Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

CtrlAltDel screen regularly disappears without authorisation/accidenta


  • This topic is locked This topic is locked

#31
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 369 posts

MSE doesnt start in real time when logging on pc, it is off until MBAM starts. So its asecurity risk for othter programs that startup before it which connect to internet.

Also, I want to uninstall MSE in January to insall3rd party security suites, but kkeep MBAM


  • 0

Advertisements


#32
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 963 posts
Hi phickspc,

When you attempt to uninstall MSE from the Programs and Features list, do you receive an error message?
  • 0

#33
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 369 posts

It worked!

I still have eventviewer issues

and additionally for almost a week, I've begun experiencing intermittent internet dropouts on a 1gbps wired connection, but wifi on all other devices are fine.

The internet provider checked and confirmed that the phone line and connection is okay, and when the download speed/website loading drops to a standstill for several minutes and then temporarily returns, I can still successfully load my ip admin and network heal page, which indicates that the ethernet wire and device hardware are both fine. No heavy or unsusual usage on network either. The network provider has been fine for 6 years and no wires or connections were changed.


  • 0

#34
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 963 posts
Were you able to install another AV program to replace Microsoft Security Essentials?
  • 0

#35
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 369 posts

I haven't got a new AV yet, I want to use MSE until windows 7 EOL.


  • 0

#36
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 963 posts
Hi phickspc,

Just to confirm, MSE is currently installed and working properly?

==========================

Let me know if there are any outstanding issues with this computer.
  • 0

#37
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 369 posts

Yes, MSE works but I have outstanding issues in Network (dropouts) & Event Viewer


  • 0

#38
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 369 posts

Also Windows Updates is set to "Never Check for Updates" and I cant find a way to reset it. Until then, Checking for updates manually results in error "WindowsUpdate_8024402C" "WindowsUpdate_dt000"


  • 0

#39
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 963 posts
Hi phickspc,

Please run a new scan with FRST and copy/paste both reports to your reply.
  • 0

#40
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 369 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2019
Ran by User1 (administrator) on NIV (07-10-2019 17:44:48)
Running from C:\Users\User1\Desktop
Loaded Profiles: User1 (Available Profiles: User3 & User2 & User1 & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Portable Program Files\INET\FFx69\FirefoxPortable.exe" -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() [File not signed] C:\Program Files (x86)\INET\JDASTSpeedTest\JDAutoSpeedTester.exe
() [File not signed] C:\Program Files (x86)\INET\JDASTSpeedTest\JDNetMon.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Avid Technology, Inc. -> Avid Technology, Inc.) C:\Windows\SysWOW64\MAFWTray.exe
(BlackBerry Ltd. -> Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\MSG\LWS\Webcam Software\LWS.exe
(London Trust Media Incorporated -> ) C:\Program Files\Private Internet Access\pia-service.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae.exe
(Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae-svc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\MSG\ThunderbirdPortable\App\Thunderbird\thunderbird.exe
(Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nlssrv32.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(pdfforge GmbH -> © pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(PeerBlock, LLC -> PeerBlock, LLC) C:\Portable Program Files\INET\PeerBlockPortable\App\PeerBlock\Modern64\peerblock.exe
(Rare Ideas LLC -> PortableApps.com) C:\Portable Program Files\MSG\ThunderbirdPortable\ThunderbirdPortable.exe
(Rare Ideas, LLC -> PortableApps.com) C:\Portable Program Files\INET\FFx69\FirefoxPortable.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\MAINTENANCE\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\MAINTENANCE\Unchecky\bin\unchecky_svc.exe
(Sebastien.warin.fr) [File not signed] C:\Program Files (x86)\AUDIO\Stream What You Hear\SWYH.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Skwire Empire) [File not signed] C:\Portable Program Files\UTILITIES\kLED\kLED.exe
(voidtools -> ) C:\Portable Program Files\UTILITIES\#SEARCH\Everything\Everything.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2314120 2009-06-01] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754728 2019-08-26] (Acronis International GmbH -> )
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Ltd. -> BlackBerry Limited)
HKLM-x32\...\Run: [M-Audio Taskbar Icon] => C:\Windows\SysWOW64\MAFWTray.exe [254256 2012-01-24] (Avid Technology, Inc. -> Avid Technology, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\WORK\NaturallySpeaking14\Ereg\Ereg.exe [325960 2014-05-30] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\MSG\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4861688 2015-03-19] (BlackBerry Ltd. -> BlackBerry Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae.exe [2480328 2019-09-25] (Malwarebytes Inc -> Malwarebytes Corporation)
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\Run: [EPSON Stylus D92 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBZE.EXE [213504 2007-10-05] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\Run: [PeerBlock] => C:\Portable Program Files\INET\PeerBlockPortable\App\PeerBlock\Modern64\peerblock.exe [2513992 2014-01-15] (PeerBlock, LLC -> PeerBlock, LLC)
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\Run: [StreamWhatYouHear] => C:\Program Files (x86)\AUDIO\Stream What You Hear\SWYH.exe [364032 2016-03-09] (Sebastien.warin.fr) [File not signed]
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\Run: [RIMDeviceManager] => C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2471672 2015-05-20] (BlackBerry Ltd. -> Research In Motion Limited)
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3681944 2019-09-05] (Invincea, Inc. -> Sandboxie Holdings, LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\Users\User3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kLED.exe.lnk [2016-02-28]
ShortcutTarget: kLED.exe.lnk -> C:\Portable Program Files\UTILITIES\kLED\kLED.exe (Skwire Empire) [File not signed]
Startup: C:\Users\User3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-12-22]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\WORK\Microsoft Office 2007\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kLED.lnk [2017-07-11]
ShortcutTarget: kLED.lnk -> C:\Portable Program Files\UTILITIES\kLED\kLED.exe (Skwire Empire) [File not signed]
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-02-10]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\WORK\Microsoft Office 2007\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-10-07]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ThunderbirdPortable.exe.lnk [2019-06-13]
ShortcutTarget: ThunderbirdPortable.exe.lnk -> C:\Portable Program Files\MSG\ThunderbirdPortable\ThunderbirdPortable.exe (Rare Ideas LLC -> PortableApps.com)
Startup: C:\Users\User2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-02-10]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\WORK\Microsoft Office 2007\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06AB1E5E-62D1-4BF4-A7CE-FE74445EE826} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {088B8578-F1E9-4E72-B263-4A2DA36BF64B} - System32\Tasks\{DB1241E9-6ECB-44CC-B724-7A04CD0810F6} => C:\Users\User2\AppData\Roaming\Microsoft\Installer\{9DAB307E-531F-4992-AB30-6F1AD39E6CF9}\_8C4C6DE2B4274D54DAD619.exe [10134 2016-02-07] () [File not signed]
Task: {0F111F3F-03AD-42E2-801A-466ECE4E1CB3} - System32\Tasks\{887C1110-C5ED-4E7C-A980-3C0B6D2DC06D} => C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe [111616 2010-12-13] (Microsoft Corporation) [File not signed]
Task: {2629DB97-6D20-4526-8B05-047350D4000F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B912585-4655-4633-93A6-032023931D84} - System32\Tasks\{36674DC5-28BC-4011-A06F-C94F7D70D3B7} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.18.85.112/en/abandoninstall?page=tsMain
Task: {2ED0EEF8-CBA1-4C74-B6AC-1D5658ED7C87} - System32\Tasks\{329C6536-59D9-4AB4-8D29-B034D57C5146} => C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe [111616 2010-12-13] (Microsoft Corporation) [File not signed]
Task: {46FD89D8-EFB5-4792-82BE-3F2508097C32} - System32\Tasks\{D99CFF2F-7BA6-47F7-BF46-ED68A4B0F8C6} => C:\Users\User2\AppData\Roaming\Microsoft\Installer\{9DAB307E-531F-4992-AB30-6F1AD39E6CF9}\_8C4C6DE2B4274D54DAD619.exe [10134 2016-02-07] () [File not signed]
Task: {49D5742A-B2D4-46F2-A1F8-9338B8F4AC63} - System32\Tasks\GoogleUpdateTaskMachineCore1cf826e5eb38d0d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-18] (Google Inc -> Google Inc.)
Task: {4DFB2ABE-F925-443A-80DA-7ACADA5FF4BA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F5F4CC2-1260-4254-A723-0F0AD2C018B8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {6475CF82-55CE-4557-9EA2-1667B462A02D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {68B5A1E7-A704-4EBF-9C68-B9B6C2B66A80} - System32\Tasks\G2MUploadTask-S-1-5-21-1925592742-456944920-4000667399-1008 => C:\Users\User1\AppData\Local\GoToMeeting\10996\g2mupload.exe [29736 2018-11-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {76312250-FAED-43D6-BB2B-93DA17A949BF} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2314120 2009-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {90F8A76C-A903-46E1-8F0E-3CD711B1ABFD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {9537870B-FB18-4BCC-A520-14365287A819} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-18] (Google Inc -> Google Inc.)
Task: {986FAA46-05C1-4BD4-96A2-94C22443135E} - System32\Tasks\{3362883A-034F-4055-96D0-908470C90366} => I:\VSTi Software\PIANO\pianitostudio.exe
Task: {9D8DD398-0EE4-4D2E-9B06-433F6D9E20DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe Inc. -> Adobe)
Task: {AD81F427-4F43-4202-8CD5-23F6F643F89E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {BBD2BE3E-1523-4863-B874-B71AEDCAA360} - System32\Tasks\{E8903C49-EF76-4257-A723-778ADD211C92} => C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe [111616 2010-12-13] (Microsoft Corporation) [File not signed]
Task: {D110944E-205A-4494-A573-B16F4B6B48D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-18] (Google Inc -> Google Inc.)
Task: {D3D1555C-4E38-459A-8473-471E23E21B0F} - System32\Tasks\G2MUpdateTask-S-1-5-21-1925592742-456944920-4000667399-1008 => C:\Users\User1\AppData\Local\GoToMeeting\10996\g2mupdate.exe [29736 2018-11-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {D7EC0C0C-1653-4558-8C4E-5249BA6A106A} - System32\Tasks\{20B784C2-3347-4E79-85C3-40CD3160C547} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.22.85.109/en/abandoninstall?page=tsMain
Task: {D8AE400C-FA2A-4336-A372-0E9E4C4700D6} - System32\Tasks\EPSON Perfection V39 Update => C:\Program Files (x86)\epson\escndv\update\e_dtsksd.exe [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {E745FB55-B09E-4D47-A320-5AF119314AB4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB5AE8B1-FFFF-4C83-B726-12AB536DB690} - System32\Tasks\{EFCB2B36-234C-446B-BD98-6595EF63956F} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.37.0.103/en/abandoninstall?page=tsMain
Task: {F0C7A64F-5252-4DF0-8594-C023D11063CE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-11] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON Perfection V39 Update.job => C:\Program Files (x86)\epson\escndv\update\e_dtsksd.exe7/EXE_S:EPSON Perfection V39,ES010D.DAT /F:UpdateUser1ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1925592742-456944920-4000667399-1008.job => C:\Users\User1\AppData\Local\GoToMeeting\10996\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1925592742-456944920-4000667399-1008.job => C:\Users\User1\AppData\Local\GoToMeeting\10996\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{238FBF41-957F-4B5C-B838-3AD6A3074AC5}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{D1F8491C-C9E1-4AB2-BB65-C5B0C96D4BD5}: [DhcpNameServer] 192.168.0.1
HKLM\System\...\Parameters\PersistentRoutes: [104.96.147.3,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [111.221.29.177,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [111.221.29.253,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [131.253.40.37,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.115.60,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.165.248,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.165.253,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.185.70,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.30.202,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [137.116.81.24,255.255.255.255,0.0.0.0,1]
PersistentRoutes: There are 65 PersistentRoutes.


Internet Explorer:
==================
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\WORK\NaturallySpeaking14\Program\x64\dgnriaie_x64.dll [2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\WORK\NaturallySpeaking14\Program\dgnriaie.dll [2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-12-01] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-02-10] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\WORK\NaturallySpeaking14\Program\x64\npDgnRia2_x64.dll [2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @jazz-soft.com/JazzPlugin -> C:\Program Files (x86)\AUDIO\Jazz-Soft.net\Jazz-Plugin\npJazz.dll [2017-04-03] (Jazz-Soft) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-05-22] (Research In Motion -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\WORK\NaturallySpeaking14\Program\npDgnRia2.dll [2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin HKU\S-1-5-21-1925592742-456944920-4000667399-1008: @citrixonline.com/appdetectorplugin -> C:\Users\User1\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-06-07] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-1925592742-456944920-4000667399-1008: @jazz-soft.com/JazzPlugin -> C:\Program Files (x86)\AUDIO\Jazz-Soft.net\Jazz-Plugin\npJazz.dll [2017-04-03] (Jazz-Soft) [File not signed]
StartMenuInternet: Firefox-1B7A9EB2B1C87FD9 - C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AcronisOSSReinstallSvc; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2217416 2007-02-22] (Acronis, Inc -> )
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [236544 2012-04-06] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Ltd. -> BlackBerry Limited)
S3 cfbackd; C:\Program Files (x86)\DISK\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2015-09-25] (508 Software, LLC -> CleverFiles)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11634696 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [165440 2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 MbaeSvc; C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae-svc.exe [152264 2019-09-25] (Malwarebytes Inc -> Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S4 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [63488 2010-01-25] (Nalpeiron Ltd.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.)
R2 PrivateInternetAccessService; C:\Program Files\Private Internet Access\pia-service.exe [1073664 2019-08-26] (London Trust Media Incorporated -> )
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (BlackBerry Ltd. -> Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Ltd. -> BlackBerry Limited)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2019-10-06] (Realtek Semiconductor Corp -> )
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [328856 2019-07-12] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R2 Unchecky; C:\Program Files (x86)\MAINTENANCE\Unchecky\bin\unchecky_svc.exe [297240 2018-04-16] (Reason Software Company Inc. -> Reason Software Company Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11174400 2012-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [343040 2012-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [118184 2018-05-14] (Alcorlink Corp. -> )
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104984 2016-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11174400 2012-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 axefx2load; C:\Windows\System32\Drivers\axefx2load.sys [55600 2013-07-12] (Fractal Audio Systems -> Cypress Semiconductor)
S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [25088 2014-09-08] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry)
R3 bomebus; C:\Windows\System32\DRIVERS\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
R3 bomemidi; C:\Windows\System32\drivers\bomemidi.sys [50744 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
R1 ESProtectionDriver; C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae64.sys [153312 2019-09-25] (Malwarebytes Corporation -> Malwarebytes)
S3 fasusbaudio; C:\Windows\System32\DRIVERS\fasusbaudio_x64.sys [254464 2014-05-16] (Fractal Audio Systems -> )
S3 fasusbaudioks; C:\Windows\System32\DRIVERS\fasusbaudioks_x64.sys [46080 2014-05-16] (Fractal Audio Systems -> )
R0 FlashBoot; C:\Windows\System32\DRIVERS\FlashBoot.sys [17616 2014-04-03] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2012-12-30] (Arainia Solutions, LLC -> Arainia Solutions LLC)
S3 hitmanpro36; C:\Windows\system32\drivers\hitmanpro36.sys [30496 2012-08-08] (SurfRight B.V. -> )
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation) [File not signed]
S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows ® Win 7 DDK provider)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated) [File not signed]
R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17136 2009-07-29] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 MAFW; C:\Windows\System32\DRIVERS\mafw.sys [235312 2012-01-24] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [140672 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2019-10-07] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation -> Malwarebytes Corporation)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
R3 mcdbus; C:\Windows\SysWOW64\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2019-09-27] (北京铠信神州科技有限责任公司 -> )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] (ASUSTeK Computer Inc. -> )
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 pbfilter; C:\Portable Program Files\INET\PeerBlockPortable\App\PeerBlock\Modern64\pbfilter.sys [22600 2014-01-15] (PeerBlock, LLC -> )
S3 RDID1053; C:\Windows\System32\Drivers\rdwm1053.sys [81792 2009-09-18] (Roland Corporation -> Roland Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [80384 2015-01-14] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry Limited)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7016816 2019-01-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [79144 2019-05-23] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [227296 2019-07-12] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 tap-pia-0901; C:\Windows\System32\DRIVERS\tap-pia-0901.sys [30208 2019-05-30] (Private Internet Access (London Trust Media Incorporated) -> The OpenVPN Project)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-02-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA64.sys [654720 2010-08-20] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM64.sys [943872 2010-08-20] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 athur; system32\DRIVERS\athurx.sys [X]
S3 MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [X]
S3 NANMp50; System32\Drivers\NANMp50.sys [X]
S3 NANSp50; System32\Drivers\NANSp50.sys [X]
S3 NPF; system32\DRIVERS\npf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-07 17:44 - 2019-10-07 17:45 - 000040005 _____ C:\Users\User1\Desktop\FRST.txt
2019-10-07 17:15 - 2019-10-07 17:17 - 000000448 __RSH C:\Users\User1\ntuser.pol
2019-10-07 16:52 - 2019-01-23 03:16 - 000000711 ____H C:\Users\User1\Downloads\RdNow.lnk
2019-10-07 16:51 - 2019-01-21 14:40 - 000000647 ____H C:\Users\User1\Downloads\FilmTV.lnk
2019-10-07 15:54 - 2019-10-07 15:54 - 000000000 ____D C:\Users\User1\AppData\Roaming\jdnetmon
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\User1\Documents\Speed_Tester
2019-10-07 15:43 - 2019-10-07 15:54 - 000000000 ____D C:\Users\User1\AppData\Roaming\jdast
2019-10-07 04:43 - 2019-10-07 04:43 - 000000241 _____ C:\Users\User1\Desktop\AlwaysOpenPrivately.URL
2019-10-07 03:59 - 2019-10-07 17:46 - 000000000 ____D C:\Users\User1\AppData\Roaming\Thunderbird
2019-10-07 01:38 - 2019-10-07 01:38 - 000001448 _____ C:\Users\User1\Desktop\FFxUpd8d.lnk
2019-10-06 22:48 - 2019-10-06 22:48 - 000000865 _____ C:\Users\User1\Desktop\InetTrblsht.lnk
2019-10-06 03:03 - 2019-09-27 02:18 - 000000640 ____H C:\Users\User1\Downloads\aJunk19.lnk
2019-10-05 23:35 - 2019-10-05 23:35 - 000000406 _____ C:\Users\User1\Desktop\LAN.lnk
2019-10-05 23:32 - 2018-09-04 22:39 - 001081352 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2019-10-05 23:32 - 2018-09-04 22:39 - 000122896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2019-10-05 23:32 - 2018-09-04 22:39 - 000118856 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2019-10-05 23:08 - 2018-04-26 16:55 - 000006908 _____ C:\Windows\system32\Drivers\TXPWR_LMT.txt
2019-10-05 23:08 - 2018-04-26 16:55 - 000004664 _____ C:\Windows\system32\Drivers\PHY_REG_PG.txt
2019-10-05 23:08 - 2017-04-14 14:22 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\SysWOW64\Rtlihvs.dll
2019-10-05 23:08 - 2017-04-14 14:22 - 000451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2019-10-05 23:01 - 2019-10-05 23:01 - 000000000 ____D C:\Users\User1\AppData\Roaming\driveridentifier
2019-10-05 23:00 - 2019-10-05 23:14 - 000000000 ____D C:\Program Files (x86)\Driver Identifier
2019-10-05 15:12 - 2019-10-07 17:46 - 000000000 ____D C:\Users\User1\AppData\Roaming\Mozilla
2019-10-05 14:48 - 2019-10-05 14:48 - 000000000 ____D C:\Program Files (x86)\Cisco
2019-10-05 14:47 - 2019-10-06 15:55 - 000500736 _____ (Realtek) C:\Windows\SwUSB.exe
2019-10-05 14:47 - 2019-10-06 15:55 - 000044760 _____ () C:\Windows\runSW.exe
2019-10-05 14:47 - 2019-01-10 08:45 - 007016816 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlanu.sys
2019-10-05 14:47 - 2017-04-14 14:22 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2019-10-05 14:27 - 2019-10-05 14:27 - 000001768 _____ C:\Users\User1\Desktop\TBPort(NEW).lnk
2019-10-03 22:55 - 2019-10-03 22:55 - 000000000 ____D C:\Program Files\Microsoft Security Client
2019-10-03 22:55 - 2019-10-03 22:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2019-10-01 01:01 - 2019-10-01 01:01 - 000000000 ____D C:\temp
2019-10-01 01:01 - 2008-05-15 03:28 - 000026624 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\jswpslwfx.sys
2019-10-01 00:57 - 2019-10-01 00:57 - 000000000 ____D C:\Windows\pcidevice
2019-10-01 00:21 - 2019-10-07 01:21 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-10-01 00:21 - 2019-05-23 16:13 - 000079144 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam620.sys
2019-10-01 00:21 - 2019-05-23 15:55 - 000053848 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtVlan620.sys
2019-10-01 00:21 - 2019-05-23 15:47 - 000057432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtNdPt60.sys
2019-09-30 23:32 - 2011-07-22 10:33 - 000025056 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
2019-09-30 14:00 - 2019-09-30 14:00 - 000000000 ____D C:\Users\User1\AppData\Roaming\Skype
2019-09-29 16:00 - 2019-09-29 16:00 - 000001748 _____ C:\Users\User1\Desktop\MagicFeelings.lnk
2019-09-29 15:30 - 2019-09-29 15:30 - 000001028 _____ C:\Users\User1\Desktop\MMovie4k.lnk
2019-09-27 15:40 - 2019-09-27 15:40 - 000000849 _____ C:\Users\User1\Desktop\POffc.lnk
2019-09-27 14:16 - 2019-09-27 14:21 - 000066560 _____ C:\Windows\dm_batch.bak
2019-09-27 14:16 - 2019-09-27 14:21 - 000000096 _____ C:\Windows\dm.dmap
2019-09-27 14:15 - 2019-09-27 14:15 - 000733080 _____ C:\Windows\system32\ndw-fre.exe
2019-09-27 14:15 - 2019-09-27 14:15 - 000021208 _____ C:\Windows\system32\MDA_NTDRV.sys
2019-09-27 13:00 - 2019-09-27 13:00 - 000000516 _____ C:\Users\User1\Desktop\¶-7QG.URL
2019-09-27 00:37 - 2019-09-27 00:37 - 000000000 ____D C:\ProgramData\Office Genuine Advantage
2019-09-27 00:37 - 2019-09-27 00:37 - 000000000 ____D C:\MGADiagToolOutput
2019-09-26 17:54 - 2019-09-26 17:58 - 000000000 ____D C:\Users\Public\Documents\HostsMan Backups
2019-09-26 17:54 - 2019-09-26 17:58 - 000000000 ____D C:\ProgramData\Documents\HostsMan Backups
2019-09-26 17:54 - 2019-09-26 17:54 - 000000000 ____D C:\Users\User1\AppData\Roaming\abelhadigital.com
2019-09-26 17:54 - 2019-09-26 17:54 - 000000000 ____D C:\ProgramData\abelhadigital.com
2019-09-26 16:03 - 2019-09-26 16:03 - 000000000 ____D C:\Users\User1\AppData\Local\TileDataLayer
2019-09-26 16:03 - 2019-09-26 16:03 - 000000000 ____D C:\Users\User1\AppData\Local\Packages
2019-09-26 16:03 - 2019-09-26 16:03 - 000000000 ____D C:\ProgramData\USOPrivate
2019-09-26 14:04 - 2019-09-26 14:04 - 000000000 ___RD C:\Users\User1\Documents\Scanned Documents
2019-09-26 14:04 - 2019-09-26 14:04 - 000000000 ____D C:\Users\User1\Documents\Fax
2019-09-26 13:53 - 2019-09-26 13:53 - 000000000 ____D C:\Program Files\Bonjour
2019-09-26 13:53 - 2019-09-26 13:53 - 000000000 ____D C:\Program Files (x86)\Bonjour
2019-09-26 13:52 - 2019-09-26 18:12 - 000000000 ____D C:\ProgramData\Acronis
2019-09-18 15:06 - 2019-10-07 17:44 - 001615872 _____ (Farbar) C:\Users\User1\Desktop\FRST64.exe
2019-09-18 00:26 - 2019-09-18 00:26 - 000000224 _____ C:\Users\User1\Desktop\Toilets.URL
2019-09-16 01:26 - 2019-09-16 01:26 - 000001115 _____ C:\Users\User1\Desktop\D-d.lnk
2019-09-09 20:32 - 2019-09-09 20:32 - 000000355 _____ C:\Users\User1\Desktop\Recycl.lnk
2019-09-09 20:32 - 2019-09-09 20:32 - 000000355 _____ C:\Users\User1\Desktop\Computr.lnk
2019-09-09 13:56 - 2019-09-09 13:56 - 000001794 _____ C:\Users\User1\Desktop\AE.lnk
2019-09-08 22:55 - 2019-09-08 22:55 - 000000953 _____ C:\Users\User1\Desktop\Dwhelper.lnk
2019-09-07 22:49 - 2019-09-07 22:49 - 000000091 _____ C:\Users\User1\Desktop\BestKRadios.url

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-07 17:45 - 2018-09-23 15:13 - 000000000 ____D C:\FRST
2019-10-07 17:21 - 2018-02-22 18:36 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2019-10-07 17:17 - 2016-02-07 22:22 - 000000000 ____D C:\Users\User1
2019-10-07 17:15 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-10-07 17:10 - 2016-06-07 16:10 - 000000550 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1925592742-456944920-4000667399-1008.job
2019-10-07 17:01 - 2009-07-14 06:13 - 000782510 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-07 17:01 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-10-07 16:51 - 2016-02-19 17:00 - 000000913 _____ C:\Windows\Tasks\EPSON Perfection V39 Update.job
2019-10-07 15:43 - 2016-02-08 17:37 - 000000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\INET
2019-10-07 15:43 - 2013-08-19 23:41 - 000000000 ____D C:\Program Files (x86)\INET
2019-10-07 14:53 - 2016-04-29 15:45 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2019-10-07 14:01 - 2009-07-14 05:45 - 000025568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-07 14:01 - 2009-07-14 05:45 - 000025568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-07 13:52 - 2016-05-26 14:28 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-07 13:52 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-07 01:35 - 2019-05-16 19:25 - 000009552 _____ C:\Windows\Sandboxie.ini
2019-10-07 01:20 - 2016-02-08 17:37 - 000000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MAINTAIN
2019-10-06 16:59 - 2018-12-18 01:29 - 000000000 ____D C:\Users\User1\Documents\OneNote
2019-10-06 04:06 - 2009-10-27 13:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-10-06 01:37 - 2009-10-25 13:06 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-05 23:08 - 2009-07-14 03:34 - 000000564 _____ C:\Windows\win.ini
2019-10-05 22:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-10-05 21:37 - 2009-07-14 06:08 - 000032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-10-05 14:58 - 2016-02-14 19:43 - 000000000 ____D C:\Users\User1\AppData\Local\CrashDumps
2019-10-05 13:17 - 2019-05-17 17:16 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-05 13:16 - 2011-05-29 10:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-05 02:52 - 2016-02-15 16:51 - 000000000 ____D C:\Portable Program Files
2019-10-04 17:36 - 2016-02-11 00:53 - 000168306 _____ C:\ads_err.adt
2019-10-04 03:17 - 2016-03-17 20:26 - 000000000 ____D C:\Users\User1\dwhelper
2019-10-03 23:03 - 2016-02-08 17:36 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UTILITIES
2019-10-03 22:56 - 2012-02-22 19:20 - 000001945 _____ C:\Windows\epplauncher.mif
2019-10-02 03:31 - 2016-01-18 16:42 - 000000000 ____D C:\Program Files (x86)\MAINTENANCE
2019-10-01 03:05 - 2016-02-09 18:37 - 000000000 ____D C:\Program Files\7-Zip
2019-09-30 23:15 - 2016-02-07 22:29 - 000000000 ____D C:\Users\User1\AppData\Local\ElevatedDiagnostics
2019-09-30 00:54 - 2016-02-20 15:55 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSG
2019-09-29 01:59 - 2017-11-22 20:33 - 000000000 ___RD C:\Users\User1\Desktop\BB&id
2019-09-27 17:06 - 2018-12-10 03:15 - 000000000 ____D C:\Program Files\Recuva
2019-09-27 13:58 - 2018-02-22 17:38 - 000000000 ____D C:\Program Files\MAINTENANCE
2019-09-27 00:25 - 2016-02-14 23:59 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-09-27 00:23 - 2016-02-06 23:02 - 000000000 ____D C:\Users\User2\AppData\LocalLow\Temp
2019-09-27 00:23 - 2010-03-24 15:39 - 000000000 ____D C:\Users\User3\AppData\LocalLow\Temp
2019-09-27 00:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-09-26 17:57 - 2009-07-14 03:34 - 000007106 _____ C:\Windows\system32\Drivers\etc\HOSTS.bak
2019-09-26 17:18 - 2019-05-19 16:42 - 000000000 ____D C:\Program Files\Sandboxie
2019-09-26 16:53 - 2016-02-08 17:36 - 000000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VIDEO
2019-09-26 16:52 - 2016-02-08 17:37 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NOTATION
2019-09-26 16:48 - 2018-10-06 20:14 - 001265960 _____ C:\Users\User1\AppData\Local\GDIPFONTCACHEV1.DAT
2019-09-26 16:26 - 2016-02-13 22:22 - 000000000 ____D C:\Users\User1\AppData\Roaming\HandBrake
2019-09-26 16:16 - 2016-02-10 23:28 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BIZ
2019-09-26 16:15 - 2016-02-09 18:48 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMG
2019-09-26 16:15 - 2016-02-08 17:37 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AUDIO
2019-09-26 16:14 - 2016-02-08 17:37 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAWs
2019-09-26 16:07 - 2009-10-25 23:42 - 000001024 _____ C:\Windows\demdata.txt
2019-09-26 16:05 - 2009-10-25 23:32 - 000000000 ____D C:\Program Files (x86)\Native Instruments
2019-09-26 14:05 - 2018-03-26 23:48 - 000000000 ____D C:\Users\User1\AppData\Roaming\Thinstall
2019-09-26 14:03 - 2009-10-26 12:17 - 000000000 ____D C:\Program Files (x86)\Guitar Pro 5
2019-09-26 13:53 - 2012-02-25 12:54 - 000371144 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2019-09-16 00:01 - 2018-09-04 01:43 - 000000000 ____D C:\Users\User1\AppData\Local\SquirrelTemp
2019-09-13 23:09 - 2012-02-22 19:19 - 000766376 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-09-13 01:53 - 2016-02-07 22:30 - 000023636 _____ C:\Users\User1\Documents\Layout 1280 x 1024.dtr
2019-09-13 01:51 - 2016-02-07 22:39 - 000001696 _____ C:\Users\User1\Desktop\Gtr,Kar.lnk
2019-09-13 01:47 - 2016-02-07 22:39 - 000000615 _____ C:\Users\User1\Desktop\Aud.lnk
2019-09-13 01:42 - 2018-07-03 22:23 - 000000868 _____ C:\Users\User1\Desktop\InetCafes.lnk
2019-09-11 20:45 - 2018-01-29 14:04 - 000000904 _____ C:\Users\User1\Desktop\Music#NOW.lnk
2019-09-11 13:38 - 2018-03-13 19:44 - 000004456 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-11 13:38 - 2016-07-16 13:03 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-09-11 13:38 - 2012-08-08 17:04 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-09-11 13:38 - 2012-08-08 17:04 - 000000000 ____D C:\Windows\system32\Macromed
2019-09-11 13:38 - 2012-02-12 14:09 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-10 02:03 - 2018-10-04 23:10 - 000022976 _____ C:\Users\User2\Documents\Layout 1280 x 1024.dtr
2019-09-09 13:56 - 2019-07-10 20:37 - 000001618 _____ C:\Users\User1\Desktop\FixShortcts.lnk
2019-09-09 13:55 - 2019-07-12 14:42 - 000013025 _____ C:\Users\User1\Desktop\ShortctMan.lnk
2019-09-09 02:27 - 2019-01-23 03:27 - 000001045 _____ C:\Users\User1\Desktop\Hoods.lnk
2019-09-08 20:59 - 2019-03-15 01:22 - 000000694 _____ C:\Users\User1\Desktop\GTAV100%.lnk
2019-09-08 20:02 - 2016-01-18 17:24 - 000000000 ____D C:\Program Files (x86)\UTILITIES

==================== Files in the root of some directories ================

2009-10-26 11:48 - 2009-10-26 11:48 - 000000604 ____H () C:\Program Files (x86)\STLL Notifier
2016-02-07 22:30 - 2010-04-17 16:14 - 000000052 _____ () C:\Users\User1\AppData\Roaming\Culture Prefs
2016-08-29 16:06 - 2016-08-29 16:06 - 000000112 _____ () C:\Users\User1\AppData\Roaming\JP2K CS6 Prefs
2016-02-11 00:49 - 2019-05-14 22:01 - 000005852 _____ () C:\Users\User1\AppData\Roaming\Rim.Desktop.Exception.log
2016-02-11 00:49 - 2016-03-19 22:56 - 000006217 _____ () C:\Users\User1\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2016-02-11 00:49 - 2019-05-14 22:01 - 000005852 _____ () C:\Users\User1\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-02-21 20:26 - 2016-11-17 22:59 - 000001475 _____ () C:\Users\User1\AppData\Roaming\SAS7_000.DAT
2016-02-18 01:11 - 2016-02-18 01:11 - 000000096 _____ () C:\Users\User1\AppData\Roaming\version2.xml
2016-02-10 15:22 - 2012-02-26 20:40 - 000037814 _____ () C:\Users\User1\AppData\Roaming\Microsoft\MSO1033.acl
2016-02-10 15:22 - 2014-03-14 23:09 - 000000110 _____ () C:\Users\User1\AppData\Roaming\Microsoft\MSO2057.acl
2016-02-10 15:22 - 2016-01-24 21:29 - 000000030 _____ () C:\Users\User1\AppData\Roaming\Microsoft\MSO3081.acl
2019-07-08 00:57 - 2017-07-16 14:49 - 000000218 _____ () C:\Users\User1\AppData\Local\recently-used.xbel
2016-02-07 22:29 - 2018-01-15 17:09 - 000007603 _____ () C:\Users\User1\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-09-30 15:12
==================== End of FRST.txt ============================


  • 0

Advertisements


#41
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 369 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by User1 (07-10-2019 17:46:26)
Running from C:\Users\User1\Desktop
Windows 7 Professional Service Pack 1 (X64) (2009-10-24 16:18:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1925592742-456944920-4000667399-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1925592742-456944920-4000667399-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1925592742-456944920-4000667399-1002 - Limited - Enabled)
User3 (S-1-5-21-1925592742-456944920-4000667399-1003 - Administrator - Enabled) => C:\Users\User3
User1 (S-1-5-21-1925592742-456944920-4000667399-1008 - Administrator - Enabled) => C:\Users\User1
User2 (S-1-5-21-1925592742-456944920-4000667399-1006 - Administrator - Enabled) => C:\Users\User2

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
[email protected] KillDisk 11 (HKLM\...\{0218BA4B-0594-40E2-B3C6-40A859A348FF}_is1) (Version: 11 - LSoft Technologies Inc)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.255 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{421E3900-59C7-8A50-C424-83CFFC1DB2B9}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AnyTrans for Android (HKLM-x32\...\{CE84DF95-1914-47BB-8055-847E28B605B9}) (Version: 6.3.5 - iMobie) Hidden
AnyTrans for Android (HKLM-x32\...\AnyTrans for Android 6.3.5) (Version: 6.3.5 - iMobie)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtsAcoustic Reverb 1.2.1 (HKLM-x32\...\ArtsAcoustic Reverb) (Version: 1.2.1 - ArtsAcoustic Vertrieb GbR)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AudioEase Altiverb VST RTAS v6.12 (HKLM-x32\...\AudioEase Altiverb VST RTAS_is1) (Version:  - )
Authy Desktop (HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\authy-electron) (Version: 1.7.0 - Twilio Inc.)
AutoHotkey 1.1.23.01 (HKLM\...\AutoHotkey) (Version: 1.1.23.01 - Lexikos)
Axe-Edit 3.12.0 (HKLM-x32\...\{0B2FECD3-B4EF-4071-9546-7529D90BAA99}_is1) (Version:  - Fractal Audio)
BlackBerry 10 Desktop Software (HKLM-x32\...\{a0642dd3-1105-464b-84c8-caaf676c39c8}) (Version: 1.1.0.22 - BlackBerry)
BlackBerry Blend (HKLM-x32\...\{1DA42C01-4ED2-4B4E-B90C-18FCBA12FC41}) (Version: 1.1.0.23 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (HKLM-x32\...\{46CD5A63-0C1F-45C3-B643-CA87A17275C0}) (Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}) (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Device Drivers (HKLM-x32\...\{1F6490E5-7540-426D-BC1E-EB57B0BF0C38}) (Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd)
BlackBerry Link (HKLM-x32\...\{C42468F9-9812-4550-A54B-5DDB062EB10F}) (Version: 1.2.4.28 - BlackBerry) Hidden
BlackBerry Link Remover (HKLM-x32\...\{44D65CAB-1BC8-47B7-BF5B-3EB8B6BB0276}) (Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version:  - Bome Software GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
Contents64 (HKLM\...\{1CDDC143-E149-4945-A5C9-8B366D8C2FC6}) (Version: 18.0.0.181 - Corel Corporation) Hidden
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Corel VideoStudio Ultimate X8 (HKLM-x32\...\_{A22A80C4-F237-4B5A-825F-0731971ECBE6}) (Version: 18.6.0.6 - Corel Corporation)
dBpoweramp [Multi Encoder] Codec (HKLM-x32\...\dBpoweramp [Multi Encoder] Codec) (Version: Release 2 - Illustrate)
dBpoweramp AAC Encoder (HKLM-x32\...\dBpoweramp AAC Encoder) (Version:  - )
dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 3 - Illustrate)
dBpoweramp FLAC Codec (HKLM-x32\...\dBpoweramp FLAC Codec) (Version: Release 10 (FLAC 1.2.0) - Illustrate)
dBpoweramp m4a Codec (HKLM-x32\...\dBpoweramp m4a Codec) (Version: Release 7 - Illustrate)
dBpoweramp m4b Audio book Encoder (HKLM-x32\...\dBpoweramp m4b Audio book Encoder) (Version:  - )
dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 13.2 - Illustrate)
dBpoweramp Windows Media Audio 10 Codec (HKLM-x32\...\dBpoweramp Windows Media Audio 10 Codec) (Version: Release 5 - Illustrate)
Desktop Restore (HKLM\...\{15D07D6F-E4CC-41D9-88A3-94115E5E5A10}) (Version: 1.6.3 - JOConnell)
Desktop Restore (HKLM\...\{9DAB307E-531F-4992-AB30-6F1AD39E6CF9}) (Version: 1.6.1 - JOConnell)
Disk Drill 2.0.0.338 (HKLM-x32\...\{91CF2A75-07FB-4CAF-AE14-2BE4EE77EF00}) (Version: 2.0.338 - CleverFiles)
Document Capture Pro (HKLM-x32\...\{8930DCE5-510D-4476-A879-835188F7B6F4}) (Version: 1.06.0011 - Seiko Epson Corporation)
Dragon 14 (HKLM-x32\...\{FEAB6184-0560-4EBF-A26B-C3F2B11FE9E1}) (Version: 14.00.000 - Nuance Communications Inc.)
DriverIdentifier 5.2 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version:  - DriverIdentifier)
Earope Advanced Ear Training v1.65 (HKLM-x32\...\Earope Advanced Ear Training_is1) (Version:  - )
EASEUS Data Recovery Wizard Professional 5.5.1 (HKLM-x32\...\EASEUS Data Recovery Wizard Professional 5.5.1_is1) (Version:  - EASEUS)
East West Boesendorfer 290 (HKLM-x32\...\East West Boesendorfer 290) (Version:  - )
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
East West EWQLSO PRO XP Brass (HKLM-x32\...\East West EWQLSO PRO XP Brass) (Version:  - )
East West EWQLSO PRO XP Percussion (HKLM-x32\...\East West EWQLSO PRO XP Percussion) (Version:  - )
East West EWQLSO PRO XP Strings (HKLM-x32\...\East West EWQLSO PRO XP Strings) (Version:  - )
East West EWQLSO PRO XP Woodwinds (HKLM-x32\...\East West EWQLSO PRO XP Woodwinds) (Version:  - )
East West HardcoreBass (HKLM-x32\...\East West HardcoreBass) (Version:  - )
East West Percussive Adventures 2 (HKLM-x32\...\East West Percussive Adventures 2) (Version:  - )
East West Ra (HKLM-x32\...\East West Ra) (Version:  - )
East West Stormdrum Intakt (HKLM-x32\...\East West Stormdrum Intakt) (Version:  - )
East West Symphonic Choirs (HKLM-x32\...\East West Symphonic Choirs) (Version:  - )
East West Vapor (HKLM-x32\...\East West Vapor) (Version:  - )
Easy Photo Scan (HKLM-x32\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
Enigma (HKLM-x32\...\{1F145099-1224-4C5B-84F2-7AE6DC699F1A}) (Version: 1.2.0.0 - M-Audio)
Epson Copy Utility 4 (HKLM-x32\...\{06A7E8AB-2856-4490-BAA9-F338ABE7695A}) (Version: 4.01.0001 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.00 - SEIKO EPSON Corp.)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 5.9.6 (HKLM-x32\...\{A542D366-9877-11E5-B101-005056951CAD}) (Version: 5.9.6.9494 - Evernote Corp.)
Exif Pilot 5.4 (HKLM-x32\...\Exif Pilot_is1) (Version: 5.4 - Two Pilots)
Extreme Sample Converter v3.5.3 (HKLM-x32\...\Extreme Sample Converter v3.5.3) (Version:  - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Finale 2012 (HKLM-x32\...\Finale 2012) (Version: 2012.c.r13.4 - MakeMusic)
Fix Shortcuts 1.2 (HKLM\...\Fix Shortcuts_is1) (Version:  - Puran Software)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
Foxit PhantomPDF Business (HKLM-x32\...\{1C0B89FF-BBF6-4DB7-BC97-89CA8D5D0F54}) (Version: 7.3.0.118 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.2.0.9297 - Foxit Software Inc.)
Fractal Audio Systems USB Audio Driver v2.23.0 (HKLM-x32\...\Fractal Audio Systems USB Audio Driver v2.23.0) (Version: 2.23.0 - Fractal Audio Systems)
Fractal Audio Systems USB Driver Package 2014.06.06 (HKLM\...\{E992CC59-71FD-4199-B04E-6274F7439EA0}_is1) (Version: 2014.06.06 - Fractal Audio Systems)
Fractal-Bot 2.11.0 (HKLM-x32\...\{6DBF83F6-BE11-414D-82DC-58C414CACF35}_is1) (Version:  - Fractal Audio)
FreeFileSync 10.8 (HKLM-x32\...\FreeFileSync_is1) (Version: 10.8 - FreeFileSync.org)
Garritan Instruments for Finale 2009 (HKLM\...\Garritan Instruments for Finale 2009_is1) (Version: v1.0.0.1 - Garritan)
Garritan Jazz Big Band (HKLM-x32\...\Garritan Jazz Big Band) (Version:  - )
Gnaural ver. 1.0.20110606 (HKLM-x32\...\Gnaural_is1) (Version:  - Bret Logan)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.23.9 - Google Inc.) Hidden
GoToMeeting 8.37.0.10996 (HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\GoToMeeting) (Version: 8.37.0.10996 - LogMeIn, Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.25) (Version: 9.25 - Artifex Software Inc.)
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
HitmanPro 3.6 (HKLM\...\HitmanPro36) (Version: 3.6.1.163 - SurfRight B.V.)
ICA (HKLM-x32\...\{A22A80C4-F237-4B5A-825F-0731971ECBE6}) (Version: 18.0.0.181 - Corel Corporation) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel Processor Diagnostic Tool 64bit (HKLM-x32\...\{04d7bf4f-df2d-43f7-9ac0-0ecf85606989}) (Version: 4.1.3.35 - )
Intel® C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
IPM_VS_Pro64 (HKLM\...\{CEE838EA-72D1-4149-91F5-5591AFE0CBBC}) (Version: 18.0 - Corel Corporation) Hidden
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - )
iZotope iDrum (HKLM-x32\...\iZotope iDrum_is1) (Version: 1.61 - iZotope, Inc.)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Jazz-Plugin (HKLM-x32\...\{4D91EBA9-1769-467B-982B-C0693147D353}) (Version: 1.5 - Jazz-Soft)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
JDiskReport 1.4.1 (HKLM-x32\...\JDiskReport 1.4.1) (Version: 1.4.1 (2014-02-26 11:50:44) - JGoodies Karsten Lentzsch)
JDs Auto Speed Tester (HKLM-x32\...\JDs Auto Speed Tester) (Version:  - )
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
K-Lite Codec Pack 13.5.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.5.5 - KLCP)
KRISTAL Audio Engine (HKLM-x32\...\KRISTAL Audio Engine) (Version:  - )
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Exploit version 1.13.1.117 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.13.1.117 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Market Samurai (HKLM-x32\...\{BCBB1378-B65A-6D5C-152B-FEF3AEEE7CA8}) (Version: 0.93.86 - Alliance Software Pty Ltd) Hidden
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.86 - Alliance Software Pty Ltd)
M-Audio FireWire 6.0.4 (x64) (HKLM\...\{D53342CB-8C24-4493-9E04-C35D09873DF5}) (Version: 6.0.4 - M-Audio)
MeldaProduction Audio Plugins 9 (HKLM-x32\...\MeldaProduction Audio Plugins 9) (Version:  - MeldaProduction)
Micrologus Musician Training Center 2.3.1.6 (HKLM-x32\...\Micrologus_Musician_Training_Center_is1) (Version: 2.3.1.6 - Micrologus.com)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft IntelliPoint 7.0 (HKLM\...\{C74A84EC-7C5F-4C36-A4A6-381E516D643B}) (Version: 7.0.260.0 - Microsoft)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneNote Home and Student 2016 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.12026.20264 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Mouse Manager (HKLM\...\Mouse Manager_is1) (Version: 1.3 - RealityRipple Software)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 2.1.3 - MusicBrainz)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version:  - Native Instruments)
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version:  - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Elektrik Piano (HKLM-x32\...\Native Instruments Elektrik Piano) (Version:  - )
Native Instruments Evolve Mutations (HKLM-x32\...\Native Instruments Evolve Mutations) (Version:  - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version:  - Native Instruments)
Native Instruments Guitar Rig 3 (HKLM-x32\...\Native Instruments Guitar Rig 3) (Version:  - Native Instruments)
Native Instruments Guitar Rig 4 (HKLM-x32\...\Native Instruments Guitar Rig 4) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version:  - Native Instruments)
Native Instruments Guitar Rig v1.1.2 (HKLM-x32\...\Native Instruments Guitar Rig v1.1.2) (Version:  - )
Native Instruments Komplete 6 (HKLM-x32\...\Native Instruments Komplete 6) (Version:  - Native Instruments)
Native Instruments Kontakt 3 (HKLM-x32\...\Native Instruments Kontakt 3) (Version:  - Native Instruments)
Native Instruments Kontakt 4 (HKLM-x32\...\Native Instruments Kontakt 4) (Version:  - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Pro-53 v3.02 (HKLM-x32\...\Native Instruments Pro-53 v3.02) (Version:  - )
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version:  - )
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Orb Composer S (HKLM\...\{B8013ED0-0295-4945-B444-6C9BD5687CF2}_is1) (Version: 1.4.4 - Hexachords & Team V.R)
PC 73 Virtual Piano Keyboard (HKLM-x32\...\PC 73 Virtual Piano Keyboard) (Version:  - )
PC-50 Driver (HKLM\...\RolandRDID0053) (Version:  - Roland Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.1.1 - pdfforge GmbH)
Playlist Creator 3.6.2 (HKLM-x32\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
POP Peeper (HKLM-x32\...\POP Peeper) (Version:  - Esumsoft)
Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
Private Internet Access (HKLM\...\{33023371-7761-4F81-BBB1-0E0D0D175ACF}) (Version: 1.4.0+03180 - London Trust Media, Inc.)
proDAD Mercalli 2.0 (64bit) (HKLM\...\proDAD-Mercalli-2.0) (Version: 2.0.120 - proDAD GmbH) Hidden
Project SAM Symphobia 1.0 (HKLM-x32\...\{676FAD0D-40C3-4911-93E7-5C70C201ADEA}_is1) (Version:  - )
Pulover's Macro Creator version 4.1.3 (HKLM\...\{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1) (Version: 4.1.3 - Rodolfo U. Batista)
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rank Tracker Samurai (HKLM-x32\...\{F9BFB0DE-0DE9-A021-D4E3-E60BC77DEE9B}) (Version: 0.00.17 - Alliance Software Pty Ltd) Hidden
Rank Tracker Samurai (HKLM-x32\...\RankTrackerSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.00.17 - Alliance Software Pty Ltd)
RapidComposer (HKLM\...\RapidComposer_is1) (Version: 3.6.5 - MusicDevelopments & Team V.R)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.122.828.2018 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.4.2 - Realtek)
Realtek USB Wireless LAN Driver (HKLM-x32\...\InstallShield_{DBCC4C27-F949-482b-B786-7B3B67587CD2}) (Version: Drv_3.00.0018 - REALTEK Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Reason 4.0 (HKLM-x32\...\Reason4_is1) (Version: 4.0 - Propellerhead Software AB)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
ReWire (HKLM\...\{4481A621-E317-411C-8926-864AACDF509B}) (Version: 1.00.0000 - Waves)
Riffstation (HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\{66bd4367-2215-46cb-a211-cbddfe321d39}) (Version: 1.6.3 - Sonic Ladder Ltd.)
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Sandboxie 5.31.4 (64-bit) (HKLM\...\Sandboxie) (Version: 5.31.4 - Sandboxie Holdings, LLC)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
Security Task Manager 1.7f (HKLM-x32\...\Security Task Manager) (Version: 1.7f - Neuber GmbH)
Setup (HKLM-x32\...\{CC55892B-B7A6-4F5F-BFB4-F69D77E2D7D5}) (Version: 18.0.0.181 - Corel Corporation) Hidden
Share64 (HKLM\...\{3BB9B652-3725-419E-869F-7A5F7FE82C28}) (Version: 18.0.0.181 - Corel Corporation) Hidden
Skype version 8.23 (HKLM-x32\...\Skype_is1) (Version: 8.23 - Skype Technologies S.A.)
Softube FET Compressor VST RTAS v1.0.3 (HKLM-x32\...\Softube FET Compressor VST RTAS_is1) (Version:  - )
Softube Tube-Tech PE 1C VST RTAS v1.0.1 (HKLM-x32\...\Softube Tube-Tech PE 1C_is1) (Version:  - )
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
SoundToys Native Effects VST RTAS v3.1.2 (HKLM-x32\...\SoundToys Native Effects VST RTAS_is1) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Stream What You Hear (SWYH) version 1.4 (HKLM-x32\...\{5FBEA9D3-668E-4B88-BF6C-E1BCF441ECFD}_is1) (Version: 1.4 - Sebastien.warin.fr)
Streaming Video Recorder V5.1.3 (HKLM-x32\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 5.1.3 - APOWERSOFT LIMITED)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version:  - )
Sylenth1 v2.20 (HKLM-x32\...\Sylenth1_is1) (Version:  - )
System Scheduler 4.35 (HKLM-x32\...\Windows Scheduler_is1) (Version:  - Splinterware Software Solutions)
Sytrus (HKLM-x32\...\Sytrus) (Version:  - Image-Line)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TimeComX Basic (64-Bit) (HKLM-x32\...\TimeComX Basic 64-Bit) (Version: 1.3.2.0 - Bitdreamers)
Transcribe! 8.40 (HKLM-x32\...\Transcribe!_is1) (Version: 8.40 - Seventh String Software)
Trilogy (HKLM-x32\...\Trilogy_is1) (Version:  - Spectrasonics, Inc.)
TruePianos 1.5.0 (HKLM\...\TruePianos_is1) (Version:  - 4Front Technologies)
TruePianos: Amber Module 1.4.0 (HKLM-x32\...\TruePianos: Amber Module_is1) (Version:  - 4Front Technologies)
TruePianos: Diamond Module 1.4.0 (HKLM-x32\...\TruePianos: Diamond Module_is1) (Version:  - 4Front Technologies)
TruePianos: Emerald Module 1.4.0 (HKLM-x32\...\TruePianos: Emerald Module_is1) (Version:  - 4Front Technologies)
TruePianos: Sapphire Module 1.4.0 (HKLM-x32\...\TruePianos: Sapphire Module (Pedal sounds included)_is1) (Version:  - 4Front Technologies)
TruePianos: Sapphire Module 1.4.0 (HKLM-x32\...\TruePianos: Sapphire Module_is1) (Version:  - 4Front Technologies)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Ut Video Codec Suite (HKLM\...\utvideo_is1) (Version: 15.4.0 - UMEZAWA Takeshi)
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
VideoStudio MyDVD (HKLM-x32\...\{49D8422A-D54E-425F-8A38-54167B1174A1}) (Version: 1.0 - Corel)
VideoStudio MyDVD (HKLM-x32\...\{7EB40408-4144-4477-95B5-B80B02A1FB66}) (Version: 1.0.112 - Corel Corporation) Hidden
Voxengo Boogex (HKLM\...\Voxengo Boogex_is1) (Version: 2.1 - Voxengo)
Voxengo Marvel GEQ (HKLM\...\Voxengo Marvel GEQ_is1) (Version: 1.4 - Voxengo)
Voxengo Overtone GEQ (HKLM\...\Voxengo Overtone GEQ_is1) (Version: 1.11 - Voxengo)
VSClassic64 (HKLM\...\{C8686FE2-D759-4304-9791-66ED3C1A7789}) (Version: 18.0.0.181 - Corel Corporation) Hidden
VSUltimate64 (HKLM\...\{4BBC9291-7961-42EE-9CDA-6EC4BD6EB782}) (Version: 18.0.0.181 - Corel Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wave Arts Tube Saturator (HKLM-x32\...\Wave Arts Tube Saturator) (Version:  - )
Wave Arts Tube Saturator 64 (HKLM\...\Wave Arts Tube Saturator 64) (Version:  - )
Waves Complete v8.0.11 (HKLM-x32\...\Waves Complete V8_is1) (Version:  - )
Waves Mercury Complete VST DX RTAS v1.01 (HKLM-x32\...\Waves Mercury Complete VST DX RTAS_is1) (Version:  - Waves Ltd.)
Windows Driver Package - Advanced Micro Devices (AtiHDAudioService) MEDIA  (01/16/2016 7.12.0.7723) (HKLM\...\E18EFCE3DA74D73E2828F3B3E53176B4E08B9418) (Version: 01/16/2016 7.12.0.7723 - Advanced Micro Devices)
Windows Driver Package - Advanced Micro Devices (AtiHDAudioService) MEDIA  (08/11/2015 7.12.0.7723) (HKLM\...\FF579B3D0A1F64296C1D2BD5BE5728F02B42E927) (Version: 08/11/2015 7.12.0.7723 - Advanced Micro Devices)
Windows Driver Package - Advanced Micro Devices, Inc. (amdkmdap) Display  (04/05/2012 8.961.0.0000) (HKLM\...\66FF30DCFCACEE6BACEC2B23668C4F83C158922A) (Version: 04/05/2012 8.961.0.0000 - Advanced Micro Devices, Inc.)
Windows Driver Package - Alcor Micro, Corp. (AmUStor) USB  (04/11/2016 1.0.145.40103) (HKLM\...\7DBA26E9A80D98472F1CF95A0767EB4949C8885D) (Version: 04/11/2016 1.0.145.40103 - Alcor Micro, Corp.)
Windows Driver Package - Alcor Micro, Corp. (AmUStor) USB  (09/22/2015 1.0.144.2002) (HKLM\...\A841DAE23AACC3DE82C4ABD365CA02F42BD2D6BF) (Version: 09/22/2015 1.0.144.2002 - Alcor Micro, Corp.)
Windows Driver Package - Alcor Micro, Corp. (AmUStor) USB  (12/08/2015 1.0.145.40101) (HKLM\...\DF633FC6C1775EA261113B0E3C4728D8B6204522) (Version: 12/08/2015 1.0.145.40101 - Alcor Micro, Corp.)
Windows Driver Package - AMD (amdkmpfd) System  (02/12/2015 15.20.0.0000) (HKLM\...\708AE871DE4DE98C022B914117B48025341D07B8) (Version: 02/12/2015 15.20.0.0000 - AMD)
Windows Driver Package - AMD (amdkmpfd) System  (07/24/2013 13.15.1.0001) (HKLM\...\EF70220A4FF8FBE3EC6338B797A142BC03FACCE7) (Version: 07/24/2013 13.15.1.0001 - AMD)
Windows Driver Package - ATK (MTsensor) System  (05/05/2009 1043.6.0.0) (HKLM\...\A1CE88ECEE452DF2F78DB201E0D9BED96DD08791) (Version: 05/05/2009 1043.6.0.0 - ATK)
Windows Driver Package - BlackBerry (RimUsb) RIMUSBBB  (08/21/2015 4.2.0.37) (HKLM\...\B55CD77E7DF02D898BAAEF952AD0A614BA6C130B) (Version: 08/21/2015 4.2.0.37 - BlackBerry)
Windows Driver Package - Challenger Backup Solutions, LLC (FlashBoot) DiskDrive  (08/11/2013 2.3.72.0) (HKLM\...\CA8BFE662913F62CB908BA31685037C57A7DD973) (Version: 08/11/2013 2.3.72.0 - Challenger Backup Solutions, LLC)
Windows Driver Package - Dell Inc. Monitor  (06/22/2005 1.0) (HKLM\...\591C1894C89A0FDEDDFFF2E6FF3906BDD14F5041) (Version: 06/22/2005 1.0 - Dell Inc.)
Windows Driver Package - EPSON Printer  (04/21/2009 6.3.9600.17415) (HKLM\...\50BCF590163ED91C75D0032CD403946293288A3F) (Version: 04/21/2009 6.3.9600.17415 - EPSON)
Windows Driver Package - Fractal Audio Systems (axefx2load) USB  (05/15/2011 1.0.0.9) (HKLM\...\6AEB8A42A154DE456DE5E467C01A582911CB5C6A) (Version: 05/15/2011 1.0.0.9 - Fractal Audio Systems)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (12/06/2010 4.0.0000.00000) (HKLM\...\30B2813B1F17EF6D99360A190E7F0D3BA2F0DC3C) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.)
Windows Driver Package - Intel hdc  (07/25/2013 9.1.9.1005) (HKLM\...\45E15243FF229D0F06670A5B262CA9C7887085F6) (Version: 07/25/2013 9.1.9.1005 - Intel)
Windows Driver Package - Intel System  (07/25/2013 9.1.9.1005) (HKLM\...\0D5FF16DF1EB1D79525FA3E61418108F8F3002E1) (Version: 07/25/2013 9.1.9.1005 - Intel)
Windows Driver Package - Intel System  (07/25/2013 9.1.9.1005) (HKLM\...\CAC45647A959F237CE25C052FDB9A4A914C34830) (Version: 07/25/2013 9.1.9.1005 - Intel)
Windows Driver Package - Intel System  (07/25/2013 9.1.9.1005) (HKLM\...\ED810FFB415BA44CFFBFDE4E3A80FA4D67842D61) (Version: 07/25/2013 9.1.9.1005 - Intel)
Windows Driver Package - Intel USB  (07/31/2013 9.1.9.1006) (HKLM\...\B0CC38E1CE139A5179BF0F8255865BD29DA00B02) (Version: 07/31/2013 9.1.9.1006 - Intel)
Windows Driver Package - JMicron (usbccgp) USB  (07/28/2009 1.0.4.2) (HKLM\...\D3AAF0E65D8B1D5934711D3312BF76371DB14E42) (Version: 07/28/2009 1.0.4.2 - JMicron)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter  (09/17/2012 1.17.65.11) (HKLM\...\39FCA3B1E44BB5B526E74F29B111ACB49ABC9017) (Version: 09/17/2012 1.17.65.11 - JMicron Technology Corp.)
Windows Driver Package - KYE System Corp. (ioFakMap) HIDClass  (07/23/2015 10.0.0.1) (HKLM\...\4E0CA847D35A4DB0EBC8BA2B5254126B3D650579) (Version: 07/23/2015 10.0.0.1 - KYE System Corp.)
Windows Driver Package - KYE System Corp. (ioFakMap) HIDClass  (09/09/2013 6.3.0.1) (HKLM\...\2D411C1C731F85B0AE8A713F3C27A67932A89369) (Version: 09/09/2013 6.3.0.1 - KYE System Corp.)
Windows Driver Package - Logitech (HidUsb) HIDClass  (08/31/2012 1.10.77.0) (HKLM\...\5498ECA18B56D1C7C4EC25B46FBEA3A008C6545A) (Version: 08/31/2012 1.10.77.0 - Logitech)
Windows Driver Package - Logitech (usbccgp) USB  (11/04/2010 1.0.2.11) (HKLM\...\8A87028F68EFC3B6D4F26F7EF2DDB31C8F6767EF) (Version: 11/04/2010 1.0.2.11 - Logitech)
Windows Driver Package - Microsoft (usbvideo) Image  (11/30/2011 4.00.271.0) (HKLM\...\038FE5C3ADC3253893A69B8C3731D30F61329D0D) (Version: 11/30/2011 4.00.271.0 - Microsoft)
Windows Driver Package - Realtek (RTL8167) Net  (01/07/2016 7.098.0107.2016) (HKLM\...\98646A049185AFF3261925EB9AF62F27CDE1973A) (Version: 01/07/2016 7.098.0107.2016 - Realtek)
Windows Driver Package - Realtek (RTL8167) Net  (04/22/2016 7.100.0422.2016) (HKLM\...\F8155F67753B825ABE617429CF7039CBBA40F662) (Version: 04/22/2016 7.100.0422.2016 - Realtek)
Windows Driver Package - Realtek (RTL8167) Net  (10/01/2015 7.097.1001.2015) (HKLM\...\68DA79C9547185B2A7523EB8E6D022500B2B3ACC) (Version: 10/01/2015 7.097.1001.2015 - Realtek)
Xvid MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version:  - Xvid Development Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1925592742-456944920-4000667399-1008_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\5174\G2MOutlookAddin64.dll (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2016-01-07] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-07-13] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:/Program Files/UTILITIES/PDFCreator/PDFCreatorShell.DLL [2017-10-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DeskMenu] -> {7E74422F-2393-11D4-98E0-444553540000} => C:\Program Files (x86)\Desktop Restore\dkticnsr.dll [2010-11-12] (Jamie O'Connell) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-07-13] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\User1\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
Shortcut: C:\Users\User1\Desktop\PIAxTB.lnk -> C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\INET\PIAxTB.bat ()
Shortcut: C:\Users\User1\Desktop\RV.lnk -> C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\INET\TBxPIA.bat ()
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VST INST\Native Instruments\Service Center\Native Instruments Homepage.lnk -> hxxp://www.native-instruments.de
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VST INST\Native Instruments\Pro-53\Native Instruments Homepage.lnk -> hxxp://www.native-instruments.net
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VST INST\Native Instruments\Guitar Rig 1.1.2\Native Instruments Homepage.lnk -> hxxp://www.native-instruments.net
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VST FX\Native Instruments\Guitar Rig 1.1.2\Native Instruments Homepage.lnk -> hxxp://www.native-instruments.net
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NOTATION\Finale 2012\User Manual.lnk -> hxxp://www.finalemusic.com/UserManuals/Finale2012Win/Finale_Left.ht
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MAINTAIN\JDiskReport 1.4.1\JGoodies Home Page.lnk -> hxxp://www.jgoodies.com
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\INET\JDs Auto Speed Tester\Visit Web Site.lnk -> hxxp://
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAWs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAWs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://diagnostic.image-line.com
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAWs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAWs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
Shortcut: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AUDIO\dBpoweramp Music Converter\Register dBpoweramp.lnk -> hxxp://www.dbpoweramp.com/dmc-power-register.htm

==================== Loaded Modules (Whitelisted) ==============

2015-03-19 12:22 - 2015-03-19 12:22 - 000094208 _____ () [File not signed] C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2016-01-27 15:11 - 2012-01-29 17:55 - 000657920 _____ () [File not signed] C:\Program Files\TeraCopy\TeraCopy64.dll
2018-05-02 23:24 - 2015-06-02 08:41 - 000721408 _____ (hxxp://lame.sf.net) [File not signed] C:\Program Files (x86)\AUDIO\Stream What You Hear\libmp3lame.32.dll
2016-02-09 18:37 - 2015-12-31 15:15 - 000077312 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2010-11-12 23:28 - 2010-11-12 23:28 - 000449536 _____ (Jamie O'Connell) [File not signed] C:\Program Files (x86)\Desktop Restore\dkticnsr.dll
2019-05-17 17:14 - 2019-05-17 17:14 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2019-05-17 17:14 - 2019-05-17 17:14 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2016-02-09 18:41 - 2018-01-07 17:05 - 000120072 _____ (pdfforge GmbH) [File not signed] C:\Windows\System32\pdfcmon.dll
2013-08-01 17:05 - 2013-08-01 17:05 - 000112128 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2015-01-29 11:04 - 2015-01-29 11:04 - 000004096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\dell.com -> dell.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-10-07 13:52 - 001304404 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 74.86.5.247
127.0.0.1 media.opencandy.com
127.0.0.1 cdn.opencandy.com
127.0.0.1 tracking.opencandy.com
127.0.0.1 api.opencandy.com
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 fe2.update.microsoft.com.akadns.net
0.0.0.0 s0.2mdn.net
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 view.atdmt.com
0.0.0.0 watson.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com

There are 45662 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\ia32\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\VIDEO\QuickTime\QTSystem\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\Control Panel\Desktop\\Wallpaper -> C:\Users\User1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AcronisOSSReinstallSvc => 2
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: Gizmo Central => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: NIHardwareService => 2
MSCONFIG\Services: syncagentsrv => 2
MSCONFIG\Services: UnsignedThemes => 2
MSCONFIG\Services: WinDefend => 3
MSCONFIG\startupfolder: C:^Users^User1^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^User1^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: avichannel => "C:\Program Files (x86)\MSG\Evaer Skype Recorder\videochannel.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: ISUSPM Startup => "c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Skype for Desktop => C:\Portable Program Files\MSG\SkypePortable\app\Skype.exe
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\MAINTENANCE\TrueImageHome\TrueImageMonitor.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7276BF16-03F5-4092-A3D1-570910DD4CDA}] => (Block) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{8F8F735E-BFC5-48F5-9AF9-4746E1A72AAA}] => (Block) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation -> Malwarebytes)
FirewallRules: [{07275EB8-8FB1-4DF3-B4F8-4B7E33C9ACCB}] => (Allow) C:\Program Files (x86)\AUDIO\Winamp Lite\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{3C903969-A203-40CA-826A-78C91D9E1532}] => (Allow) C:\Program Files (x86)\AUDIO\Winamp Lite\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{0B0A8C75-21CB-4939-A973-27884781226F}] => (Allow) C:\Program Files (x86)\WORK\Microsoft Office 2007\Office12\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A63EFC61-80C6-41BC-B263-46EB789A6787}] => (Allow) C:\Program Files (x86)\WORK\Microsoft Office 2007\Office12\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FFFAC329-843D-4B4C-B378-0A26D2082DA1}] => (Block) C:\Windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F2B13664-C0CF-443E-9323-7AA59C9AB5A3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{9C094317-857E-4BBC-ABB9-8A198EB7B074}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{FC49401F-BD2A-46B9-9CB4-8495B2152A11}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{DB5BCCE7-A067-405E-B38B-7E9D59FF9185}] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{615FD8E7-2A10-45B4-94A9-6CA6FA3E2058}] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{52DE605D-52FD-4B65-9998-D9F50EC92171}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{49CC108C-A904-423A-AA0C-C5256BE16B45}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{805AA0FA-A7C3-4A40-A9E2-9FB7E6AD5A15}C:\portable program files\msg\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\portable program files\msg\skypeportable\app\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{D330B362-FC43-4C0B-91D9-D6CF44A11010}C:\portable program files\msg\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\portable program files\msg\skypeportable\app\skype\phone\skype.exe No File
FirewallRules: [{298F4086-A4FB-4DE3-BE4B-1010ABEFB0ED}] => (Allow) LPort=51001
FirewallRules: [TCP Query User{0C4C360E-D6B8-47AA-93FA-E9857C929244}C:\portable program files\automate\phraseexpress\phraseexpress.exe] => (Block) C:\portable program files\automate\phraseexpress\phraseexpress.exe (Bartels Media GmbH -> Bartels Media GmbH)
FirewallRules: [UDP Query User{7A172613-B3B9-4631-94B4-E5DF36FBC873}C:\portable program files\automate\phraseexpress\phraseexpress.exe] => (Block) C:\portable program files\automate\phraseexpress\phraseexpress.exe (Bartels Media GmbH -> Bartels Media GmbH)
FirewallRules: [{3087E63C-4B9E-4D3D-A0A6-624B649CFEBD}] => (Allow) C:\Program Files (x86)\UTILITIES\RIM\Rim.Desktop.exe (Research In Motion -> Research In Motion)
FirewallRules: [{E6D4DB63-B282-491F-9160-38D68A199075}] => (Allow) C:\Program Files (x86)\UTILITIES\RIM\Rim.Desktop.exe (Research In Motion -> Research In Motion)
FirewallRules: [{157548F2-8CD2-4C01-B2A4-E0FE96CB5669}] => (Allow) LPort=4481
FirewallRules: [{2C8E22DE-2466-40C4-9468-8E9B667382B5}] => (Allow) LPort=4481
FirewallRules: [{C3159DD3-9B90-4035-BFF7-A9B462A6330F}] => (Allow) LPort=4482
FirewallRules: [{338342B8-002B-4036-B79D-8EE470B8DC2B}] => (Allow) LPort=4482
FirewallRules: [TCP Query User{BB619C23-5A2E-413B-8689-F0B8C9952A00}C:\portable program files\msg\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\portable program files\msg\skypeportable\app\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{DF4C2ADE-C060-4500-9C05-48684BE02DB0}C:\portable program files\msg\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\portable program files\msg\skypeportable\app\skype\phone\skype.exe No File
FirewallRules: [{69C55611-E8C5-4EB0-9315-0DBA0AD4A0F2}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{ACC4EFEA-F224-46A2-B2FA-B4D1AE2929C5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{CB17F21D-4110-469B-8103-EFD32DA4F380}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{B7B738EC-861B-4E84-A2E3-3A492788CCE8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{48522084-EB66-4CA8-8CF8-54448155AB5E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F344E7D2-10C0-49BA-AA68-6C0A4B29746A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{157959D6-1D39-43F6-86D1-C58930392CD9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E5BE19BB-D568-4159-ABCC-2441EA7DDAAA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9E20079-5963-4D5D-A159-8873F4B4A004}] => (Allow) LPort=51001
FirewallRules: [{2D88A4B8-537D-4EB1-89CD-35D7C086C4AD}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe (BlackBerry Ltd. -> )
FirewallRules: [{5975E934-291C-4D87-BBEE-B618F75399B3}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe (BlackBerry Ltd. -> BlackBerry Limited. All rights reserved)
FirewallRules: [TCP Query User{B4F7F1DE-E042-4936-8056-744A660845BF}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe (BlackBerry Ltd. -> BlackBerry Limited)
FirewallRules: [UDP Query User{454B83D7-43DA-4FA7-B24B-C7B6F098A569}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe (BlackBerry Ltd. -> BlackBerry Limited)
FirewallRules: [TCP Query User{873763AD-34CA-415E-8BC2-E89A4A5922ED}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe (BlackBerry Ltd. -> BlackBerry Limited)
FirewallRules: [UDP Query User{9CD42232-D5B6-4EDD-A209-10AC000F958A}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe (BlackBerry Ltd. -> BlackBerry Limited)
FirewallRules: [TCP Query User{B0322ADD-DDFC-4650-8D71-8BC08CB83843}C:\portable program files\inet\winhttrack_3.48-18_rev8\bin\winhttrack\winhttrack.exe] => (Block) C:\portable program files\inet\winhttrack_3.48-18_rev8\bin\winhttrack\winhttrack.exe (Open Source Developer, Xavier Roche -> HTTrack)
FirewallRules: [UDP Query User{E2B20840-55EE-472D-B3BF-4E482492DA9D}C:\portable program files\inet\winhttrack_3.48-18_rev8\bin\winhttrack\winhttrack.exe] => (Block) C:\portable program files\inet\winhttrack_3.48-18_rev8\bin\winhttrack\winhttrack.exe (Open Source Developer, Xavier Roche -> HTTrack)
FirewallRules: [{BFE91F25-39BD-493D-B176-67B41553ED0D}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe (APOWERSOFT LIMITED -> Apowersoft)
FirewallRules: [{798DA693-3288-4535-B055-7430C20EF39B}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe (APOWERSOFT LIMITED -> Apowersoft)
FirewallRules: [{A028EAFD-429E-4025-9DCB-04ACDACB27EF}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll () [File not signed]
FirewallRules: [{B73BDB23-5B98-4503-8D53-DD8C83A8170E}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll () [File not signed]
FirewallRules: [{AD330C0B-218B-4767-AE82-56E119736790}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll () [File not signed]
FirewallRules: [{A04D3D64-8869-4FC6-B91F-19069314759C}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll () [File not signed]
FirewallRules: [{02E55126-479A-4BCB-B252-6CAB2E3B9696}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll (APOWERSOFT LIMITED -> )
FirewallRules: [{C60BA495-AC36-4333-BDCE-AFD797E043EB}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll (APOWERSOFT LIMITED -> )
FirewallRules: [{775A4488-04F9-4280-B1E1-E1291F59DED9}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll (APOWERSOFT LIMITED -> )
FirewallRules: [{9E81C0A6-5FE0-4BA3-948F-9E0A1758BE2C}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll (APOWERSOFT LIMITED -> )
FirewallRules: [{4358C953-F11F-4740-B270-BCC54D258D23}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll (APOWERSOFT LIMITED -> )
FirewallRules: [{705DAFDD-E2D8-43B2-AEF1-CA5A436CC0EF}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll (APOWERSOFT LIMITED -> )
FirewallRules: [{6703B2D8-666F-4F00-96CB-54D555A9F495}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll (APOWERSOFT LIMITED -> Apowersoft)
FirewallRules: [{B1F8B121-748F-4F2C-A3A8-10656F8B9908}] => (Allow) C:\Program Files (x86)\VIDEO\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll (APOWERSOFT LIMITED -> Apowersoft)
FirewallRules: [TCP Query User{A19847BB-7071-445F-8BB6-42833E0CB59C}C:\program files (x86)\audio\stream what you hear\swyh.exe] => (Block) C:\program files (x86)\audio\stream what you hear\swyh.exe (Sebastien.warin.fr) [File not signed]
FirewallRules: [UDP Query User{68D4689E-A0D2-40D0-A41E-95EE56FCFF3D}C:\program files (x86)\audio\stream what you hear\swyh.exe] => (Block) C:\program files (x86)\audio\stream what you hear\swyh.exe (Sebastien.warin.fr) [File not signed]
FirewallRules: [TCP Query User{7A3941F6-6713-4B21-A936-E2F344877BC7}C:\program files (x86)\audio\stream what you hear\swyh.exe] => (Block) C:\program files (x86)\audio\stream what you hear\swyh.exe (Sebastien.warin.fr) [File not signed]
FirewallRules: [UDP Query User{C78E3762-3291-4065-A248-DF13ED0A075B}C:\program files (x86)\audio\stream what you hear\swyh.exe] => (Block) C:\program files (x86)\audio\stream what you hear\swyh.exe (Sebastien.warin.fr) [File not signed]
FirewallRules: [{A3C1A797-A089-436B-93FF-EC7C85C0BADE}] => (Allow) LPort=9098
FirewallRules: [{68B70A15-BAAF-499C-82A1-B53E33CB8028}] => (Allow) LPort=9098
FirewallRules: [{7A33D1EB-9D24-4AE5-AC91-91EB3D292026}] => (Allow) C:\Program Files (x86)\AnyTrans for Android\AnyTrans for Android.exe (iMobie Inc.) [File not signed]
FirewallRules: [{44C4D3B7-B7A4-49C5-AD58-DAC3B0EA4660}] => (Allow) C:\Program Files (x86)\AnyTrans for Android\AnyTrans for Android.exe (iMobie Inc.) [File not signed]
FirewallRules: [{897273A7-90AE-4EDD-8FF1-2CD28977DCB2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3517CF07-A1F0-44AB-8E3F-8BE9E746D616}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{55C4744E-1942-4D85-A839-480C21527E56}C:\portable program files\skype-portable\app\skype.exe] => (Allow) C:\portable program files\skype-portable\app\skype.exe No File
FirewallRules: [UDP Query User{DA0BBAA8-9EFB-4A22-B8DA-B1D472F5A5DD}C:\portable program files\skype-portable\app\skype.exe] => (Allow) C:\portable program files\skype-portable\app\skype.exe No File
FirewallRules: [TCP Query User{69E392CE-71CD-414A-BE81-C48A61641078}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{EF1B4E72-08CD-469C-9F41-6047C0C68671}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C6902763-EB62-42DD-B94B-AEFF7BE3562E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59034DE5-54B8-4127-9F6B-9D833FE12ADE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3FB034B8-67D3-411A-99FF-F7EA825E9559}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D8C1783-6F15-487C-9064-DA7C94118696}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DBA10FC7-ECF6-4FF2-89C7-E1B51353C615}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome ()
FirewallRules: [{57128726-465D-441A-A325-92C3077350B8}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome ()
FirewallRules: [TCP Query User{AEEB7905-C134-4F13-A748-EE711BCC3E40}C:\program files (x86)\inet\smartwizard discovery\smartwizard discovery.exe] => (Allow) C:\program files (x86)\inet\smartwizard discovery\smartwizard discovery.exe No File
FirewallRules: [UDP Query User{D32D294C-0BCF-4BAE-A115-DC8D69ECB976}C:\program files (x86)\inet\smartwizard discovery\smartwizard discovery.exe] => (Allow) C:\program files (x86)\inet\smartwizard discovery\smartwizard discovery.exe No File
FirewallRules: [{23710F1F-B22D-4044-B066-76FD5A2695BD}] => (Allow) LPort=53
FirewallRules: [{8E64158E-F2C8-4E9F-B5AC-AF80D8666670}] => (Allow) C:\PROGRA~2\REALTEK\USB Wireless LAN Utility\RtWlan.exe No File
FirewallRules: [{0071DC89-3929-4FAC-8253-63899C78B152}] => (Allow) LPort=1542
FirewallRules: [{4D4D0705-A90B-4E96-B11D-9A93B49CDF9B}] => (Allow) LPort=1542
FirewallRules: [{D92A567D-05A0-4DDD-91F6-448CAD6BCF68}] => (Allow) LPort=53
FirewallRules: [{9ECD8209-445C-461A-BB22-474C83079EA6}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe No File
FirewallRules: [{C93E8949-751B-48F5-AFA7-292933C47A53}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe No File
FirewallRules: [{4FAA097E-67D5-407A-A964-A440E180F84B}] => (Allow) C:\PROGRA~2\REALTEK\USB Wireless LAN Utility\Rtldhcp.exe No File
FirewallRules: [{E161D260-8BC1-4493-AD41-030596523016}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe No File
FirewallRules: [{0E3050FB-9718-4E9E-84C8-B42A872C2BC5}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe No File
FirewallRules: [{56F160F5-64F9-412B-A58D-10E3248E7B64}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe No File
FirewallRules: [{D4A48CA7-6116-4AA3-AB02-9192C7BEC536}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe No File

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-09-21] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.ULRA] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.ULRG] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.ULY0] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.ULY2] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.ULH0] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.ULH2] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.UQY2] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [msacm.dvacm_vspx8] => C:\Program Files\VIDEO\Corel VideoStudio Ultimate X8\DVACM.acm [23552 2015-01-28] (Corel TW Corp.) [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-09-21] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.ULRA] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.ULRG] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.ULY0] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.ULY2] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.ULH0] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.ULH2] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.UQY2] => C:\Windows\system32\utv_vcm.dll [111104 2016-01-10] () [File not signed]
HKLM\...\Drivers32: [msacm.pspgru] => C:\Windows\SysWOW64\pspgru.acm [401920 2010-03-22] (Philips Austria GmbH - Speech Processing) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [236544 2011-12-19] () [File not signed]
HKLM\...\Drivers32: [vidc.MPG4] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP42] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP43] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]

==================== Restore Points =========================

29-09-2019 14:23:36 Windows Update
30-09-2019 23:32:05 Installed NETGEAR WNDA3100v2 wireless USB 2.0 adapter
30-09-2019 23:32:45 Device Driver Package Install: NETGEAR Inc. Network Protocol
01-10-2019 00:10:02 Revo Uninstaller's restore point - NETGEAR WNDA3100v2 wireless USB 2.0 adapter
01-10-2019 00:11:14 Device Driver Package Install: NETGEAR Inc. Network Protocol
01-10-2019 00:11:32 Removed NETGEAR WNDA3100v2 wireless USB 2.0 adapter
01-10-2019 00:21:43 Installed Realtek Ethernet Diagnostic Utility
01-10-2019 00:21:51 Revo Uninstaller's restore point - 2.05.05
01-10-2019 20:30:01 Restore Point Created by FRST
02-10-2019 01:06:35 Revo Uninstaller's restore point - NetSurveyor 2.0.9686.0
02-10-2019 03:22:16 Installed BatchPurifier.
02-10-2019 03:30:38 Revo Uninstaller's restore point - BatchPurifier
02-10-2019 03:31:01 Removed BatchPurifier.
02-10-2019 14:31:44 Windows Update
03-10-2019 22:51:54 Pre-MSE Uninstall Attempt
05-10-2019 14:47:04 Installed Realtek USB Wireless LAN Driver
05-10-2019 14:47:19 Installed Realtek USB Wireless LAN Driver
05-10-2019 23:08:36 Installed ASUS USB Wireless Adapter Driver
06-10-2019 15:55:52 Configured Realtek USB Wireless LAN Driver

==================== Faulty Device Manager Devices =============

Name: Standard floppy disk controller
Description: Standard floppy disk controller
Class Guid: {4d36e969-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard floppy disk controllers)
Service: fdc
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2019 05:03:00 PM) (Source: Acronis Scheduler) (EventID: 1) (User: User3)
Description: Scheduler failed to run task  with GUID '1A7779C8-8294-4740-8160-E7D888EB3738' because of error 2 (Failed to find the file (folder) or the key (value) in the registry.).

Error: (10/07/2019 02:03:00 PM) (Source: Acronis Scheduler) (EventID: 1) (User: User3)
Description: Scheduler failed to run task  with GUID '1A7779C8-8294-4740-8160-E7D888EB3738' because of error 2 (Failed to find the file (folder) or the key (value) in the registry.).

Error: (10/07/2019 04:17:11 AM) (Source: Firefox) (EventID: 58) (User: )
Description: Event-ID 58

Error: (10/07/2019 02:30:43 AM) (Source: Firefox) (EventID: 58) (User: )
Description: Event-ID 58

Error: (10/07/2019 02:27:54 AM) (Source: Firefox) (EventID: 58) (User: )
Description: Event-ID 58

Error: (10/07/2019 02:26:40 AM) (Source: Firefox) (EventID: 58) (User: )
Description: Event-ID 58

Error: (10/07/2019 01:38:24 AM) (Source: Firefox) (EventID: 58) (User: )
Description: Event-ID 58

Error: (10/07/2019 01:35:25 AM) (Source: Firefox) (EventID: 58) (User: )
Description: Event-ID 58


System errors:
=============
Error: (10/07/2019 01:54:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (10/07/2019 01:52:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AcrSch2Svc service.

Error: (10/07/2019 01:22:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Error: (10/07/2019 01:22:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Error: (10/07/2019 01:21:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Error: (10/06/2019 10:58:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Error: (10/06/2019 10:06:57 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Error: (10/06/2019 10:06:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.


Windows Defender:
===================================
Date: 2019-10-03 22:55:04.884
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.16400.2
Previous Engine Version:1.1.8601.0
Update Source:User
Error Code:0x8050800c
Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2019-10-01 00:49:47.350
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\User1\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-01 00:49:47.240
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\User1\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-01 00:49:47.110
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\User1\Desktop\3942\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-01 00:49:47.000
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\User1\Desktop\3942\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-01 00:48:22.739
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\User1\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-01 00:48:22.629
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\User1\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-01 00:48:22.479
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\User1\Desktop\3942\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-01 00:48:22.379
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\User1\Desktop\3942\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1201 02/24/2010
Motherboard: ASUSTeK Computer INC. P6T
Processor: Intel® Core™ i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 38%
Total physical RAM: 12278.12 MB
Available physical RAM: 7500.76 MB
Total Virtual: 24554.38 MB
Available Virtual: 19444.31 MB

==================== Drives ================================

Drive c: (Win7) (Fixed) (Total:465.76 GB) (Free:165.97 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (MEDIA) (Fixed) (Total:1863.01 GB) (Free:154.34 GB) NTFS
Drive i: (GENERAL) (Fixed) (Total:1863.02 GB) (Free:14.88 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 68FA4FB7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: B55D94AC)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 59FFDD54)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

#42
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 963 posts
Hi phickspc,
 

DriverIdentifier 5.2


I personally don't recommend the use of system optimizing tools/registry cleaners/etc as they can cause more harm than good. See here.

Let me know if the problems with the Internet connection persist after the following fix:

---------------------------------------------------
Farbar Recovery Scan Tool - Fix
  • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
    Start::
    CreateRestorePoint:
    CMD: ipconfig /flushdns
    CMD: ipconfig /release
    CMD: ipconfig /renew
    CMD: netsh advfirewall reset
    CMD: netsh advfirewall set allprofiles state ON
    CMD: netsh winsock reset 
    CMD: netsh int ip reset c:\resetlog.txt
    CMD: netsh int ipv4 reset
    CMD: netsh int ipv6 reset
    CMD: Bitsadmin /Reset /Allusers
    Removeproxy:
    End::
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Fix button just once and wait.
    Note: No need to paste the script into FRST.
  • Restart the computer if prompted.
  • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
  • Please copy and paste its contents into your reply.
---------------------------------------------------

In your next reply, please include:
  • Fixlog.txt

  • 0

#43
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 369 posts

Sometimes I have issues and I cannot find a driver through google or manufacturer website because properly. I bought a wireless network adaptor to try to diagnose my network problems, but the software utility and network adaptor didn't connect to the usb dongle. So the seller asked me to update the driver and I couldn't find one. But I found Driver Identifier.

I read those articles on the page you posted. It says, there are some safe driver updaters. What driver updater do you recommend?

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-10-2019 01
Ran by User1 (09-10-2019 20:53:23) Run:3
Running from C:\Users\User1\Desktop
Loaded Profiles: User1 (Available Profiles: User3 & User2 & User1 & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CMD: ipconfig /flushdns
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winsock reset
CMD: netsh int ip reset c:\resetlog.txt
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: Bitsadmin /Reset /Allusers
Removeproxy:

*****************

Restore point was successfully created.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= ipconfig /release =========


Windows IP Configuration

No operation can be performed on Local Area Connection 6 while it has its media disconnected.
No operation can be performed on Local Area Connection 2 while it has its media disconnected.

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2a02:c7f:c42f:7600:8454:6e4b:ccea:8b9e
   IPv6 Address. . . . . . . . . . . : fd65:e21b:b303:0:8454:6e4b:ccea:8b9e
   Link-local IPv6 Address . . . . . : fe80::8454:6e4b:ccea:8b9e%22
   Default Gateway . . . . . . . . . : fe80::3e89:94ff:fe4d:7a41%22

Ethernet adapter Local Area Connection 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter isatap.Home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

========= End of CMD: =========


========= ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Local Area Connection 6 while it has its media disconnected.
No operation can be performed on Local Area Connection 2 while it has its media disconnected.

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : Home
   IPv6 Address. . . . . . . . . . . : 2a02:c7f:c42f:7600:8454:6e4b:ccea:8b9e
   IPv6 Address. . . . . . . . . . . : fd65:e21b:b303:0:8454:6e4b:ccea:8b9e
   Link-local IPv6 Address . . . . . : fe80::8454:6e4b:ccea:8b9e%22
   IPv4 Address. . . . . . . . . . . : 192.168.0.4
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::3e89:94ff:fe4d:7a41%22
                                       192.168.0.1

Ethernet adapter Local Area Connection 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter isatap.Home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

========= End of CMD: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


========= netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset c:\resetlog.txt =========

Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= netsh int ipv4 reset =========

There's no user specified settings to be reset.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1925592742-456944920-4000667399-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1925592742-456944920-4000667399-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


==== End of Fixlog 20:53:41 ====


Edited by phickspc, 09 October 2019 - 01:55 PM.

  • 0

#44
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 369 posts

Dupe post


Edited by phickspc, 09 October 2019 - 01:55 PM.

  • 0

#45
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 963 posts
Hi phickspc,

This article has some information about when you need to update your drivers: https://www.howtogee...e-your-drivers/

Does the issue with the Internet connection persist?
  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP