Hello.

Yesterday I attempted downloading the outdated basic Warcraft 2 – Tides of Darkness from a website I did not know. Certainly what i downloaded was most definitely not W2, however some type of an infection. What was downloaded is a program known as AIMED (or one thing like that), it seemed like a music/media participant, which i’ve now uninstalled and deleted. I’ve Kaspersky which after the very fact allerted me of the brand new program with the message (translated from norwegian):

 

” A authorized program that could be utilized by criminals to harm the computer or your private knowledge.

We reccomend you shut all lively applications and saves any modifications earlier than restarting the pc.

Found: not-a-virus:HEUR:Monitor.Win32.RK.gen 

Location: C:WindowsSysWOW64pmls.dll “

 

I additionally obtained plenty of completely different error messages, at obtained photos of a few of them with ny cellphone, I do not know if I obtained all of them, those i obtained:

“jusched.exe – Invalid picture”,  C:WindowsSystem32DPAPI.dll” The error message saying that the file was not saved to be run in Windows or containing some form of error, try reinstalling the program with the original means of installation, or contact the administrators or the software producer for help. Errorstatus 0xc0000022″

 

there have been a number of of this type, with diffrent information and directories:

utilityWtl: utility.exe   C:WindowsSystem32MMDeviApi.dll”

explorer.exe    C:WindowsSystem32winmm.dll

explorer.exe    C:WindowsSystem32PROPSYS.dll

explorer.exe    C:WindowsSystem32dxgi.dll

explorer.exe    C:WindowsSystem32TWINAPI.dll

SmartAudio.exe    explorer.exe    C:WindowsSystem32DriverStoreFileRepositorynvit.inf_amd64_851a79f6668d708nvit.dll

 

and (at the least) certainly one of these:

“IAStorlcon.exe – Program error       The exception(might be a terrible translation) Unknown softwareexception (0xe0434352) occured in the program 0x00000000772C3522.” 

 

There may need been extra, however these are those I obtained images of (images could be uploaded from my cell, if thats of any assist).

 

As well as the an infection additionally denied me entry to the Begin- button, and at instances stored me from utilizing the “Type here to search” toolbar proper subsequent to the start-button. 

There may need been extra errors, however not that I can keep in mind for the time being

 

As talked about above I exploit Kaspersky, which recognized the issue and advisable I disinfect and restart the PC, which i tryied doing 2-3 instances however the issues reoccured. Then i Ran SuperAntispyware which additionally discovered some information that it quarantined earlier than deletion. I then ran Kaspersky and SuperAntispyware once more, earlier than restarting. I additionally ran Home windows Defender, I ran a scan in a single day (10 hours) which got here up clear. New scans with SuperAnti and Kaspersky additionally showes no infections.

My computer appears to work correctly, there aren’t any extra error messages and I’ve whole management over the start-button and many others. That means I feel my PC is now healed. Alas; I’m under no circumstances an professional, so might I ask you to assist me out double checking? I learn the Malware and Adware cleansing information on this website, so I’ve downloaded and ran FRST64, the outcomes are as following:

 

FRST.txt:

 

Scan results of Farbar Restoration Scan Instrument (FRST) (x64) Model: 25-09-2019
Ran by fredr (administrator) on LAPTOP-NLFI1GM9 (LENOVO 80TV) (25-09-2019 18:10:43)
Operating from C:UsersfredrDesktop
Loaded Profiles: fredr (Accessible Profiles: fredr)
Platform: Home windows 10 Residence Model 1903 18362.356 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Regular
Tutorial for Farbar Restoration Scan Instrument: http://www.geekstogo…very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included within the fixlist, the method might be closed. The file is not going to be moved.)
 
() [File not signed] C:Program FilesDolbyDolby DAX2DAX2_APIDolbyDAX2API.exe
() [File not signed] C:Program FilesDolbyDolby DAX2DAX2_APPDolbyDAX2TrayIcon.exe
(Conexant Programs, Inc. -> Conexant Programs Inc.) C:WindowsSystem32CxAudMsg64.exe
(Conexant Programs, Inc. -> Conexant Programs, Inc) C:Program FilesCONEXANTSAIISmartAudio.exe
(Conexant Programs, Inc. -> Conexant Programs, Inc.) C:Program FilesCONEXANTcAudioFilterAgentCAudioFilterAgent64.exe
(Conexant Programs, Inc. -> Conexant Programs, Inc.) C:WindowsSystem32SASrv.exe
(CyberLink Corp. -> CyberLink Corp.) C:Program Recordsdata (x86)LenovoLenovo Photograph MasterPhotoMasterImportAgent.exe
(ELAN Microelectronics Company -> ELAN Microelectronics Corp.) C:Program FilesElantechETDCtrl.exe
(ELAN Microelectronics Company -> ELAN Microelectronics Corp.) C:Program FilesElantechETDCtrlHelper.exe
(ELAN Microelectronics Company -> ELAN Microelectronics Corp.) C:Program FilesElantechETDIntelligent.exe
(ELAN Microelectronics Company -> ELAN Microelectronics Corp.) C:Program FilesElantechETDService.exe
(ETH Zürich -> ETH Zurich) C:Program Recordsdata (x86)SafeExamBrowserSebWindowsServiceWCFSebWindowsServiceWCF.exe
(Fortemedia Inc -> ) C:Program FilesCONEXANTForteConfigfmapp.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Google LLC -> Google LLC) C:Program Recordsdata (x86)GoogleChromeApplicationchrome.exe
(Intel® pGFX -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_1a33d2f73651d989igfxCUIService.exe
(Intel® pGFX -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_1a33d2f73651d989igfxEM.exe
(Intel® pGFX -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_1a33d2f73651d989IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_1a33d2f73651d989IntelCpHeciSvc.exe
(Intel® Fast Storage Know-how -> Intel Company) C:Program FilesIntelIntel® Fast Storage TechnologyIAStorDataMgrSvc.exe
(Intel® Fast Storage Know-how -> Intel Company) C:Program FilesIntelIntel® Fast Storage TechnologyIAStorIcon.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:Program Recordsdata (x86)Kaspersky LabKaspersky Web Safety 17.0.0avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:Program Recordsdata (x86)Kaspersky LabKaspersky Web Safety 17.0.0avpui.exe
(Lenovo -> Lenovo Group Ltd.) C:Program Recordsdata (x86)LenovoImControllerPluginHostLenovo.Trendy.ImController.PluginHost.Machine.exe
(Lenovo -> Lenovo Group Ltd.) C:Program FilesLenovoImControllerPluginHostLenovo.Trendy.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:Program FilesLenovoImControllerServiceLenovo.Trendy.ImController.exe
(LENOVO -> Lenovo(beijing) Restricted) C:ProgramDataLenovoImControllerPluginsIdeaOSDPackagex64utility.exe
(LENOVO -> Lenovo) C:Program Recordsdata (x86)LenovoGDCAgentSetupRedGDCAgent.exe
(Microsoft Company -> Microsoft Company) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe
(Microsoft Company -> Microsoft Company) C:UsersfredrAppDataLocalMicrosoftOneDriveOneDrive.exe
(Microsoft Company) C:Program FilesWindowsAppsMicrosoft.Home windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbweMicrosoft.Pictures.exe
(Microsoft Company) C:Program FilesWindowsAppsMicrosoft.YourPhone_1.19082.1010.0_x64__8wekyb3d8bbweYourPhone.exe
(Microsoft Company) C:Program FilesWindowsAppsMicrosoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbweVideo.UI.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32dllhost.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32dllhost.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32dllhost.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32Locator.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32smartscreen.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSysWOW64wbemWmiPrvSE.exe
(NVIDIA Company -> NVIDIA Company) C:Program Recordsdata (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
(NVIDIA Company -> NVIDIA Company) C:Program Recordsdata (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
(NVIDIA Company -> NVIDIA Company) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe
(NVIDIA Company -> NVIDIA Company) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe
(NVIDIA Company -> NVIDIA Company) C:Program FilesNVIDIA CorporationDisplaynvtray.exe
(NVIDIA Company -> NVIDIA Company) C:Program FilesNVIDIA CorporationGeForce Expertise ServiceGfExperienceService.exe
(Oracle America, Inc. -> Oracle Company) C:Program Recordsdata (x86)Frequent FilesJavaJava Updatejusched.exe
(Qualcomm Atheros -> Home windows ® Win 7 DDK supplier) C:WindowsSystem32AdminService.exe
(Skype) C:Program FilesWindowsAppsMicrosoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5cSkypeApp.exe
(Skype) C:Program FilesWindowsAppsMicrosoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5cSkypeBackgroundHost.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:Program FilesSUPERAntiSpywareSASCore64.exe
(Help.com, Inc. -> SUPERAntiSpyware) C:Program FilesSUPERAntiSpywareSUPERANTISPYWARE.EXE
(SweetLabs Inc. -> SweetLabs, Inc) C:UsersfredrAppDataLocalHost App ServiceEngineHostAppServiceUpdater.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included within the fixlist, the registry merchandise might be restored to default or eliminated. The file is not going to be moved.)
 
HKLM…Run: [ForteConfig] => C:Program FilesConexantForteConfigfmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM…Run: [DAX2_APP] => C:Program FilesDolbyDolby DAX2DAX2_APPDolbyDAX2TrayIcon.exe [809472 2016-05-16] () [File not signed]
HKLM…Run: [SmartAudio] => C:Program FilesCONEXANTSAIISACpl.exe [1830232 2016-03-08] (Conexant Programs, Inc. -> Conexant Programs, Inc.)
HKLM…Run: [cAudioFilterAgent] => C:Program FilesConexantcAudioFilterAgentcAudioFilterAgent64.exe [602968 2015-12-08] (Conexant Programs, Inc. -> Conexant Programs, Inc.)
HKLM…Run: [IAStorIcon] => C:Program FilesIntelIntel® Fast Storage TechnologyIAStorIcon.exe [320584 2016-06-01] (Intel® Fast Storage Know-how -> Intel Company)
HKLM…Run: [LenovoUtility] => C:ProgramDataLenovoImControllerPluginsIdeaOSDPackagex64utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Restricted)
HKLM…Run: [Logitech Download Assistant] => C:WindowsSystem32LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Recordsdata (x86)Frequent FilesJavaJava Updatejusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Company)
HKUS-1-5-21-1988050883-485731102-3318695099-1001…Run: [PhotoMasterImportAgent] => C:Program Recordsdata (x86)LenovoLenovo Photograph MasterPhotoMasterImportAgent.exe [675608 2016-04-22] (CyberLink Corp. -> CyberLink Corp.)
HKUS-1-5-21-1988050883-485731102-3318695099-1001…Run: [SUPERAntiSpyware] => C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe [9198512 2019-09-25] (Help.com, Inc. -> SUPERAntiSpyware)
HKLMSoftwareMicrosoftActive SetupInstalled Parts: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Recordsdata (x86)GoogleChromeApplication77.0.3865.90Installerchrmstp.exe [2019-09-25] (Google LLC -> Google LLC)
CHR HKUS-1-5-21-1988050883-485731102-3318695099-1001SOFTWAREPoliciesGoogle: Restriction <==== ATTENTION
 
==================== Scheduled Duties (Whitelisted) =============
 
(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved until listed individually.)
 
Job: {042386FE-BD71-4E52-A39C-479489540672} – System32TasksLenovoImControllerLenovo iM Controller Monitor => C:WINDOWSsystem32ImController.InfInstaller.exe [54440 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Job: {08F58EBD-AB99-4838-B80E-C49C581C3A78} – MicrosoftWindowsUNPRunCampaignManager -> No File <==== ATTENTION
Job: {1FA21524-4C09-4383-A05A-1C43C1BC6ACF} – System32TasksMicrosoftOfficeOffice Computerized Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [27367016 2019-08-30] (Microsoft Company -> Microsoft Company)
Job: {20D7DA10-87D9-4135-A11E-1898AB5D91A8} – System32TasksGoogleUpdateTaskMachineUA => C:Program Recordsdata (x86)GoogleUpdateGoogleUpdate.exe [153752 2017-01-05] (Google Inc -> Google Inc.)
Job: {2E009D55-A061-4DAF-9DFA-2AE778FEA0FF} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [27367016 2019-08-30] (Microsoft Company -> Microsoft Company)
Job: {48AB7CE1-3169-4528-A28A-B6B9D43B0F9B} – System32TasksLenovoImControllerTimeBasedEvents23afcfe8-cd98-4a60-a4a5-5de022e7d8d8 => C:Program FilesLenovoImControllerServiceLenovo.Trendy.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Job: {4E649F92-3675-4986-BF01-3EB93C3F252C} – System32TasksLenovoImControllerTimeBasedEvents5068b1e7-1653-4ac0-b53e-5aebf5833714 => C:Program FilesLenovoImControllerServiceLenovo.Trendy.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Job: {56F8D3E3-81BF-449A-82BC-105581D47EA8} – System32TasksKaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:Program FilesCommon FilesAVKaspersky Labupgrade_launcher.exe [516416 2016-08-11] (Kaspersky Lab -> AO Kaspersky Lab)
Job: {5A63B976-7600-4463-918F-4C2F1B78A472} – System32TasksMicrosoftOfficeOfficeBackgroundTaskHandlerLogon => C:Program Recordsdata (x86)Microsoft OfficerootOffice16officebackgroundtaskhandler.exe [1428640 2019-09-17] (Microsoft Company -> Microsoft Company)
Job: {5D542697-E369-48A1-92E9-B8B0AC842B78} – System32TasksLenovoImControllerPluginsLenovoSystemUpdatePlugin_WeeklyTask => %windirpercentSystem32reg.exe add hklmSOFTWARELenovoSystemUpdatePluginscheduler  /v begin /t reg_dword /d 1 /f /reg:32
Job: {6C2D2DF0-384A-41F2-8038-5CD41D12B517} – System32TasksLenovoImControllerLenovo iM Controller Scheduled Upkeep => %windirpercentsystem32sc.exe START ImControllerService
Job: {76D9504D-AD67-4345-B73C-8D4F56F0ECBF} – System32TasksLenovoImControllerTimeBasedEventsd59b6ee7-d072-4b0b-87b4-7cb2c9b7a201 => C:Program FilesLenovoImControllerServiceLenovo.Trendy.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Job: {7B6B4983-1E00-46F0-8862-4B973040B965} – System32TasksApp Explorer => C:UsersfredrAppDataLocalHost App ServiceEngineHostAppServiceUpdater.exe [7399080 2019-06-04] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Job: {899B06E7-E872-41E2-A711-1FA13CE1F4B1} – System32TasksMicrosoftOfficeOfficeBackgroundTaskHandlerRegistration => C:Program Recordsdata (x86)Microsoft OfficerootOffice16officebackgroundtaskhandler.exe [1428640 2019-09-17] (Microsoft Company -> Microsoft Company)
Job: {A8292DA8-0EED-4C69-A47F-55D5DFE1B091} – System32TasksMicrosoftOfficeOffice Function Updates => C:Program Recordsdata (x86)Microsoft OfficerootVFSProgramFilesCommonX86Microsoft SharedOffice16sdxhelper.exe [117728 2019-09-17] (Microsoft Company -> Microsoft Company)
Job: {B1F221BC-D817-4FCB-AB0A-03DB30DE638D} – System32TasksNvbackend => C:Program Recordsdata (x86)NVIDIA CorporationUpdate CoreNvBackend.exe [2398776 2016-05-02] (NVIDIA Company -> NVIDIA Company)
Job: {BDCCA475-3F76-49AD-9E49-9BD21555CE77} – System32TasksGoogleUpdateTaskMachineCore => C:Program Recordsdata (x86)GoogleUpdateGoogleUpdate.exe [153752 2017-01-05] (Google Inc -> Google Inc.)
Job: {F12E1EA6-C01D-4B30-A4FD-F14954374228} – System32TasksCyberLinkPhoto Grasp Gadget startup => C:Program Recordsdata (x86)LenovoLenovo Photograph MasterPhotoMasterWorker.exe [745240 2016-04-22] (CyberLink Corp. -> CyberLink Corp.)
Job: {F1D7B04B-2E15-41EB-AE03-C1AD13E1AB4C} – System32TasksMicrosoftOfficeOffice Function Updates Logon => C:Program Recordsdata (x86)Microsoft OfficerootVFSProgramFilesCommonX86Microsoft SharedOffice16sdxhelper.exe [117728 2019-09-17] (Microsoft Company -> Microsoft Company)
 
(If an entry is included within the fixlist, the duty (.job) file might be moved. The file which is working by the duty is not going to be moved.)
 
 
==================== Web (Whitelisted) ====================
 
(If an merchandise is included within the fixlist, if it’s a registry merchandise it is going to be eliminated or restored to default.)
 
TcpipParameters: [DhcpNameServer] 92.220.228.70 109.247.114.4
Tcpip..Interfaces{48dbae04-5f2d-4629-bcc9-59be7ea8243a}: [DhcpNameServer] 109.247.114.4 92.220.228.70
Tcpip..Interfaces{d42b6806-3b84-4606-abe3-23b9885c2cc4}: [DhcpNameServer] 92.220.228.70 109.247.114.4
 
Web Explorer:
==================
HKUS-1-5-21-1988050883-485731102-3318695099-1001SoftwareMicrosoftInternet ExplorerMain,Begin Web page = hxxp://lenovo15.msn.com/?computer=LCTE
HKUS-1-5-21-1988050883-485731102-3318695099-1001SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://lenovo15.msn.com/?computer=LCTE
HKUS-1-5-21-1988050883-485731102-3318695099-1001SoftwareMicrosoftInternet ExplorerMain,Secondary Begin Pages = hxxp://mystart.lenovo.com
SearchScopes: HKUS-1-5-21-1988050883-485731102-3318695099-1001 -> DefaultScope {0463B379-8E0A-43E5-9A0A-97E94237246F} URL = 
SearchScopes: HKUS-1-5-21-1988050883-485731102-3318695099-1001 -> {0463B379-8E0A-43E5-9A0A-97E94237246F} URL = 
BHO: Kaspersky Safety -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:Program Recordsdata (x86)Kaspersky LabKaspersky Web Safety 17.0.0x64IEExtie_plugin.dll [2017-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Skype for Enterprise Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Recordsdata (x86)Microsoft OfficerootVFSProgramFilesX64Microsoft OfficeOffice16OCHelper.dll [2019-07-09] (Microsoft Company -> Microsoft Company)
BHO-x32: Kaspersky Safety -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:Program Recordsdata (x86)Kaspersky LabKaspersky Web Safety 17.0.0IEExtie_plugin.dll [2017-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program Recordsdata (x86)Javajre1.8.0_221binssv.dll [2019-07-30] (Oracle America, Inc. -> Oracle Company)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program Recordsdata (x86)Javajre1.8.0_221binjp2ssv.dll [2019-07-30] (Oracle America, Inc. -> Oracle Company)
Toolbar: HKLM – Kaspersky Safety Toolbar – {093F479D-712E-46CD-9E06-62E734A05F68} – C:Program Recordsdata (x86)Kaspersky LabKaspersky Web Safety 17.0.0x64IEExtie_plugin.dll [2017-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 – Kaspersky Safety Toolbar – {093F479D-712E-46CD-9E06-62E734A05F68} – C:Program Recordsdata (x86)Kaspersky LabKaspersky Web Safety 17.0.0IEExtie_plugin.dll [2017-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program Recordsdata (x86)Microsoft OfficerootOffice16MSOSB.DLL [2019-09-01] (Microsoft Company -> Microsoft Company)
Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Recordsdata (x86)Microsoft OfficerootOffice16MSOSB.DLL [2019-09-01] (Microsoft Company -> Microsoft Company)
Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Recordsdata (x86)Microsoft OfficerootOffice16MSOSB.DLL [2019-09-01] (Microsoft Company -> Microsoft Company)
Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program Recordsdata (x86)Microsoft OfficerootOffice16MSOSB.DLL [2019-09-01] (Microsoft Company -> Microsoft Company)
 
Edge: 
======
DownloadDir: C:UsersfredrDownloads
 
FireFox:
========
FF HKLM…FirefoxExtensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] – C:Program Recordsdata (x86)Kaspersky LabKaspersky Web Safety 17.0.0FFExtlight_plugin_firefoxaddon.xpi
FF Extension: (Kaspersky Safety) – C:Program Recordsdata (x86)Kaspersky LabKaspersky Web Safety 17.0.0FFExtlight_plugin_firefoxaddon.xpi [2018-04-18]
FF HKLM-x32…FirefoxExtensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] – C:Program Recordsdata (x86)Kaspersky LabKaspersky Web Safety 17.0.0FFExtlight_plugin_firefoxaddon.xpi
FF Plugin-x32: @java.com/DTPlugin,model=11.221.2 -> C:Program Recordsdata (x86)Javajre1.8.0_221bindtpluginnpDeployJava1.dll [2019-07-30] (Oracle America, Inc. -> Oracle Company)
FF Plugin-x32: @java.com/JavaPlugin,model=11.221.2 -> C:Program Recordsdata (x86)Javajre1.8.0_221binplugin2npjp2.dll [2019-07-30] (Oracle America, Inc. -> Oracle Company)
FF Plugin-x32: @microsoft.com/SharePoint,model=14.0 -> C:Program Recordsdata (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2019-04-08] (Microsoft Company -> Microsoft Company)
FF Plugin-x32: @nvidia.com/3DVision -> C:Program Recordsdata (x86)NVIDIA Corporation3D Visionnpnv3dv.dll [2017-06-19] (NVIDIA Company PE Signal v2016 -> NVIDIA Company) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:Program Recordsdata (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll [2017-06-19] (NVIDIA Company PE Signal v2016 -> NVIDIA Company) [File not signed]
FF Plugin-x32: @instruments.google.com/Google Replace;model=3 -> C:Program Recordsdata (x86)GoogleUpdate1.3.34.11npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @instruments.google.com/Google Replace;model=9 -> C:Program Recordsdata (x86)GoogleUpdate1.3.34.11npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
 
Chrome: 
=======
CHR StartupUrls: Default -> “hxxps://www.bing.com/?PC=JV04”
CHR Session Restore: Default -> is enabled.
CHR Profile: C:UsersfredrAppDataLocalGoogleChromeUser DataDefault [2019-09-25]
CHR DownloadDir: C:UsersfredrDesktop
CHR Extension: (Presentasjoner) – C:UsersfredrAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenter) – C:UsersfredrAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Disk) – C:UsersfredrAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2017-01-05]
CHR Extension: (DuckDuckGo) – C:UsersfredrAppDataLocalGoogleChromeUser DataDefaultExtensionsbkdgflcldnnnapblkhphbgpggdiikppg [2019-09-14]
CHR Extension: (YouTube) – C:UsersfredrAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-05]
CHR Extension: (Regneark) – C:UsersfredrAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Kaspersky Safety) – C:UsersfredrAppDataLocalGoogleChromeUser DataDefaultExtensionsfhoibnponjcgjgcnfacekaijdbbplhib [2017-02-14]
CHR Extension: (Google Dokumenter uten nett) – C:UsersfredrAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Chrome Nettmarked-betalinger) – C:UsersfredrAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2018-04-11]
CHR Extension: (Gmail) – C:UsersfredrAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) – C:UsersfredrAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-25]
CHR HKLM…ChromeExtension: [fhoibnponjcgjgcnfacekaijdbbplhib] – hxxps://chrome.google.com/webstore/element/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32…ChromeExtension: [fhoibnponjcgjgcnfacekaijdbbplhib] – hxxps://chrome.google.com/webstore/element/fhoibnponjcgjgcnfacekaijdbbplhib
 
==================== Companies (Whitelisted) ====================
 
(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved until listed individually.)
 
R2 !SASCORE; C:Program FilesSUPERAntiSpywareSASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AVP17.0.0; C:Program Recordsdata (x86)Kaspersky LabKaspersky Web Safety 17.0.0avp.exe [241544 2016-06-28] (Kaspersky Lab -> AO Kaspersky Lab)
S2 CCSDK; C:Program Recordsdata (x86)LenovoCCSDKCCSDK.exe [688992 2017-02-27] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [11568144 2019-08-30] (Microsoft Company -> Microsoft Company)
R2 DAX2API; C:Program FilesDolbyDolby DAX2DAX2_APIDolbyDAX2API.exe [146944 2016-05-16] () [File not signed]
R2 ETDService; C:Program FilesElantechETDService.exe [134872 2017-04-12] (ELAN Microelectronics Company -> ELAN Microelectronics Corp.)
R2 GDCAgent; C:Program Recordsdata (x86)LenovoGDCAgentSetupRedGDCAgent.exe [1210352 2016-03-23] (LENOVO -> Lenovo)
R2 GfExperienceService; C:Program FilesNVIDIA CorporationGeForce Expertise ServiceGfExperienceService.exe [1165368 2016-05-02] (NVIDIA Company -> NVIDIA Company)
R2 ImControllerService; C:Program FilesLenovoImControllerServiceLenovo.Trendy.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
S3 klvssbrigde64; C:Program Recordsdata (x86)Kaspersky LabKaspersky Web Safety 17.0.0x64vssbridge64.exe [77328 2016-06-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 NvNetworkService; C:Program Recordsdata (x86)NVIDIA CorporationNetServiceNvNetworkService.exe [1881144 2016-05-02] (NVIDIA Company -> NVIDIA Company)
R2 SAService; C:Windowssystem32SAsrv.exe [431960 2015-09-15] (Conexant Programs, Inc. -> Conexant Programs, Inc.)
R2 SebWindowsServiceWCF; C:Program Recordsdata (x86)SafeExamBrowserSebWindowsServiceWCFSebWindowsServiceWCF.exe [405832 2018-08-31] (ETH Zürich -> ETH Zurich)
S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [4098056 2019-03-19] (Microsoft Company -> Microsoft Company)
S3 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [113992 2019-03-19] (Microsoft Company -> Microsoft Company)
R2 NVDisplay.ContainerLocalSystem; “C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe” -s NVDisplay.ContainerLocalSystem -f “C:ProgramDataNVIDIANVDisplay.ContainerLocalSystem.log” -l 3 -d “C:Program FilesNVIDIA CorporationDisplay.NvContainerpluginsLocalSystem” -r -p 30000
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved until listed individually.)
 
R0 cm_km; C:WINDOWSSystem32DRIVERScm_km.sys [238936 2016-06-10] (Kaspersky Lab -> AO Kaspersky Lab)
R3 ETDSMBus; C:WINDOWSsystem32DRIVERSETDSMBus.sys [32328 2017-04-12] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R0 kl1; C:WINDOWSSystem32DRIVERSkl1.sys [554416 2016-06-02] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:WINDOWSSystem32DRIVERSklbackupdisk.sys [63920 2016-06-08] (Kaspersky Lab -> AO Kaspersky Lab)
See also  Top 6 Slow Motion Video Time Stretching Software for Windows 10

Leave a Reply

Your email address will not be published.