Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2019 Ran by akira (administrator) on LAPTOP-48H06PN2 (LENOVO 80SN) (03-10-2019 16:38:19) Running from C:\Users\akira\Downloads Loaded Profiles: akira (Available Profiles: akira & Administrator) Platform: Windows 10 Home Version 1809 17763.737 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe (Conexant Systems, Inc.) [File not signed] C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe (Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\LenovoVantageService.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (Lenovo -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, LLC. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (McAfee, LLC. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_19_7\mcapexe.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\CSP\3.1.286.0\McCSPServiceHost.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\TaskScheduler\SETEFDA.tmp (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\mcafee\vul\McVulCtr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1002.3.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe\YourPhone.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\updater-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\ws.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\akira\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [894376 2017-04-14] (LENOVO -> Lenovo(beijing) Limited) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [602968 2015-12-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> ) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1831768 2016-08-29] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-08-27] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [190744 2017-10-18] (CyberLink Corp. -> CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [593688 2017-10-18] (CyberLink Corp. -> CyberLink Corp.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (Canon Inc. -> CANON INC.) HKU\S-1-5-21-358205242-1294261426-4112239854-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-05-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-358205242-1294261426-4112239854-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-04-22] (CyberLink Corp. -> CyberLink Corp.) HKU\S-1-5-21-358205242-1294261426-4112239854-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-05-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-358205242-1294261426-4112239854-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-05-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-358205242-1294261426-4112239854-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-05-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-358205242-1294261426-4112239854-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-358205242-1294261426-4112239854-1001\...\Run: [FreeYouTubeDownloader] => C:\Program Files (x86)\Free YouTube Downloader\YouTubeDownloader.exe [1024512 2019-06-14] (Vitzo Ltd.) [File not signed] HKU\S-1-5-21-358205242-1294261426-4112239854-1001\...\MountPoints2: {c06a33d8-5602-11e8-af7c-74dfbf3cf8c0} - "G:\Setup.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-19] (Google LLC -> Google LLC) Startup: C:\Users\akira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-09-23] ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0BF99FD4-76D7-488F-80A8-0ACAD2E43F83} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4137608 2019-07-25] (McAfee, LLC. -> McAfee, Inc.) Task: {0E9FCDF8-2C2F-4E67-AC12-EBC768607477} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10920216 2018-09-06] (Lenovo -> Lenovo) Task: {102BCBDC-D5FA-4891-B715-CCA175FE6BE3} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [331544 2018-09-06] (Lenovo -> ) Task: {12FF5B40-CEC8-4A28-BBAD-21412AD1E00A} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe Task: {18476A3B-6DCC-49BC-8612-54AD4046236B} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1723392 2019-08-27] () [File not signed] Task: {189A6525-1E64-4A45-BA44-223B7090182A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [103472 2019-09-19] (Microsoft Corporation -> Microsoft Corporation) Task: {1A32C602-0FCE-49B7-B486-139CD8539563} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403552 2019-09-19] (Microsoft Corporation -> Microsoft Corporation) Task: {25692896-94DB-400A-A795-39796ABC5EF7} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1028256 2019-08-09] (McAfee, LLC. -> McAfee, LLC.) Task: {268086E4-6B2C-4756-9D17-8497CF850498} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService Task: {275050BF-2F82-49AD-A3A6-F2E468600CCB} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [759752 2019-08-14] (McAfee, LLC. -> McAfee, LLC.) Task: {362656FF-B6F3-4704-9141-DFB74BA3E6D2} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-358205242-1294261426-4112239854-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-02-19] (Mega Limited -> Mega Limited) Task: {3C4C4912-D003-4CD1-AA16-0535256323AA} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-08-01] (Lenovo -> ) Task: {3CA4351A-CFB8-4547-972D-FF5757D0310D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {52938941-4758-444C-9530-29F49A5F7B28} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {55949131-2788-430D-9CE7-C6C49F5D0100} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-358205242-1294261426-4112239854-1001 => C:\Users\akira\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {567FBC1F-B780-4E94-8356-54F125A0B03B} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe "C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION Task: {5BEEB2DC-E57A-4D04-8E20-929561E83D73} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1028256 2019-08-09] (McAfee, LLC. -> McAfee, LLC.) Task: {68F8A64A-5CD0-4D41-8D37-20A66F04BB03} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> ) Task: {703A8EDD-1C23-4E26-BDAD-287127E9DBE0} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {843ADAA1-D6DA-4267-AF9A-C8CB918FF4AC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [758872 2019-09-19] (Microsoft Corporation -> Microsoft Corporation) Task: {84E1CC94-4F06-46F7-9D89-4A4F583F37FA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26045560 2019-09-04] (Microsoft Corporation -> Microsoft Corporation) Task: {86DAC4C4-2372-49C7-AA2D-CF40F04E98E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-27] (Google Inc -> Google Inc.) Task: {8748CE12-3042-4D37-922C-EAC2144C6587} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4404384 2019-09-19] (Microsoft Corporation -> Microsoft Corporation) Task: {87AD75D8-A7F5-4971-B869-49956CEA62F3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4404384 2019-09-19] (Microsoft Corporation -> Microsoft Corporation) Task: {8EDFE1CB-137B-46A6-845D-04FBD5582BA3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software) Task: {96CAA96F-B742-4CBE-A74A-AC26384395F8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [190744 2017-10-18] (CyberLink Corp. -> CyberLink) Task: {9CE7D29F-4D14-48BD-AEC5-E8C309A75B38} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-04-22] (CyberLink Corp. -> CyberLink Corp.) Task: {A1C9C2F6-892F-4590-892E-9AE92B2F0135} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {A5DD0FA8-A62F-4E5B-AC80-BF462780BA5E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\64a1f9d6-669b-401a-9b82-4c8b8ec06ec0 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.) Task: {A65D2480-FE69-4FA5-BF0E-4DF69584F3A9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe Task: {A73E581D-9223-4B95-BE67-4206CA6C5C99} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.) Task: {B44EDD23-28E2-45E1-AB3C-AA3C6FFBDA35} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-09-11] (CyberLink Corp. -> CyberLink Corp.) Task: {BEEE2CDA-DF44-484C-B910-1619C7E038CD} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [347416 2016-09-20] (CyberLink Corp. -> CyberLink Corp.) Task: {BF199348-6B80-4B5D-BBF6-38749FBDE599} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {C2C7D3BA-C9D8-4582-86B0-2CE173FFCF7D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321240 2018-09-06] (Lenovo -> Lenovo) Task: {C3491425-B0C8-48AD-A9A7-B2024C4E7422} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a7cfa59a-c2e7-49ed-87c3-b7a69d68b0a7 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.) Task: {C64575E1-55EC-4D35-999C-CAADD53F13AA} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.7.382\mcdatrep.exe [1752728 2019-04-04] (McAfee, Inc. -> McAfee, LLC.) Task: {C6ABF040-4B92-486F-9AFE-447CEEC3CED9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-27] (Google Inc -> Google Inc.) Task: {C87D354D-DFC8-4CA1-B638-8340B9816073} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4546112 2019-07-08] (McAfee, LLC -> McAfee, LLC.) Task: {CEDB0CF1-3FC8-4107-A0FA-9973A32BD00B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\57467c6e-3c77-48ba-96c0-cc169221864f => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.) Task: {CF59205A-4279-4E8E-8640-7CCCF7D1CF3E} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-08-01] (Lenovo -> ) Task: {DCCF588C-B9FA-4BFF-B035-533BC7A1DD36} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [103472 2019-09-19] (Microsoft Corporation -> Microsoft Corporation) Task: {E39DD520-4B52-4854-BD6E-B3E544D281DC} - System32\Tasks\App Explorer => C:\Users\akira\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7399080 2019-06-03] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION Task: {E4ABC289-FBAA-476A-B658-979C3C368951} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26045560 2019-09-04] (Microsoft Corporation -> Microsoft Corporation) Task: {E60D4873-F741-4E45-AD71-A35BA1C9FE1B} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {EBDF6126-9E75-41AE-B072-2EA49BE87AF8} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54440 2019-04-24] (Lenovo -> Lenovo Group Ltd.) Task: {F8A054EB-CE74-443E-8E29-92D6A609B810} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403552 2019-09-19] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 10.147.36.15 10.147.36.16 10.147.1.31 10.147.1.22 Tcpip\..\Interfaces\{e4c112f9-bdd0-4d43-ba07-a3e1209c6bdc}: [DhcpNameServer] 192.168.43.232 Tcpip\..\Interfaces\{e66972ff-c6fd-4df3-ab93-6399c3f286bf}: [DhcpNameServer] 10.147.36.15 10.147.36.16 10.147.1.31 10.147.1.22 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-358205242-1294261426-4112239854-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-358205242-1294261426-4112239854-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-358205242-1294261426-4112239854-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com SearchScopes: HKU\S-1-5-21-358205242-1294261426-4112239854-1001 -> DefaultScope {4248C069-DD0D-4609-B144-969CCBDF28B6} URL = SearchScopes: HKU\S-1-5-21-358205242-1294261426-4112239854-1001 -> {4248C069-DD0D-4609-B144-969CCBDF28B6} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-09-19] (Microsoft Corporation -> Microsoft Corporation) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) BHO: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-07-20] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) BHO-x32: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Toolbar: HKLM - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Toolbar: HKLM-x32 - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-20] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-20] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-20] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-20] (Microsoft Corporation -> Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2019-08-23] (McAfee, LLC. -> McAfee, LLC.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2019-08-23] (McAfee, LLC. -> McAfee, LLC.) Edge: ====== DownloadDir: C:\Users\akira\Downloads FireFox: ======== FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2019-09-21] [Legacy] [not signed] FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2019-08-23] (McAfee, LLC. -> ) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed] FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2019-08-23] (McAfee, LLC. -> ) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-20] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-20] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC) Chrome: ======= CHR DefaultProfile: Profile 2 CHR HomePage: Profile 2 -> hxxp://www.google.com/ CHR StartupUrls: Profile 2 -> "hxxp://www.google.com/" CHR Profile: C:\Users\akira\AppData\Local\Google\Chrome\User Data\Default [2019-09-24] CHR Profile: C:\Users\akira\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-24] CHR Profile: C:\Users\akira\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-10-03] CHR Extension: (Slides) - C:\Users\akira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20] CHR Extension: (Docs) - C:\Users\akira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20] CHR Extension: (Google Drive) - C:\Users\akira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-01] CHR Extension: (YouTube) - C:\Users\akira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-01] CHR Extension: (Video Downloader professional) - C:\Users\akira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dakbpnomcpnfffehgdgdcfkaljdfbggj [2019-09-22] CHR Extension: (Sheets) - C:\Users\akira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20] CHR Extension: (Google Docs Offline) - C:\Users\akira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21] CHR Extension: (Chrome Web Store Payments) - C:\Users\akira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\akira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29] CHR Extension: (Chrome Media Router) - C:\Users\akira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-10] CHR Profile: C:\Users\akira\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-24] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 0132271569107133mcinstcleanup; C:\ProgramData\McInstTemp0132271569107133\McInst.exe [941448 2019-08-14] (McAfee, LLC. -> McAfee, LLC.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.) S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (LENOVO -> Lenovo) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11153512 2019-09-04] (Microsoft Corporation -> Microsoft Corporation) S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc. -> McAfee, Inc.) R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [132096 2016-05-12] (Conexant Systems, Inc.) [File not signed] S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [194048 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO -> Lenovo) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] (Canon Inc. -> ) R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.) R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\LenovoVantageService.exe [18200 2019-08-29] (Lenovo -> Lenovo Group Ltd.) S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [337688 2018-09-06] (Lenovo -> Lenovo) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_19_7\McApExe.exe [747384 2019-08-23] (McAfee, LLC. -> McAfee, LLC) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.1.286.0\\McCSPServiceHost.exe [2226608 2019-06-13] (McAfee, LLC. -> McAfee, LLC.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC) R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1720032 2019-08-09] (McAfee, LLC -> McAfee, LLC.) R3 PDF Architect 6; C:\Program Files\PDF Architect 6\ws.exe [2569976 2018-10-23] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 6 Creator; C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe [832248 2018-10-23] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 6 Update Service; C:\Program Files\PDF Architect 6\updater-ws.exe [1665272 2018-10-23] (pdfforge GmbH -> pdfforge GmbH) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1362400 2019-08-09] (McAfee, LLC. -> McAfee, Inc.) R2 SAService; C:\WINDOWS\system32\SAsrv.exe [431960 2015-09-15] (Conexant Systems, Inc. -> Conexant Systems, Inc.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [258648 2018-01-06] (Synaptics Incorporated -> Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation) S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75696 2019-08-22] (McAfee, Inc. -> McAfee, LLC) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [217912 2019-06-04] (McAfee, LLC -> McAfee, Inc.) S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2019-08-22] (McAfee, Inc. -> McAfee, LLC) U3 mfeaack01; no ImagePath R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [379824 2019-08-22] (McAfee, Inc. -> McAfee, LLC) U3 mfeavfk01; no ImagePath S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2019-08-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517040 2019-08-22] (McAfee, Inc. -> McAfee, LLC) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [993712 2019-08-22] (McAfee, Inc. -> McAfee, LLC) U3 mfehidk01; no ImagePath R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [564584 2019-07-21] (McAfee, Inc. -> McAfee LLC.) U3 mfencbdc01; no ImagePath U3 mfencbdc02; no ImagePath S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108904 2019-07-21] (McAfee, Inc. -> McAfee LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2019-08-22] (McAfee, Inc. -> McAfee, LLC) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2019-08-22] (McAfee, Inc. -> McAfee, LLC) R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2355544 2018-07-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-23] (Realtek Semiconductor Corp. -> Realtek ) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [427520 2016-11-16] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3150344 2016-10-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation) R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) U3 aswbdisk; no ImagePath U3 aswblog; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-10-03 16:38 - 2019-10-03 16:41 - 000037674 _____ C:\Users\akira\Downloads\FRST.txt 2019-10-03 16:37 - 2019-10-03 16:40 - 000000000 ____D C:\FRST 2019-10-03 16:25 - 2019-10-03 15:03 - 001615360 _____ (Farbar) C:\Users\akira\Downloads\FRST64.exe 2019-10-01 18:21 - 2019-09-26 12:05 - 000262311 _____ C:\Users\akira\Documents\Carlos Chevez Resume_.pdf 2019-09-27 20:56 - 2019-09-27 20:56 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-358205242-1294261426-4112239854-1001 2019-09-27 20:56 - 2019-09-27 20:56 - 000002370 _____ C:\Users\akira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-09-24 19:28 - 2019-09-24 19:28 - 034178328 _____ (MediaHuman ) C:\Users\akira\Downloads\MHAudioConverter.exe 2019-09-24 19:28 - 2019-09-24 19:28 - 000000000 ____D C:\Users\akira\AppData\Local\MediaHuman 2019-09-24 19:28 - 2019-09-24 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman 2019-09-24 19:28 - 2019-09-24 19:28 - 000000000 ____D C:\Program Files (x86)\MediaHuman 2019-09-24 19:15 - 2019-09-24 19:15 - 000000000 ____D C:\Users\akira\AppData\Roaming\WinRAR 2019-09-24 19:14 - 2019-09-24 19:16 - 000000000 ____D C:\Users\akira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-09-24 19:14 - 2019-09-24 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-09-24 19:14 - 2019-09-24 19:15 - 000000000 ____D C:\Program Files\WinRAR 2019-09-24 19:13 - 2019-09-24 19:14 - 003145336 _____ (Alexander Roshal) C:\Users\akira\Downloads\winrar-x64-571.exe 2019-09-21 19:14 - 2019-07-21 12:44 - 000564584 _____ (McAfee LLC.) C:\WINDOWS\system32\Drivers\mfencbdc.sys 2019-09-21 19:12 - 2019-09-21 19:12 - 000003316 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon 2019-09-21 19:09 - 2019-08-22 08:38 - 000521648 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeaack.sys 2019-09-21 19:09 - 2019-08-22 08:38 - 000116656 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeplk.sys 2019-09-21 19:09 - 2019-08-19 12:33 - 000549568 _____ (McAfee, LLC) C:\WINDOWS\system32\mfevtps.exe 2019-09-21 19:05 - 2019-09-21 19:05 - 000000000 ____D C:\ProgramData\McInstTemp0132271569107133 2019-09-19 17:28 - 2019-09-19 17:28 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2019-09-19 17:28 - 2019-09-19 17:28 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2019-09-19 17:28 - 2019-09-19 17:28 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2019-09-19 17:28 - 2019-09-19 17:28 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2019-09-19 17:28 - 2019-09-19 17:28 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2019-09-19 17:28 - 2019-09-19 17:28 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2019-09-19 17:28 - 2019-09-19 17:28 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2019-09-19 17:28 - 2019-09-19 17:28 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2019-09-19 17:28 - 2019-09-19 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2019-09-12 16:40 - 2019-09-12 16:40 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-09-12 16:40 - 2019-09-12 16:40 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2019-09-12 16:21 - 2019-09-12 16:21 - 020817408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2019-09-12 16:21 - 2019-09-12 16:21 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2019-09-12 16:21 - 2019-09-12 16:21 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-09-12 16:21 - 2019-09-12 16:21 - 000349144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2019-09-12 16:20 - 2019-09-12 16:21 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 023453696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 022124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 009679672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 008903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 007690648 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 006310064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 005597808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 004874752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-09-12 16:20 - 2019-09-12 16:20 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 003333984 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-09-12 16:20 - 2019-09-12 16:20 - 002700784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 002593032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-09-12 16:20 - 2019-09-12 16:20 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 002073240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001899152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001864192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001764352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001721360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001702096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-09-12 16:20 - 2019-09-12 16:20 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001484592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-09-12 16:20 - 2019-09-12 16:20 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001294280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001054952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 000988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000865576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000811024 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000807760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 000764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000751928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2019-09-12 16:20 - 2019-09-12 16:20 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000740904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000660544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 000652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000585184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000554000 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000540240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2019-09-12 16:20 - 2019-09-12 16:20 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000532192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000409256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2019-09-12 16:20 - 2019-09-12 16:20 - 000402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000330592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000279416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2019-09-12 16:20 - 2019-09-12 16:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys 2019-09-12 16:20 - 2019-09-12 16:20 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-09-12 16:20 - 2019-09-12 16:20 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2019-09-12 16:20 - 2019-09-12 16:20 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys 2019-09-12 16:20 - 2019-09-12 16:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2019-09-12 16:20 - 2019-09-12 16:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2019-09-12 16:20 - 2019-09-12 16:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2019-09-12 16:20 - 2019-09-12 16:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2019-09-12 16:20 - 2019-09-12 16:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2019-09-12 16:20 - 2019-09-12 16:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2019-09-12 16:20 - 2019-09-12 16:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2019-09-12 16:20 - 2019-09-12 16:20 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2019-09-12 15:56 - 2019-09-12 15:56 - 000001823 _____ C:\Users\Public\Desktop\iTunes.lnk 2019-09-12 15:56 - 2019-09-12 15:56 - 000001823 _____ C:\ProgramData\Desktop\iTunes.lnk 2019-09-12 15:56 - 2019-09-12 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2019-09-12 15:56 - 2019-09-12 15:56 - 000000000 ____D C:\Program Files\iPod 2019-09-12 15:54 - 2019-09-12 15:56 - 000000000 ____D C:\Program Files\iTunes ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-10-03 16:29 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-10-03 16:16 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps 2019-10-03 16:16 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-10-03 16:06 - 2019-02-27 03:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2019-10-03 16:05 - 2017-10-15 23:50 - 000000000 ____D C:\Users\akira\AppData\Roaming\TAC 2019-10-03 16:02 - 2018-05-23 22:18 - 000000000 ____D C:\Users\akira\AppData\Local\Host App Service 2019-10-03 16:01 - 2018-05-23 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2019-10-03 15:58 - 2016-09-27 20:06 - 000000000 __SHD C:\Users\akira\IntelGraphicsProfiles 2019-10-03 00:24 - 2018-04-07 09:58 - 000000000 ____D C:\Users\akira\AppData\Local\DD948F0E-C09C-44F3-BADE-B2746C42FB5B.aplzod 2019-10-02 21:50 - 2019-02-27 02:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-10-02 18:09 - 2019-07-16 12:21 - 000000000 ____D C:\Users\akira\Documents\Bills 2019-10-02 17:39 - 2019-07-08 23:55 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2019-10-01 21:16 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-10-01 19:48 - 2019-05-31 23:06 - 000000000 ____D C:\Users\akira\AppData\Roaming\WhatsApp 2019-10-01 19:44 - 2017-06-15 23:26 - 000000000 ____D C:\Users\akira\AppData\Local\CrashDumps 2019-10-01 17:53 - 2018-09-15 03:31 - 000000000 ____D C:\WINDOWS\INF 2019-10-01 17:35 - 2017-10-29 01:12 - 000000000 ____D C:\Users\akira\AppData\Local\Packages 2019-09-28 22:02 - 2016-09-27 20:06 - 000000000 ____D C:\Users\akira\AppData\Local\VirtualStore 2019-09-28 20:41 - 2018-09-15 02:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM 2019-09-27 20:56 - 2016-09-27 20:09 - 000000000 ___RD C:\Users\akira\OneDrive 2019-09-25 18:04 - 2019-07-14 08:41 - 000969966 _____ C:\Users\akira\Downloads\n-600.pdf 2019-09-24 20:56 - 2019-05-17 10:19 - 000000000 ____D C:\Users\akira\AppData\Roaming\MPC-HC 2019-09-24 19:19 - 2019-02-27 02:34 - 000000000 ____D C:\Users\akira 2019-09-24 19:19 - 2016-09-27 21:10 - 000000000 ____D C:\ProgramData\WinZip 2019-09-24 17:23 - 2016-05-28 08:36 - 000000000 ____D C:\ProgramData\Lenovo 2019-09-23 21:26 - 2019-02-27 03:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT 2019-09-23 21:25 - 2018-02-05 18:18 - 000001383 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog 2019-09-23 21:25 - 2016-05-28 08:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2019-09-23 21:25 - 2016-05-28 08:23 - 000000000 ____D C:\Program Files (x86)\Lenovo 2019-09-22 16:58 - 2019-05-31 23:06 - 000000000 ____D C:\Users\akira\AppData\Local\WhatsApp 2019-09-22 16:55 - 2016-09-29 21:23 - 000000000 ____D C:\ProgramData\CanonIJPLM 2019-09-21 20:05 - 2019-02-27 03:05 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare) 2019-09-21 19:14 - 2016-09-27 20:21 - 000000000 ____D C:\Program Files\Common Files\McAfee 2019-09-21 19:10 - 2018-09-15 03:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-09-21 19:05 - 2016-09-27 20:23 - 000000000 ____D C:\Program Files (x86)\McAfee 2019-09-19 17:36 - 2016-09-27 21:55 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-09-19 17:26 - 2017-05-11 18:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-09-16 18:43 - 2019-02-27 00:03 - 000000000 ____D C:\Users\akira\AppData\Local\JDownloader 2.0 2019-09-15 16:27 - 2018-05-14 19:33 - 000000000 ____D C:\Users\akira\AppData\Local\ElevatedDiagnostics 2019-09-15 16:23 - 2018-02-19 20:53 - 000000000 ____D C:\Users\akira\AppData\Local\PlaceholderTileLogoFolder 2019-09-13 15:01 - 2019-02-27 02:48 - 000842664 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-09-13 14:59 - 2017-11-23 10:29 - 000000000 ____D C:\Users\akira\AppData\Local\LenovoServiceBridge 2019-09-13 14:55 - 2017-10-29 01:41 - 000000000 ___RD C:\Users\akira\3D Objects 2019-09-13 14:55 - 2015-11-03 15:24 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-09-13 14:54 - 2019-04-13 13:57 - 000444032 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-09-13 14:53 - 2019-02-27 03:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-09-13 01:02 - 2018-09-15 02:09 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2019-09-13 01:00 - 2018-09-15 03:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2019-09-13 01:00 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-09-13 01:00 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-09-12 16:54 - 2018-09-15 03:23 - 000000000 ____D C:\WINDOWS\CbsTemp ==================== Files in the root of some directories ================ 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\001513689ec547768f3f1107a7ecab8f 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\001513689ec547768f3f1107a7ecab8fthumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\0a0b0446afc64c8dab853892278e6e6e 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\0a0b0446afc64c8dab853892278e6e6ethumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\0a88199185ce437f8c400e8bb3790010 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\0a88199185ce437f8c400e8bb3790010thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\0bc13edb5cb7488ebe7ebfebcc2d92e2 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\0bc13edb5cb7488ebe7ebfebcc2d92e2thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\21c26c228075461eb93b094cf3bfd2a4 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\21c26c228075461eb93b094cf3bfd2a4thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\38a0bbddcf1644b192d4c7d03494cf33 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\38a0bbddcf1644b192d4c7d03494cf33thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\3eb59f2def084ec3806899fab38dbda6 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\3eb59f2def084ec3806899fab38dbda6thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\52b09522cfb94e499e9027c1994f00b6 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\52b09522cfb94e499e9027c1994f00b6thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\614901c6124045a28f509cbcfeae79c6 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\614901c6124045a28f509cbcfeae79c6thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\68f35b55dc8245d681ea802d731b4fb7 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\68f35b55dc8245d681ea802d731b4fb7thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\951385a688bf4ddebeaaeecb3d6c66f2 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\951385a688bf4ddebeaaeecb3d6c66f2thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\a2af369034924618b01bd73b852fa03f 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\a2af369034924618b01bd73b852fa03fthumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\afb0d8ae14724a988301a50da0f55541 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\afb0d8ae14724a988301a50da0f55541thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\b3492c47bd1749d5a9a337498d6614f0 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\b3492c47bd1749d5a9a337498d6614f0thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\d5fd40b9ef81487aa96444620c8e1e49 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\d5fd40b9ef81487aa96444620c8e1e49thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\dc08e181d8004a53adf7cdb7112c4da2 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\dc08e181d8004a53adf7cdb7112c4da2thumb 2019-01-29 21:42 - 2019-01-29 21:42 - 000095085 _____ () C:\Users\akira\AppData\Roaming\DefaultAlbumArt.png 2019-01-29 21:42 - 2019-01-29 21:42 - 000165847 _____ () C:\Users\akira\AppData\Roaming\DefaultArtistArt.png 2019-01-29 21:42 - 2019-01-29 21:42 - 000164313 _____ () C:\Users\akira\AppData\Roaming\DefaultPlaylistArt.png 2019-01-29 21:42 - 2019-01-29 21:42 - 000095085 _____ () C:\Users\akira\AppData\Roaming\DefaultTrackArt.png 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\e4d25a0867de4fb9926cd6ad1c925316 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\e4d25a0867de4fb9926cd6ad1c925316thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\f1355af0dc0740b899928b31255c6591 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\f1355af0dc0740b899928b31255c6591thumb 2019-02-07 20:49 - 2019-02-07 20:49 - 000046405 _____ () C:\Users\akira\AppData\Roaming\f2f88d16ff7d4acfb18bf005e6bd7bc3 2019-02-07 20:49 - 2019-02-07 20:49 - 000013647 _____ () C:\Users\akira\AppData\Roaming\f2f88d16ff7d4acfb18bf005e6bd7bc3thumb ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================