.1\pokemon go live map.exe] => (Allow) C:\users\boran\appdata\local\pokemon\app-0.2.1\pokemon go live map.exe (GitHub, Inc.) [File not signed]
FirewallRules: [UDP Query User{BDF6E824-70EE-40A3-9D67-F413FE0EAC86}C:\users\boran\appdata\local\pokemon\app-0.2.1\pokemon go live map.exe] => (Allow) C:\users\boran\appdata\local\pokemon\app-0.2.1\pokemon go live map.exe (GitHub, Inc.) [File not signed]
FirewallRules: [TCP Query User{EDE5A843-75E6-4611-A861-DCDCF35CFE86}C:\users\boran\appdata\local\pokemon\app-0.2.1\resources\app\pywin\python.exe] => (Allow) C:\users\boran\appdata\local\pokemon\app-0.2.1\resources\app\pywin\python.exe () [File not signed]
FirewallRules: [UDP Query User{4B938D70-20C8-4367-94BC-3D118E3D516F}C:\users\boran\appdata\local\pokemon\app-0.2.1\resources\app\pywin\python.exe] => (Allow) C:\users\boran\appdata\local\pokemon\app-0.2.1\resources\app\pywin\python.exe () [File not signed]
FirewallRules: [{4069D3B2-1E4C-4A00-8BAF-B68B941DCB14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{46A43ECA-76E5-4143-95F6-2A157E52DCF8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{00451E17-34C8-4910-B2CB-7209AC02681D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D1B4B4DA-ACE1-43D5-BA7E-BA8EE5C9CAFA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A88C57E-FD38-4DC5-ABD7-192677E169BD}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{15194E24-7E27-408C-88EB-DF601FF6F200}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{2B5652CB-3779-4E00-81A0-B0F9CAA3EC1D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{8C92C553-DE2F-4B2E-B7CC-9E8FA9F2B6E2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{3C47BA19-C5BE-446F-B197-C4D2809871F1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{FD66E638-18A6-4085-84F1-034470040520}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{D5F4FE7E-3F76-415E-A0C6-5E702296BEC4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe () [File not signed]
FirewallRules: [{6F64501E-D6DD-4A75-8B6A-857DAC0630B3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{9151112C-AD31-4596-88CB-0886C80294B8}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{5C19D194-F5EB-409A-9E24-332CB36A9DBD}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{05D37F3F-6E9C-40B8-B19F-489488E26E64}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{8ECBE8EA-7724-4FE3-ADCD-E25134B34113}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{AD60DEFF-5C6F-4F42-91AB-580F5FCBAFE3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{3719BF89-CA1E-4B87-8D74-C13231CA6566}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{EC9A8CD0-11E2-4023-9332-9BBACFB13059}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{95ED63A7-2B0E-4C18-B947-7FE639F238D0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{975736BF-1409-46B0-B16F-C8A46AF583F2}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{F45E8DBD-9DFF-4404-8C00-00941D6FAEEF}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [TCP Query User{D7F375C2-75FF-4BB6-99FD-743B649991E3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{AA55099D-6BD6-43B7-8129-6A6BBECBEE73}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{D4ACD3AE-24DB-4755-B51E-010EAF0AEFC4}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{B69FEA34-4680-4B32-8FDE-94733BE5A986}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{24287BA3-AEF4-40C7-A51E-A821E773E0FF}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{7A1612CE-F51E-4AC2-B2C2-58DA2D79F33F}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{DE98BE96-AAC5-4756-B90E-DD27B51B07BC}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2ADF1622-503C-4AD8-BCF5-B251DB5BE8CA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{20C6F165-7506-48F1-AD35-F8DEAD21179F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{571DA157-614A-4DA1-96E9-1757FB3F79B2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A40DB92F-1F83-4B5A-A847-94133FB645CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{677CA56E-72B1-4847-B155-B0F2AAAE67AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{85D5A852-9AB1-4E5F-B770-E47F09392E18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F1D871D-B791-461C-8D42-40595F06E49F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C6AC1463-2584-42EF-9458-A91A6C7B1C22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{321D05A2-DCB9-428E-AF1B-74C52233BB1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2416E21A-2010-479A-A171-92FC1DD94E80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{94FB56E8-E37D-49D1-A072-D5B0B96BCE33}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9E9288C8-F389-4759-BECF-73397080B29D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB8D7477-F49C-42DB-874A-C731F6B05E7A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63202640-AB5B-4514-A10A-B6F3EB8BF519}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C868E815-8EE8-4429-994B-04B6CA180328}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F1D3D8EE-5FBA-4487-B0C3-75008BFB3635}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2E09669A-EBF1-4FE6-ABF8-78EE28E1F03A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C98305A8-2A64-44B2-A540-CA51E7E37DBD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{BB7B54F5-3A91-43E9-96D8-6E355E2B09FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{17C57B1C-6314-4440-B138-4653DBBB3F54}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRServer.exe (Splashtop Inc. -> Splashtop Inc.)
FirewallRules: [{F4F935C8-A5AA-4F32-AF4E-59D78490E6D2}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRFeature.exe (Splashtop Inc. -> Splashtop Inc.)
FirewallRules: [{5BA39A71-8DE0-4B5D-B3D8-3562E7387ED1}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\DataProxy.exe (Splashtop Inc. -> Splashtop Inc.)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/16/2020 11:44:44 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (01/16/2020 11:44:44 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (01/16/2020 11:40:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\Boran\Downloads\esetsmartinstaller_deu.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_e372d88f30fbb845.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b.manifest.
Error: (01/16/2020 11:40:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\Boran\Downloads\esetsmartinstaller_deu.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_e372d88f30fbb845.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b.manifest.
Error: (01/16/2020 06:05:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034
Error: (01/16/2020 06:05:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8034
Error: (01/16/2020 06:05:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/16/2020 06:05:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7036
System errors:
=============
Error: (01/16/2020 11:29:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 80.
Error: (01/16/2020 11:29:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (01/16/2020 10:29:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 80.
Error: (01/16/2020 10:29:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (01/16/2020 10:28:28 PM) (Source: TermDD) (EventID: 56) (User: )
Description: The Terminal Server security layer detected an error in the protocol stream and has disconnected the client.
Client IP: 127.0.0.1.
Error: (01/16/2020 10:28:28 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 46.
Error: (01/16/2020 09:29:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
Error: (01/16/2020 05:59:27 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 80.
CodeIntegrity:
===================================
Date: 2018-10-05 14:45:23.173
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Boran\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-05 14:45:23.074
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Boran\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-05 14:45:22.963
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-05 14:45:22.865
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-15 18:14:51.556
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Boran\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-15 18:14:51.513
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Boran\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-15 18:14:51.235
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-15 18:14:51.192
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F7 02/11/2010
Motherboard: Gigabyte Technology Co., Ltd. P55-UD4
Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 84%
Total physical RAM: 8187.49 MB
Available physical RAM: 1262.28 MB
Total Virtual: 16373.13 MB
Available Virtual: 7617.16 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:255.95 GB) (Free:13.95 GB) NTFS
Drive d: (Reserverad av systemet) (Fixed) (Total:0.22 GB) (Free:0.18 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 256.2 GB) (Disk ID: CCF2C8E5)
Partition 1: (Active) - (Size=225 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=255.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
<a href="https://ibb.co/mzvKr4q"><img src="https://i.ibb.co/C0JypQ7/fehler-2.jpg" alt="fehler-2" border="0"></a>
<a href="https://imgbb.com/"><img src="https://i.ibb.co/RggLmHH/fehler.jpg" alt="fehler" border="0"></a> |
