Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2022 01 Ran by Art (administrator) on ART-PC (Hewlett-Packard HP Compaq 8100 Elite CMT PC) (14-04-2022 14:25:58) Running from C:\Users\Art\Desktop Loaded Profiles: Art Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (explorer.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP3LAK.EXE (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11> (explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe (services.exe ->) (Adaware Software -> ) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.7.1052.0\AdAwareService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (services.exe ->) (INTERNET PROJECT LLC -> Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe (spool\drivers\x64\3\CNAP3LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABISWD.EXE <3> (svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (taskeng.exe ->) (Outbyte Computing Pty Ltd -> Outbyte) C:\Program Files\Outbyte\AVArmor\AVArmor.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [CNAP3 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2021-01-02] (CANON INC. -> CANON INC.) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> ) HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\Run: [Opera Browser Assistant] => C:\Users\Art\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\MountPoints2: G - G:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\MountPoints2: {029c5a94-37c8-11ea-8da9-1cc1de5dad22} - F:\windows\AutoRun.exe HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\MountPoints2: {2c6770ed-3b49-11e6-8f3a-1cc1de5dad22} - F:\VerizonSWUpgradeAssistantLauncher.exe HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\MountPoints2: {38673154-5b18-11e6-9061-1cc1de5dad22} - G:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\MountPoints2: {446e88ce-6494-11ea-8da9-1cc1de5dad22} - F:\windows\AutoRun.exe HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\MountPoints2: {51bb3d55-b9d7-11e5-8fe6-1cc1de5dad22} - F:\TL_Bootstrap.exe HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\MountPoints2: {8b5a1af4-5f73-11e6-9061-1cc1de5dad22} - F:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\MountPoints2: {8bd6b0d4-95fe-11e5-a774-1cc1de5dad22} - F:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\MountPoints2: {a8f699e6-0387-11e8-8b65-1cc1de5dad22} - F:\.\Driver\DriverInstaller.exe -eject HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\MountPoints2: {d407ad0b-e8f9-11e5-8d8b-1cc1de5dad22} - F:\TL_Bootstrap.exe HKU\S-1-5-21-2012456220-316695357-2301545490-1000\...\MountPoints2: {f767d2e2-dea4-11ea-87e4-1cc1de5dad22} - F:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-2012456220-316695357-2301545490-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\MARINE~1.SCR [6938624 2011-06-09] (SereneScreen) [File not signed] HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Hewlett-Packard Corporation) [File not signed] HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Canon MFNP Port: C:\Windows\system32\CNCENPM6.dll [152064 2013-01-31] (CANON INC.) [File not signed] HKLM\...\Print\Monitors\CNAP3 Monitor: C:\Windows\system32\CNAP3SMD.DLL [1470464 2014-11-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\EPSON XP-340 Series 64MonitorBE: C:\Windows\system32\E_YLMBRBE.DLL [182784 2015-12-08] (SEIKO EPSON CORPORATION) [File not signed] HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2008-03-03] (Hewlett Packard) [File not signed] HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [46080 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-11] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe [2013-01-16] (Hewlett-Packard Company -> Hewlett-Packard Company) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01573DE8-0D4C-4861-916B-E8F74D55E117} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.) Task: {04724AF9-B688-4BE0-8387-9D95E1F6E474} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {06C59630-0D72-4EC6-AD9B-8C1E520CE97A} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" Task: {216573DF-710D-41ED-914A-D7B3C33C8973} - System32\Tasks\{A8E9C448-5B1C-4BF5-A3DA-4CA09E5D53AD} => C:\Windows\system32\pcalua.exe -a "E:\8100 elite drivers\sp66134.exe" -d "E:\8100 elite drivers" Task: {2CF73D26-3566-4841-8CF4-08F5AEBE0667} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe [555640 2021-03-25] (HP Inc. -> HP Inc.) Task: {30E6880A-7493-4F4B-ADFF-BE6F0402ACEF} - System32\Tasks\{E9BF2F75-97CD-4EC2-A47D-D1F072210551} => C:\Windows\system32\pcalua.exe -a D:\fscommand\menu.exe -d D:\ Task: {31500587-F98F-4A30-93F0-BABFD763FBBD} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {315A9903-1AEA-495D-A38A-79E3128AA341} - System32\Tasks\Outbyte\AVArmor\Start Outbyte AVArmor automatic scanning => C:\Program Files\Outbyte\AVArmor\AVArmor.exe [6272832 2021-01-29] (Outbyte Computing Pty Ltd -> Outbyte) Task: {3C0608CB-EBEE-448F-AAEC-697A182C9B81} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Art\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (No File) Task: {3CB1E99F-0B03-4162-B317-44B47B93E714} - System32\Tasks\{F91A8E38-2EC4-42D0-9418-AED7BAE56FB7} => C:\Windows\system32\pcalua.exe -a "C:\Users\Art\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KJMQ5JJS\JavaSetup8u91.exe" -d C:\Users\Art\Desktop Task: {4025AAEC-33CA-4922-A2F0-1F1D1E5ACA4C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {41926182-8BC2-4FF2-A519-89468A9CFE09} - System32\Tasks\Auslogics\Boost Speed\Disk Defrag\Console Defragmentation => C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag\cdefrag.exe [91248 2010-04-01] (Auslogics Software -> ) -> -c -bk -Log:"C:\Users\Art\AppData\Roaming\Auslogics\Disk Defrag\Logs\" Task: {5665B457-EDCA-43D4-BEE6-27F33844F483} - System32\Tasks\{AE427F53-7452-4559-B9B2-3F9BFEFE6FA6} => C:\Windows\system32\pcalua.exe -a "E:\8100 elite drivers\sp56990.exe" -d "E:\8100 elite drivers" Task: {6102BFF7-378A-49C8-A629-7832370C2FCA} - System32\Tasks\Outbyte\PC Repair\WiFiCheck => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe /UseTray /Schedule /WiFiCheck (No File) <==== ATTENTION Task: {648D2D9F-02D7-4A3B-AC12-6C843A994DA7} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-09-21] (Garmin International, Inc. -> ) Task: {6886F4CC-75C3-40FE-929F-48DAC792DB52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) Task: {6D43F3A2-07DA-43E8-9C54-27CA2ABE2F8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2021-08-02] (Google Inc -> Google Inc.) Task: {6FFB62D8-968A-47FD-AF05-5E8BD10DC5FF} - System32\Tasks\IHUninstallTrackingTASK => CMD /C DEL C:\Users\Art\AppData\Local\Temp\IHU328B.tmp.exe <==== ATTENTION Task: {712CC812-5E71-469F-8543-21B5BFB01666} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.) Task: {76530735-C7FD-442C-9E8D-C0FE3E33598D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2012456220-316695357-2301545490-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {79C8B109-DE68-4ED8-8469-AF0F983DD250} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {7C5FD3AE-1DAF-431D-98BC-79EE52090C02} - System32\Tasks\{99472F5E-C01B-4B91-9137-2EFA7592DDFE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\OpenOffice 4\program\scalc.exe" -d C:\Users\Art\Desktop -c -o "C:\Users\Art\Desktop\May2017Bills.ods" Task: {7CB00CB9-7BE6-4C02-BBB9-7B8140755770} - System32\Tasks\IHSelfDeleteTASK => CMD /C DEL C:\Users\Art\AppData\Local\Temp\IHU33F2.tmp.exe <==== ATTENTION Task: {9C239C66-6A76-4109-9819-7C95189A49AC} - System32\Tasks\Outbyte\PC Repair\Survey => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe /UseTray /Schedule /Survey (No File) <==== ATTENTION Task: {A0042067-66FD-4CC9-9613-BD5299EF6826} - System32\Tasks\Outbyte\Driver Updater\Send update results => C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe /Schedule /SendUpdateResults (No File) Task: {A5268831-1CAE-4860-976C-3C44AD94750A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {A873D485-154F-43FC-A8ED-077BB41584A6} - System32\Tasks\Outbyte\PC Repair\NewDeceptors => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe /UseTray /Schedule /NewDeceptors (No File) <==== ATTENTION Task: {AA1FC477-E2D9-4AEE-A46B-938B6C698E3D} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1775752 2013-08-30] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml" Task: {B2B0432E-9C38-4E83-89D5-6C61C2AB0DCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.) Task: {B818CC6A-0845-465A-88CB-4E8D5545EED0} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Art\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (No File) Task: {C20ED6FB-0C0D-43C0-A5B9-E95EBF49BE33} - System32\Tasks\{4337E0EE-E164-4A0D-B89A-14C8DFBAA1CD} => C:\Windows\system32\pcalua.exe -a "E:\8100 elite drivers\sp46783.exe" -d "E:\8100 elite drivers" Task: {C28AC525-00FB-446D-A82B-DA0399F10967} - System32\Tasks\Opera scheduled Autoupdate 1627571888 => C:\Users\Art\AppData\Local\Programs\Opera\launcher.exe [2469120 2022-04-06] (Opera Software AS -> Opera Software) Task: {C3155139-DB86-4D73-A8B4-A0A1E2047FF0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.) Task: {C37EC27D-BF39-48DB-866F-0A0EE1440126} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) Task: {C3A4CFF4-1C25-4194-94D8-024C50ABA1E3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (No File) Task: {C9253408-A8C1-40E7-9F24-C0E5E4AD80CD} - System32\Tasks\{5F774E8A-C5D2-4F0E-97DB-7879424E95F1} => msiexec.exe /package "C:\Users\Art\Desktop\WinterPlayerPack.msi" Task: {DA22D176-5183-4FA3-9DED-9BB51C2FA710} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-06-16] (HP Inc. -> HP Inc.) Task: {F90A734F-1830-4416-B58A-CFA36873D1D2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe -check pepperplugin (No File) Task: {FE887839-7E11-45F3-B917-99F7A03A9354} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-27] (Apple Inc. -> Apple Inc.) Task: {FF988BA5-04AB-4661-B841-C5D586EDB41F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2021-08-02] (Google Inc -> Google Inc.) Task: {FFE661D7-25C3-418D-83E4-F91C338CB17A} - System32\Tasks\update-S-1-5-21-2012456220-316695357-2301545490-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\update-S-1-5-21-2012456220-316695357-2301545490-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-23] (Lavasoft Limited -> Lavasoft Limited) [File not signed] Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-23] (Lavasoft Limited -> Lavasoft Limited) [File not signed] Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-23] (Lavasoft Limited -> Lavasoft Limited) [File not signed] Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-23] (Lavasoft Limited -> Lavasoft Limited) [File not signed] Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-23] (Lavasoft Limited -> Lavasoft Limited) [File not signed] Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-23] (Lavasoft Limited -> Lavasoft Limited) [File not signed] Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-23] (Lavasoft Limited -> Lavasoft Limited) [File not signed] Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-23] (Lavasoft Limited -> Lavasoft Limited) [File not signed] Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-23] (Lavasoft Limited -> Lavasoft Limited) [File not signed] Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-23] (Lavasoft Limited -> Lavasoft Limited) [File not signed] Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{46456222-9B9B-4384-B862-62B2FAC12445}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{62EBE42C-851F-43FB-B7E2-E9334B0F8D6F}: [DhcpNameServer] 192.168.42.129 FireFox: ======== FF DefaultProfile: whx4aer7.default-1627042292606 FF ProfilePath: C:\Users\Art\AppData\Roaming\TomTom\HOME\Profiles\xd4wb18b.default [2021-06-24] FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found] FF ProfilePath: C:\Users\Art\AppData\Roaming\Mozilla\Firefox\Profiles\whx4aer7.default-1627042292606 [2022-03-19] FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Motive.com/NpMotive,version=1.1 -> C:\Program Files (x86)\ATT\8.5.1.16\ma\bin\npMotive.dll [No File] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [No File] Chrome: ======= CHR Profile: C:\Users\Art\AppData\Local\Google\Chrome\User Data\Default [2022-04-14] CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Extension: (Google Drive) - C:\Users\Art\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-19] CHR Extension: (Chrome Web Store Payments) - C:\Users\Art\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-14] CHR Extension: (Gmail) - C:\Users\Art\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-19] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= OPR Profile: C:\Users\Art\AppData\Roaming\Opera Software\Opera Stable [2022-04-14] OPR StartupUrls: Opera Stable -> "hxxp://google.com/" OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Art\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-02-18] OPR Extension: (Opera Crypto Wallet) - C:\Users\Art\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-04-13] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Art\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-13] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.7.1052.0\AdAwareService.exe [587832 2019-11-08] (Adaware Software -> ) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc. -> Apple Inc.) S3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73200 2018-10-10] (INTERNET PROJECT LLC -> Freemake) R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [15856 2018-10-10] (INTERNET PROJECT LLC -> Ellora Assets Corp.) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.) R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed] S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7391408 2021-06-23] (Malwarebytes Inc -> Malwarebytes) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation -> Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [1337216 2022-03-19] (Windscribe Limited -> Windscribe Limited) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X] S2 HPSLPSVC; C:\Users\Art\AppData\Local\Temp\7zS64DC\hpslpsvc64.dll [X] <==== ATTENTION S2 RestoroActiveProtection; "C:\Program Files\Restoro\bin\RestoroProtection.exe" [X] <==== ATTENTION ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [34416 2017-06-20] (Anvsoft Inc. -> AnvSoft Inc.) S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc) S3 cmnxusbser; C:\Windows\System32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (西安博汇电子科技有限公司 -> Wireless Data Device) S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [78848 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc) R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation) S3 FXVAD; C:\Windows\System32\drivers\fxvad.sys [326120 2021-07-14] (FxSound, LLC -> Windows (R) Win 7 DDK provider) R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [187688 2018-05-02] (Bitdefender SRL -> BitDefender LLC) S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (ZTE CORPORATION -> HandSet Incorporated) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220752 2021-08-20] (Malwarebytes Inc -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-08-20] (Malwarebytes Inc -> Malwarebytes) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation -> Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation -> Microsoft Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.) R3 ObDrvAntiSpyAVSrv; C:\Program Files\Outbyte\AVArmor\DrvAntiSpywareX64.sys [54960 2021-01-12] (Outbyte Computing Pty Ltd -> Outbyte) R3 ObDrvMonAVSrv; C:\Program Files\Outbyte\AVArmor\DrvMonX64.sys [186544 2021-01-12] (Outbyte Computing Pty Ltd -> Outbyte) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> ) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [48544 2022-03-19] (Windscribe Limited -> The OpenVPN Project) R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [442848 2018-05-02] (Bitdefender SRL -> BitDefender S.R.L.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2014-11-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2014-11-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2014-11-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 vzandnetbus; C:\Windows\System32\DRIVERS\lgvzandnetbus64.sys [29184 2015-04-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 vzandnetdiag; C:\Windows\System32\DRIVERS\lgvzandnetdiag64.sys [31232 2015-04-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 vzandnetmodem; C:\Windows\System32\DRIVERS\lgvzandnetmdm64.sys [37888 2015-04-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 vzandnetndis; C:\Windows\System32\DRIVERS\lgvzandnetndis64.sys [94720 2015-04-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 WindscribeSplitTunnel; C:\Windows\System32\DRIVERS\WindscribeSplitTunnel.sys [25384 2022-03-19] (Windscribe Limited -> ) R3 windtun420; C:\Windows\System32\DRIVERS\windtun420.sys [38312 2022-03-19] (Windscribe Limited -> WireGuard LLC) S3 CsrBtPort; system32\DRIVERS\CsrBtPort.sys [X] S3 csrpan; system32\DRIVERS\csrpan.sys [X] S3 csrserial; system32\DRIVERS\csrserial.sys [X] S3 csrusb; System32\Drivers\csrusb.sys [X] S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X] S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X] S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X] S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X] S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X] S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X] S3 VBAudioVMVAIOMME; system32\DRIVERS\vbaudio_vmvaio64_win7.sys [X] R3 WinRing0_1_2_0; \??\C:\Users\Art\AppData\Local\Temp\tmp23C5.tmp [X] <==== ATTENTION ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2022-04-14 14:25 - 2022-04-14 14:26 - 000029726 _____ C:\Users\Art\Desktop\FRST.txt 2022-04-10 19:43 - 2022-04-10 19:43 - 003702073 _____ C:\Users\Art\Downloads\508883094_84_A_20220311.pdf 2022-04-09 13:03 - 2022-04-14 14:25 - 000000000 ____D C:\Users\Art\Desktop\FRST-OlderVersion 2022-04-09 13:02 - 2022-04-14 14:11 - 002365952 _____ (Farbar) C:\Users\Art\Desktop\FRST64.exe 2022-04-02 13:41 - 2022-04-12 01:50 - 000000000 ____D C:\Windows\SysWOW64\idx 2022-04-02 13:41 - 2022-04-02 13:41 - 000000918 _____ C:\Users\Art\Desktop\AVArmor.lnk 2022-04-02 13:41 - 2022-04-02 13:41 - 000000000 ____D C:\Program Files\Outbyte 2022-04-02 13:38 - 2022-04-02 13:39 - 016622768 _____ (Outbyte) C:\Users\Art\Downloads\outbyte-avarmor.exe 2022-03-28 00:12 - 2022-03-28 00:13 - 000000000 ____D C:\ProgramData\BSD 2022-03-27 22:27 - 2022-04-14 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outbyte 2022-03-27 22:27 - 2022-04-14 13:55 - 000000000 ____D C:\Program Files (x86)\Outbyte 2022-03-27 22:27 - 2022-04-09 12:06 - 000000000 ____D C:\Windows\system32\Tasks\Outbyte 2022-03-27 22:26 - 2022-04-14 13:55 - 000000000 ____D C:\ProgramData\Outbyte 2022-03-27 22:26 - 2022-03-27 22:26 - 022988248 _____ (Outbyte) C:\Users\Art\Downloads\outbyte-pc-repair.exe 2022-03-22 22:32 - 2022-03-22 22:32 - 000000000 ____D C:\Users\Art\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps 2022-03-19 02:55 - 2022-03-19 02:55 - 000001071 _____ C:\Users\Public\Desktop\Windscribe.lnk 2022-03-19 02:55 - 2022-03-19 02:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe 2022-03-19 02:52 - 2022-03-19 02:52 - 019552128 _____ (Windscribe Limited) C:\Users\Art\Downloads\Windscribe (2).exe 2022-03-19 02:52 - 2022-03-19 02:52 - 000048544 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapwindscribe0901.sys 2022-03-19 02:52 - 2022-03-19 02:52 - 000038312 _____ (WireGuard LLC) C:\Windows\system32\Drivers\windtun420.sys 2022-03-19 02:52 - 2022-03-19 02:52 - 000025384 _____ C:\Windows\system32\Drivers\WindscribeSplitTunnel.sys 2022-03-19 02:36 - 2022-03-19 02:36 - 000329520 _____ C:\active_protection.txt 2022-03-19 02:36 - 2022-03-19 02:36 - 000037888 _____ C:\urls.set 2022-03-19 02:16 - 2022-03-19 02:16 - 007513880 _____ (VS Revo Group ) C:\Users\Art\Downloads\revosetup (1).exe ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2022-04-14 14:26 - 2017-03-18 06:43 - 000000000 ____D C:\FRST 2022-04-14 14:25 - 2022-02-11 01:01 - 000003910 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{BF21A923-A93E-412B-9FC4-6EA3E52D3F63} 2022-04-14 14:09 - 2015-05-18 22:15 - 000000000 ____D C:\Program Files (x86)\Google 2022-04-14 13:55 - 2021-07-27 21:26 - 000000000 ____D C:\Users\Art\AppData\Local\CrashDumps 2022-04-14 13:53 - 2015-10-03 12:28 - 000000000 ____D C:\Program Files (x86)\Java 2022-04-14 13:42 - 2015-09-04 07:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2022-04-14 13:00 - 2015-11-29 00:20 - 000000384 _____ C:\Windows\Tasks\update-sys.job 2022-04-14 11:03 - 2015-11-29 00:20 - 000000384 _____ C:\Windows\Tasks\update-S-1-5-21-2012456220-316695357-2301545490-1000.job 2022-04-14 04:47 - 2009-07-13 23:45 - 000036096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-04-14 04:47 - 2009-07-13 23:45 - 000036096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-04-13 20:17 - 2022-01-30 04:02 - 000000000 ____D C:\Users\Art\Desktop\open office 2022-04-13 20:03 - 2015-12-03 18:39 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-04-13 00:12 - 2009-07-13 21:34 - 000000466 _____ C:\Windows\win.ini 2022-04-12 20:31 - 2015-12-10 06:23 - 000000000 ____D C:\Users\Art\AppData\Local\ElevatedDiagnostics 2022-04-12 03:36 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF 2022-04-12 01:51 - 2009-07-14 00:13 - 000798694 _____ C:\Windows\system32\PerfStringBackup.INI 2022-04-12 01:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf 2022-04-12 01:46 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-04-11 15:11 - 2021-08-02 10:35 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-04-11 15:11 - 2021-08-02 10:35 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-04-11 09:19 - 2021-07-29 10:18 - 000004026 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1627571888 2022-04-09 11:58 - 2018-08-13 07:29 - 000000000 ____D C:\Users\Art\AppData\LocalLow\Mozilla 2022-04-09 11:44 - 2020-02-03 10:23 - 000000000 ____D C:\ProgramData\Mozilla 2022-04-05 13:55 - 2015-06-07 14:12 - 000000000 ____D C:\Users\Art\Desktop\New folder 2022-04-05 13:37 - 2020-04-09 12:09 - 000000000 ____D C:\Users\Art\AppData\Local\BitTorrentHelper 2022-04-05 09:33 - 2018-05-27 11:54 - 000000000 ____D C:\Users\Art\Downloads\torrents 2022-04-02 13:41 - 2016-01-25 15:05 - 000000000 ____D C:\ProgramData\Package Cache 2022-03-28 00:20 - 2020-11-23 18:02 - 000000000 ____D C:\Program Files\DIFX 2022-03-27 22:43 - 2021-06-24 02:39 - 000000000 ____D C:\Users\Art\AppData\LocalLow\IGDump 2022-03-26 01:33 - 2019-11-12 18:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\adaware 2022-03-22 23:09 - 2018-05-23 08:58 - 000000000 ____D C:\Program Files (x86)\Windscribe 2022-03-22 23:07 - 2019-11-06 19:35 - 000007668 _____ C:\Users\Art\AppData\Local\Resmon.ResmonCfg 2022-03-20 22:36 - 2015-10-10 16:33 - 000000000 ____D C:\Users\Art\AppData\Roaming\vlc 2022-03-19 02:52 - 2018-05-23 08:58 - 000000000 ____D C:\Users\Art\AppData\Local\Windscribe 2022-03-19 02:48 - 2015-10-03 12:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-03-19 02:39 - 2019-05-26 21:27 - 000001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2022-03-19 02:39 - 2019-05-26 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2022-03-19 02:24 - 2022-02-09 01:00 - 000000178 _____ C:\Windows\restoro.ini 2022-03-19 02:22 - 2015-10-17 06:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2022-03-19 02:22 - 2015-10-17 06:58 - 000000000 ____D C:\ProgramData\Auslogics 2022-03-19 02:17 - 2017-07-28 01:39 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2022-03-19 02:17 - 2017-07-28 01:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2022-03-18 16:04 - 2022-03-13 16:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird ==================== Files in the root of some directories ======== 2016-02-17 21:13 - 2016-03-08 03:27 - 000399360 _____ () C:\Program Files\CascLib.dll 2016-02-17 21:13 - 2016-03-08 03:27 - 000326144 _____ () C:\Program Files\DXPRecastPathFinding2.dll 2016-02-19 22:52 - 2016-02-19 22:52 - 000003766 _____ () C:\Program Files\error.txt 2016-02-17 21:13 - 2016-02-01 15:51 - 000301056 _____ (The Apache Software Foundation) C:\Program Files\log4net.dll 2016-02-17 21:13 - 2016-02-01 15:51 - 000510976 _____ (Newtonsoft) C:\Program Files\Newtonsoft.Json.dll 2016-02-17 21:13 - 2016-02-01 15:51 - 000230912 _____ (Alexandre Mutel) C:\Program Files\SharpDX.Direct2D1.dll 2016-02-17 21:13 - 2016-02-01 15:51 - 000558080 _____ (Alexandre Mutel) C:\Program Files\SharpDX.dll 2016-02-17 21:13 - 2016-02-01 15:51 - 000090624 _____ (Alexandre Mutel) C:\Program Files\SharpDX.DXGI.dll 2016-06-20 11:11 - 2013-08-31 14:01 - 000121696 _____ () C:\Program Files\Weather_Meter_V1.7.gadget 2016-01-17 14:28 - 2017-03-28 21:09 - 000000933 _____ () C:\Users\Art\AppData\Roaming\burnaware.ini 2017-07-29 23:33 - 2017-07-30 03:10 - 000000098 _____ () C:\Users\Art\AppData\Roaming\LauncherSettings_live.cfg 2017-07-30 01:01 - 2017-07-30 01:01 - 000000042 _____ () C:\Users\Art\AppData\Roaming\TheHunterSettings_live.cfg 2016-09-27 00:21 - 2016-09-27 00:21 - 000000046 _____ () C:\Users\Art\AppData\Roaming\WB.CFG 2017-10-27 13:33 - 2020-06-03 13:29 - 000000367 _____ () C:\Users\Art\AppData\Roaming\Weather Meter_Settings.ini 2016-01-24 09:57 - 2016-02-04 21:50 - 000000031 _____ () C:\Users\Art\AppData\Local\burnaware.ini 2019-02-28 23:12 - 2019-02-28 23:12 - 000000084 _____ () C:\Users\Art\AppData\Local\DVDPATH.TXT 2019-11-06 19:35 - 2022-03-22 23:07 - 000007668 _____ () C:\Users\Art\AppData\Local\Resmon.ResmonCfg 2021-06-24 07:08 - 2021-06-24 07:08 - 000000003 _____ () C:\Users\Art\AppData\Local\updater.log 2015-11-29 00:20 - 2022-03-05 20:09 - 000000424 _____ () C:\Users\Art\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2022-04-07 04:25 ==================== End of FRST.txt ========================