Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2019
Ran by User1 (administrator) on NIV (07-10-2019 17:44:48)
Running from C:\Users\User1\Desktop
Loaded Profiles: User1 (Available Profiles: User3 & User2 & User1 & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Portable Program Files\INET\FFx69\FirefoxPortable.exe" -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() [File not signed] C:\Program Files (x86)\INET\JDASTSpeedTest\JDAutoSpeedTester.exe
() [File not signed] C:\Program Files (x86)\INET\JDASTSpeedTest\JDNetMon.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Avid Technology, Inc. -> Avid Technology, Inc.) C:\Windows\SysWOW64\MAFWTray.exe
(BlackBerry Ltd. -> Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\MSG\LWS\Webcam Software\LWS.exe
(London Trust Media Incorporated -> ) C:\Program Files\Private Internet Access\pia-service.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae.exe
(Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae-svc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Portable Program Files\MSG\ThunderbirdPortable\App\Thunderbird\thunderbird.exe
(Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nlssrv32.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(pdfforge GmbH -> © pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(PeerBlock, LLC -> PeerBlock, LLC) C:\Portable Program Files\INET\PeerBlockPortable\App\PeerBlock\Modern64\peerblock.exe
(Rare Ideas LLC -> PortableApps.com) C:\Portable Program Files\MSG\ThunderbirdPortable\ThunderbirdPortable.exe
(Rare Ideas, LLC -> PortableApps.com) C:\Portable Program Files\INET\FFx69\FirefoxPortable.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\MAINTENANCE\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\MAINTENANCE\Unchecky\bin\unchecky_svc.exe
(Sebastien.warin.fr) [File not signed] C:\Program Files (x86)\AUDIO\Stream What You Hear\SWYH.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Skwire Empire) [File not signed] C:\Portable Program Files\UTILITIES\kLED\kLED.exe
(voidtools -> ) C:\Portable Program Files\UTILITIES\#SEARCH\Everything\Everything.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2314120 2009-06-01] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754728 2019-08-26] (Acronis International GmbH -> )
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Ltd. -> BlackBerry Limited)
HKLM-x32\...\Run: [M-Audio Taskbar Icon] => C:\Windows\SysWOW64\MAFWTray.exe [254256 2012-01-24] (Avid Technology, Inc. -> Avid Technology, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\WORK\NaturallySpeaking14\Ereg\Ereg.exe [325960 2014-05-30] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\MSG\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4861688 2015-03-19] (BlackBerry Ltd. -> BlackBerry Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae.exe [2480328 2019-09-25] (Malwarebytes Inc -> Malwarebytes Corporation)
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\Run: [EPSON Stylus D92 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBZE.EXE [213504 2007-10-05] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\Run: [PeerBlock] => C:\Portable Program Files\INET\PeerBlockPortable\App\PeerBlock\Modern64\peerblock.exe [2513992 2014-01-15] (PeerBlock, LLC -> PeerBlock, LLC)
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\Run: [StreamWhatYouHear] => C:\Program Files (x86)\AUDIO\Stream What You Hear\SWYH.exe [364032 2016-03-09] (Sebastien.warin.fr) [File not signed]
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\Run: [RIMDeviceManager] => C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2471672 2015-05-20] (BlackBerry Ltd. -> Research In Motion Limited)
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3681944 2019-09-05] (Invincea, Inc. -> Sandboxie Holdings, LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\Users\User3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kLED.exe.lnk [2016-02-28]
ShortcutTarget: kLED.exe.lnk -> C:\Portable Program Files\UTILITIES\kLED\kLED.exe (Skwire Empire) [File not signed]
Startup: C:\Users\User3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-12-22]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\WORK\Microsoft Office 2007\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kLED.lnk [2017-07-11]
ShortcutTarget: kLED.lnk -> C:\Portable Program Files\UTILITIES\kLED\kLED.exe (Skwire Empire) [File not signed]
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-02-10]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\WORK\Microsoft Office 2007\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-10-07]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ThunderbirdPortable.exe.lnk [2019-06-13]
ShortcutTarget: ThunderbirdPortable.exe.lnk -> C:\Portable Program Files\MSG\ThunderbirdPortable\ThunderbirdPortable.exe (Rare Ideas LLC -> PortableApps.com)
Startup: C:\Users\User2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-02-10]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\WORK\Microsoft Office 2007\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06AB1E5E-62D1-4BF4-A7CE-FE74445EE826} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {088B8578-F1E9-4E72-B263-4A2DA36BF64B} - System32\Tasks\{DB1241E9-6ECB-44CC-B724-7A04CD0810F6} => C:\Users\User2\AppData\Roaming\Microsoft\Installer\{9DAB307E-531F-4992-AB30-6F1AD39E6CF9}\_8C4C6DE2B4274D54DAD619.exe [10134 2016-02-07] () [File not signed]
Task: {0F111F3F-03AD-42E2-801A-466ECE4E1CB3} - System32\Tasks\{887C1110-C5ED-4E7C-A980-3C0B6D2DC06D} => C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe [111616 2010-12-13] (Microsoft Corporation) [File not signed]
Task: {2629DB97-6D20-4526-8B05-047350D4000F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B912585-4655-4633-93A6-032023931D84} - System32\Tasks\{36674DC5-28BC-4011-A06F-C94F7D70D3B7} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.18.85.112/en/abandoninstall?page=tsMain
Task: {2ED0EEF8-CBA1-4C74-B6AC-1D5658ED7C87} - System32\Tasks\{329C6536-59D9-4AB4-8D29-B034D57C5146} => C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe [111616 2010-12-13] (Microsoft Corporation) [File not signed]
Task: {46FD89D8-EFB5-4792-82BE-3F2508097C32} - System32\Tasks\{D99CFF2F-7BA6-47F7-BF46-ED68A4B0F8C6} => C:\Users\User2\AppData\Roaming\Microsoft\Installer\{9DAB307E-531F-4992-AB30-6F1AD39E6CF9}\_8C4C6DE2B4274D54DAD619.exe [10134 2016-02-07] () [File not signed]
Task: {49D5742A-B2D4-46F2-A1F8-9338B8F4AC63} - System32\Tasks\GoogleUpdateTaskMachineCore1cf826e5eb38d0d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-18] (Google Inc -> Google Inc.)
Task: {4DFB2ABE-F925-443A-80DA-7ACADA5FF4BA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F5F4CC2-1260-4254-A723-0F0AD2C018B8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {6475CF82-55CE-4557-9EA2-1667B462A02D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {68B5A1E7-A704-4EBF-9C68-B9B6C2B66A80} - System32\Tasks\G2MUploadTask-S-1-5-21-1925592742-456944920-4000667399-1008 => C:\Users\User1\AppData\Local\GoToMeeting\10996\g2mupload.exe [29736 2018-11-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {76312250-FAED-43D6-BB2B-93DA17A949BF} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2314120 2009-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {90F8A76C-A903-46E1-8F0E-3CD711B1ABFD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {9537870B-FB18-4BCC-A520-14365287A819} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-18] (Google Inc -> Google Inc.)
Task: {986FAA46-05C1-4BD4-96A2-94C22443135E} - System32\Tasks\{3362883A-034F-4055-96D0-908470C90366} => I:\VSTi Software\PIANO\pianitostudio.exe
Task: {9D8DD398-0EE4-4D2E-9B06-433F6D9E20DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe Inc. -> Adobe)
Task: {AD81F427-4F43-4202-8CD5-23F6F643F89E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {BBD2BE3E-1523-4863-B874-B71AEDCAA360} - System32\Tasks\{E8903C49-EF76-4257-A723-778ADD211C92} => C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe [111616 2010-12-13] (Microsoft Corporation) [File not signed]
Task: {D110944E-205A-4494-A573-B16F4B6B48D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-18] (Google Inc -> Google Inc.)
Task: {D3D1555C-4E38-459A-8473-471E23E21B0F} - System32\Tasks\G2MUpdateTask-S-1-5-21-1925592742-456944920-4000667399-1008 => C:\Users\User1\AppData\Local\GoToMeeting\10996\g2mupdate.exe [29736 2018-11-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {D7EC0C0C-1653-4558-8C4E-5249BA6A106A} - System32\Tasks\{20B784C2-3347-4E79-85C3-40CD3160C547} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.22.85.109/en/abandoninstall?page=tsMain
Task: {D8AE400C-FA2A-4336-A372-0E9E4C4700D6} - System32\Tasks\EPSON Perfection V39 Update => C:\Program Files (x86)\epson\escndv\update\e_dtsksd.exe [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {E745FB55-B09E-4D47-A320-5AF119314AB4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB5AE8B1-FFFF-4C83-B726-12AB536DB690} - System32\Tasks\{EFCB2B36-234C-446B-BD98-6595EF63956F} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.37.0.103/en/abandoninstall?page=tsMain
Task: {F0C7A64F-5252-4DF0-8594-C023D11063CE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-11] (Adobe Inc. -> Adobe)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\EPSON Perfection V39 Update.job => C:\Program Files (x86)\epson\escndv\update\e_dtsksd.exe7/EXE_S:EPSON Perfection V39,ES010D.DAT /F:UpdateUser1ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1925592742-456944920-4000667399-1008.job => C:\Users\User1\AppData\Local\GoToMeeting\10996\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1925592742-456944920-4000667399-1008.job => C:\Users\User1\AppData\Local\GoToMeeting\10996\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{238FBF41-957F-4B5C-B838-3AD6A3074AC5}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{D1F8491C-C9E1-4AB2-BB65-C5B0C96D4BD5}: [DhcpNameServer] 192.168.0.1
HKLM\System\...\Parameters\PersistentRoutes: [104.96.147.3,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [111.221.29.177,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [111.221.29.253,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [131.253.40.37,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.115.60,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.165.248,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.165.253,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.185.70,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.30.202,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [137.116.81.24,255.255.255.255,0.0.0.0,1]
PersistentRoutes: There are 65 PersistentRoutes.
Internet Explorer:
==================
HKU\S-1-5-21-1925592742-456944920-4000667399-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\WORK\NaturallySpeaking14\Program\x64\dgnriaie_x64.dll [2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\WORK\NaturallySpeaking14\Program\dgnriaie.dll [2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-12-01] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-02-10] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\WORK\NaturallySpeaking14\Program\x64\npDgnRia2_x64.dll [2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @jazz-soft.com/JazzPlugin -> C:\Program Files (x86)\AUDIO\Jazz-Soft.net\Jazz-Plugin\npJazz.dll [2017-04-03] (Jazz-Soft) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-05-22] (Research In Motion -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\WORK\NaturallySpeaking14\Program\npDgnRia2.dll [2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin HKU\S-1-5-21-1925592742-456944920-4000667399-1008: @citrixonline.com/appdetectorplugin -> C:\Users\User1\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-06-07] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-1925592742-456944920-4000667399-1008: @jazz-soft.com/JazzPlugin -> C:\Program Files (x86)\AUDIO\Jazz-Soft.net\Jazz-Plugin\npJazz.dll [2017-04-03] (Jazz-Soft) [File not signed]
StartMenuInternet: Firefox-1B7A9EB2B1C87FD9 - C:\Portable Program Files\INET\FFx69\App\Firefox\firefox.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AcronisOSSReinstallSvc; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2217416 2007-02-22] (Acronis, Inc -> )
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [236544 2012-04-06] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Ltd. -> BlackBerry Limited)
S3 cfbackd; C:\Program Files (x86)\DISK\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2015-09-25] (508 Software, LLC -> CleverFiles)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11634696 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [165440 2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 MbaeSvc; C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae-svc.exe [152264 2019-09-25] (Malwarebytes Inc -> Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S4 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [63488 2010-01-25] (Nalpeiron Ltd.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.)
R2 PrivateInternetAccessService; C:\Program Files\Private Internet Access\pia-service.exe [1073664 2019-08-26] (London Trust Media Incorporated -> )
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (BlackBerry Ltd. -> Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Ltd. -> BlackBerry Limited)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2019-10-06] (Realtek Semiconductor Corp -> )
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [328856 2019-07-12] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R2 Unchecky; C:\Program Files (x86)\MAINTENANCE\Unchecky\bin\unchecky_svc.exe [297240 2018-04-16] (Reason Software Company Inc. -> Reason Software Company Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11174400 2012-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [343040 2012-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [118184 2018-05-14] (Alcorlink Corp. -> )
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104984 2016-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11174400 2012-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 axefx2load; C:\Windows\System32\Drivers\axefx2load.sys [55600 2013-07-12] (Fractal Audio Systems -> Cypress Semiconductor)
S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [25088 2014-09-08] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry)
R3 bomebus; C:\Windows\System32\DRIVERS\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
R3 bomemidi; C:\Windows\System32\drivers\bomemidi.sys [50744 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
R1 ESProtectionDriver; C:\Program Files (x86)\MAINTENANCE\Malwarebytes Anti-Exploit\mbae64.sys [153312 2019-09-25] (Malwarebytes Corporation -> Malwarebytes)
S3 fasusbaudio; C:\Windows\System32\DRIVERS\fasusbaudio_x64.sys [254464 2014-05-16] (Fractal Audio Systems -> )
S3 fasusbaudioks; C:\Windows\System32\DRIVERS\fasusbaudioks_x64.sys [46080 2014-05-16] (Fractal Audio Systems -> )
R0 FlashBoot; C:\Windows\System32\DRIVERS\FlashBoot.sys [17616 2014-04-03] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2012-12-30] (Arainia Solutions, LLC -> Arainia Solutions LLC)
S3 hitmanpro36; C:\Windows\system32\drivers\hitmanpro36.sys [30496 2012-08-08] (SurfRight B.V. -> )
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation) [File not signed]
S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows ® Win 7 DDK provider)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated) [File not signed]
R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17136 2009-07-29] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 MAFW; C:\Windows\System32\DRIVERS\mafw.sys [235312 2012-01-24] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [140672 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2019-10-07] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation -> Malwarebytes Corporation)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
R3 mcdbus; C:\Windows\SysWOW64\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2019-09-27] (北京铠信神州科技有限责任公司 -> )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] (ASUSTeK Computer Inc. -> )
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 pbfilter; C:\Portable Program Files\INET\PeerBlockPortable\App\PeerBlock\Modern64\pbfilter.sys [22600 2014-01-15] (PeerBlock, LLC -> )
S3 RDID1053; C:\Windows\System32\Drivers\rdwm1053.sys [81792 2009-09-18] (Roland Corporation -> Roland Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [80384 2015-01-14] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry Limited)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7016816 2019-01-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [79144 2019-05-23] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [227296 2019-07-12] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 tap-pia-0901; C:\Windows\System32\DRIVERS\tap-pia-0901.sys [30208 2019-05-30] (Private Internet Access (London Trust Media Incorporated) -> The OpenVPN Project)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-02-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA64.sys [654720 2010-08-20] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM64.sys [943872 2010-08-20] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 athur; system32\DRIVERS\athurx.sys [X]
S3 MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [X]
S3 NANMp50; System32\Drivers\NANMp50.sys [X]
S3 NANSp50; System32\Drivers\NANSp50.sys [X]
S3 NPF; system32\DRIVERS\npf.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-07 17:44 - 2019-10-07 17:45 - 000040005 _____ C:\Users\User1\Desktop\FRST.txt
2019-10-07 17:15 - 2019-10-07 17:17 - 000000448 __RSH C:\Users\User1\ntuser.pol
2019-10-07 16:52 - 2019-01-23 03:16 - 000000711 ____H C:\Users\User1\Downloads\RdNow.lnk
2019-10-07 16:51 - 2019-01-21 14:40 - 000000647 ____H C:\Users\User1\Downloads\FilmTV.lnk
2019-10-07 15:54 - 2019-10-07 15:54 - 000000000 ____D C:\Users\User1\AppData\Roaming\jdnetmon
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\User1\Documents\Speed_Tester
2019-10-07 15:43 - 2019-10-07 15:54 - 000000000 ____D C:\Users\User1\AppData\Roaming\jdast
2019-10-07 04:43 - 2019-10-07 04:43 - 000000241 _____ C:\Users\User1\Desktop\AlwaysOpenPrivately.URL
2019-10-07 03:59 - 2019-10-07 17:46 - 000000000 ____D C:\Users\User1\AppData\Roaming\Thunderbird
2019-10-07 01:38 - 2019-10-07 01:38 - 000001448 _____ C:\Users\User1\Desktop\FFxUpd8d.lnk
2019-10-06 22:48 - 2019-10-06 22:48 - 000000865 _____ C:\Users\User1\Desktop\InetTrblsht.lnk
2019-10-06 03:03 - 2019-09-27 02:18 - 000000640 ____H C:\Users\User1\Downloads\aJunk19.lnk
2019-10-05 23:35 - 2019-10-05 23:35 - 000000406 _____ C:\Users\User1\Desktop\LAN.lnk
2019-10-05 23:32 - 2018-09-04 22:39 - 001081352 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2019-10-05 23:32 - 2018-09-04 22:39 - 000122896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2019-10-05 23:32 - 2018-09-04 22:39 - 000118856 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2019-10-05 23:08 - 2018-04-26 16:55 - 000006908 _____ C:\Windows\system32\Drivers\TXPWR_LMT.txt
2019-10-05 23:08 - 2018-04-26 16:55 - 000004664 _____ C:\Windows\system32\Drivers\PHY_REG_PG.txt
2019-10-05 23:08 - 2017-04-14 14:22 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\SysWOW64\Rtlihvs.dll
2019-10-05 23:08 - 2017-04-14 14:22 - 000451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2019-10-05 23:01 - 2019-10-05 23:01 - 000000000 ____D C:\Users\User1\AppData\Roaming\driveridentifier
2019-10-05 23:00 - 2019-10-05 23:14 - 000000000 ____D C:\Program Files (x86)\Driver Identifier
2019-10-05 15:12 - 2019-10-07 17:46 - 000000000 ____D C:\Users\User1\AppData\Roaming\Mozilla
2019-10-05 14:48 - 2019-10-05 14:48 - 000000000 ____D C:\Program Files (x86)\Cisco
2019-10-05 14:47 - 2019-10-06 15:55 - 000500736 _____ (Realtek) C:\Windows\SwUSB.exe
2019-10-05 14:47 - 2019-10-06 15:55 - 000044760 _____ () C:\Windows\runSW.exe
2019-10-05 14:47 - 2019-01-10 08:45 - 007016816 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlanu.sys
2019-10-05 14:47 - 2017-04-14 14:22 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2019-10-05 14:27 - 2019-10-05 14:27 - 000001768 _____ C:\Users\User1\Desktop\TBPort(NEW).lnk
2019-10-03 22:55 - 2019-10-03 22:55 - 000000000 ____D C:\Program Files\Microsoft Security Client
2019-10-03 22:55 - 2019-10-03 22:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2019-10-01 01:01 - 2019-10-01 01:01 - 000000000 ____D C:\temp
2019-10-01 01:01 - 2008-05-15 03:28 - 000026624 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\jswpslwfx.sys
2019-10-01 00:57 - 2019-10-01 00:57 - 000000000 ____D C:\Windows\pcidevice
2019-10-01 00:21 - 2019-10-07 01:21 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-10-01 00:21 - 2019-05-23 16:13 - 000079144 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam620.sys
2019-10-01 00:21 - 2019-05-23 15:55 - 000053848 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtVlan620.sys
2019-10-01 00:21 - 2019-05-23 15:47 - 000057432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtNdPt60.sys
2019-09-30 23:32 - 2011-07-22 10:33 - 000025056 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
2019-09-30 14:00 - 2019-09-30 14:00 - 000000000 ____D C:\Users\User1\AppData\Roaming\Skype
2019-09-29 16:00 - 2019-09-29 16:00 - 000001748 _____ C:\Users\User1\Desktop\MagicFeelings.lnk
2019-09-29 15:30 - 2019-09-29 15:30 - 000001028 _____ C:\Users\User1\Desktop\MMovie4k.lnk
2019-09-27 15:40 - 2019-09-27 15:40 - 000000849 _____ C:\Users\User1\Desktop\POffc.lnk
2019-09-27 14:16 - 2019-09-27 14:21 - 000066560 _____ C:\Windows\dm_batch.bak
2019-09-27 14:16 - 2019-09-27 14:21 - 000000096 _____ C:\Windows\dm.dmap
2019-09-27 14:15 - 2019-09-27 14:15 - 000733080 _____ C:\Windows\system32\ndw-fre.exe
2019-09-27 14:15 - 2019-09-27 14:15 - 000021208 _____ C:\Windows\system32\MDA_NTDRV.sys
2019-09-27 13:00 - 2019-09-27 13:00 - 000000516 _____ C:\Users\User1\Desktop\¶-7QG.URL
2019-09-27 00:37 - 2019-09-27 00:37 - 000000000 ____D C:\ProgramData\Office Genuine Advantage
2019-09-27 00:37 - 2019-09-27 00:37 - 000000000 ____D C:\MGADiagToolOutput
2019-09-26 17:54 - 2019-09-26 17:58 - 000000000 ____D C:\Users\Public\Documents\HostsMan Backups
2019-09-26 17:54 - 2019-09-26 17:58 - 000000000 ____D C:\ProgramData\Documents\HostsMan Backups
2019-09-26 17:54 - 2019-09-26 17:54 - 000000000 ____D C:\Users\User1\AppData\Roaming\abelhadigital.com
2019-09-26 17:54 - 2019-09-26 17:54 - 000000000 ____D C:\ProgramData\abelhadigital.com
2019-09-26 16:03 - 2019-09-26 16:03 - 000000000 ____D C:\Users\User1\AppData\Local\TileDataLayer
2019-09-26 16:03 - 2019-09-26 16:03 - 000000000 ____D C:\Users\User1\AppData\Local\Packages
2019-09-26 16:03 - 2019-09-26 16:03 - 000000000 ____D C:\ProgramData\USOPrivate
2019-09-26 14:04 - 2019-09-26 14:04 - 000000000 ___RD C:\Users\User1\Documents\Scanned Documents
2019-09-26 14:04 - 2019-09-26 14:04 - 000000000 ____D C:\Users\User1\Documents\Fax
2019-09-26 13:53 - 2019-09-26 13:53 - 000000000 ____D C:\Program Files\Bonjour
2019-09-26 13:53 - 2019-09-26 13:53 - 000000000 ____D C:\Program Files (x86)\Bonjour
2019-09-26 13:52 - 2019-09-26 18:12 - 000000000 ____D C:\ProgramData\Acronis
2019-09-18 15:06 - 2019-10-07 17:44 - 001615872 _____ (Farbar) C:\Users\User1\Desktop\FRST64.exe
2019-09-18 00:26 - 2019-09-18 00:26 - 000000224 _____ C:\Users\User1\Desktop\Toilets.URL
2019-09-16 01:26 - 2019-09-16 01:26 - 000001115 _____ C:\Users\User1\Desktop\D-d.lnk
2019-09-09 20:32 - 2019-09-09 20:32 - 000000355 _____ C:\Users\User1\Desktop\Recycl.lnk
2019-09-09 20:32 - 2019-09-09 20:32 - 000000355 _____ C:\Users\User1\Desktop\Computr.lnk
2019-09-09 13:56 - 2019-09-09 13:56 - 000001794 _____ C:\Users\User1\Desktop\AE.lnk
2019-09-08 22:55 - 2019-09-08 22:55 - 000000953 _____ C:\Users\User1\Desktop\Dwhelper.lnk
2019-09-07 22:49 - 2019-09-07 22:49 - 000000091 _____ C:\Users\User1\Desktop\BestKRadios.url
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-07 17:45 - 2018-09-23 15:13 - 000000000 ____D C:\FRST
2019-10-07 17:21 - 2018-02-22 18:36 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2019-10-07 17:17 - 2016-02-07 22:22 - 000000000 ____D C:\Users\User1
2019-10-07 17:15 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-10-07 17:10 - 2016-06-07 16:10 - 000000550 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1925592742-456944920-4000667399-1008.job
2019-10-07 17:01 - 2009-07-14 06:13 - 000782510 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-07 17:01 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-10-07 16:51 - 2016-02-19 17:00 - 000000913 _____ C:\Windows\Tasks\EPSON Perfection V39 Update.job
2019-10-07 15:43 - 2016-02-08 17:37 - 000000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\INET
2019-10-07 15:43 - 2013-08-19 23:41 - 000000000 ____D C:\Program Files (x86)\INET
2019-10-07 14:53 - 2016-04-29 15:45 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2019-10-07 14:01 - 2009-07-14 05:45 - 000025568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-07 14:01 - 2009-07-14 05:45 - 000025568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-07 13:52 - 2016-05-26 14:28 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-07 13:52 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-07 01:35 - 2019-05-16 19:25 - 000009552 _____ C:\Windows\Sandboxie.ini
2019-10-07 01:20 - 2016-02-08 17:37 - 000000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MAINTAIN
2019-10-06 16:59 - 2018-12-18 01:29 - 000000000 ____D C:\Users\User1\Documents\OneNote
2019-10-06 04:06 - 2009-10-27 13:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-10-06 01:37 - 2009-10-25 13:06 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-05 23:08 - 2009-07-14 03:34 - 000000564 _____ C:\Windows\win.ini
2019-10-05 22:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-10-05 21:37 - 2009-07-14 06:08 - 000032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-10-05 14:58 - 2016-02-14 19:43 - 000000000 ____D C:\Users\User1\AppData\Local\CrashDumps
2019-10-05 13:17 - 2019-05-17 17:16 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-05 13:16 - 2011-05-29 10:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-05 02:52 - 2016-02-15 16:51 - 000000000 ____D C:\Portable Program Files
2019-10-04 17:36 - 2016-02-11 00:53 - 000168306 _____ C:\ads_err.adt
2019-10-04 03:17 - 2016-03-17 20:26 - 000000000 ____D C:\Users\User1\dwhelper
2019-10-03 23:03 - 2016-02-08 17:36 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UTILITIES
2019-10-03 22:56 - 2012-02-22 19:20 - 000001945 _____ C:\Windows\epplauncher.mif
2019-10-02 03:31 - 2016-01-18 16:42 - 000000000 ____D C:\Program Files (x86)\MAINTENANCE
2019-10-01 03:05 - 2016-02-09 18:37 - 000000000 ____D C:\Program Files\7-Zip
2019-09-30 23:15 - 2016-02-07 22:29 - 000000000 ____D C:\Users\User1\AppData\Local\ElevatedDiagnostics
2019-09-30 00:54 - 2016-02-20 15:55 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSG
2019-09-29 01:59 - 2017-11-22 20:33 - 000000000 ___RD C:\Users\User1\Desktop\BB&id
2019-09-27 17:06 - 2018-12-10 03:15 - 000000000 ____D C:\Program Files\Recuva
2019-09-27 13:58 - 2018-02-22 17:38 - 000000000 ____D C:\Program Files\MAINTENANCE
2019-09-27 00:25 - 2016-02-14 23:59 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-09-27 00:23 - 2016-02-06 23:02 - 000000000 ____D C:\Users\User2\AppData\LocalLow\Temp
2019-09-27 00:23 - 2010-03-24 15:39 - 000000000 ____D C:\Users\User3\AppData\LocalLow\Temp
2019-09-27 00:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-09-26 17:57 - 2009-07-14 03:34 - 000007106 _____ C:\Windows\system32\Drivers\etc\HOSTS.bak
2019-09-26 17:18 - 2019-05-19 16:42 - 000000000 ____D C:\Program Files\Sandboxie
2019-09-26 16:53 - 2016-02-08 17:36 - 000000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VIDEO
2019-09-26 16:52 - 2016-02-08 17:37 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NOTATION
2019-09-26 16:48 - 2018-10-06 20:14 - 001265960 _____ C:\Users\User1\AppData\Local\GDIPFONTCACHEV1.DAT
2019-09-26 16:26 - 2016-02-13 22:22 - 000000000 ____D C:\Users\User1\AppData\Roaming\HandBrake
2019-09-26 16:16 - 2016-02-10 23:28 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BIZ
2019-09-26 16:15 - 2016-02-09 18:48 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMG
2019-09-26 16:15 - 2016-02-08 17:37 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AUDIO
2019-09-26 16:14 - 2016-02-08 17:37 - 000000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAWs
2019-09-26 16:07 - 2009-10-25 23:42 - 000001024 _____ C:\Windows\demdata.txt
2019-09-26 16:05 - 2009-10-25 23:32 - 000000000 ____D C:\Program Files (x86)\Native Instruments
2019-09-26 14:05 - 2018-03-26 23:48 - 000000000 ____D C:\Users\User1\AppData\Roaming\Thinstall
2019-09-26 14:03 - 2009-10-26 12:17 - 000000000 ____D C:\Program Files (x86)\Guitar Pro 5
2019-09-26 13:53 - 2012-02-25 12:54 - 000371144 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2019-09-16 00:01 - 2018-09-04 01:43 - 000000000 ____D C:\Users\User1\AppData\Local\SquirrelTemp
2019-09-13 23:09 - 2012-02-22 19:19 - 000766376 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-09-13 01:53 - 2016-02-07 22:30 - 000023636 _____ C:\Users\User1\Documents\Layout 1280 x 1024.dtr
2019-09-13 01:51 - 2016-02-07 22:39 - 000001696 _____ C:\Users\User1\Desktop\Gtr,Kar.lnk
2019-09-13 01:47 - 2016-02-07 22:39 - 000000615 _____ C:\Users\User1\Desktop\Aud.lnk
2019-09-13 01:42 - 2018-07-03 22:23 - 000000868 _____ C:\Users\User1\Desktop\InetCafes.lnk
2019-09-11 20:45 - 2018-01-29 14:04 - 000000904 _____ C:\Users\User1\Desktop\Music#NOW.lnk
2019-09-11 13:38 - 2018-03-13 19:44 - 000004456 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-11 13:38 - 2016-07-16 13:03 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-09-11 13:38 - 2012-08-08 17:04 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-09-11 13:38 - 2012-08-08 17:04 - 000000000 ____D C:\Windows\system32\Macromed
2019-09-11 13:38 - 2012-02-12 14:09 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-10 02:03 - 2018-10-04 23:10 - 000022976 _____ C:\Users\User2\Documents\Layout 1280 x 1024.dtr
2019-09-09 13:56 - 2019-07-10 20:37 - 000001618 _____ C:\Users\User1\Desktop\FixShortcts.lnk
2019-09-09 13:55 - 2019-07-12 14:42 - 000013025 _____ C:\Users\User1\Desktop\ShortctMan.lnk
2019-09-09 02:27 - 2019-01-23 03:27 - 000001045 _____ C:\Users\User1\Desktop\Hoods.lnk
2019-09-08 20:59 - 2019-03-15 01:22 - 000000694 _____ C:\Users\User1\Desktop\GTAV100%.lnk
2019-09-08 20:02 - 2016-01-18 17:24 - 000000000 ____D C:\Program Files (x86)\UTILITIES
==================== Files in the root of some directories ================
2009-10-26 11:48 - 2009-10-26 11:48 - 000000604 ____H () C:\Program Files (x86)\STLL Notifier
2016-02-07 22:30 - 2010-04-17 16:14 - 000000052 _____ () C:\Users\User1\AppData\Roaming\Culture Prefs
2016-08-29 16:06 - 2016-08-29 16:06 - 000000112 _____ () C:\Users\User1\AppData\Roaming\JP2K CS6 Prefs
2016-02-11 00:49 - 2019-05-14 22:01 - 000005852 _____ () C:\Users\User1\AppData\Roaming\Rim.Desktop.Exception.log
2016-02-11 00:49 - 2016-03-19 22:56 - 000006217 _____ () C:\Users\User1\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2016-02-11 00:49 - 2019-05-14 22:01 - 000005852 _____ () C:\Users\User1\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-02-21 20:26 - 2016-11-17 22:59 - 000001475 _____ () C:\Users\User1\AppData\Roaming\SAS7_000.DAT
2016-02-18 01:11 - 2016-02-18 01:11 - 000000096 _____ () C:\Users\User1\AppData\Roaming\version2.xml
2016-02-10 15:22 - 2012-02-26 20:40 - 000037814 _____ () C:\Users\User1\AppData\Roaming\Microsoft\MSO1033.acl
2016-02-10 15:22 - 2014-03-14 23:09 - 000000110 _____ () C:\Users\User1\AppData\Roaming\Microsoft\MSO2057.acl
2016-02-10 15:22 - 2016-01-24 21:29 - 000000030 _____ () C:\Users\User1\AppData\Roaming\Microsoft\MSO3081.acl
2019-07-08 00:57 - 2017-07-16 14:49 - 000000218 _____ () C:\Users\User1\AppData\Local\recently-used.xbel
2016-02-07 22:29 - 2018-01-15 17:09 - 000007603 _____ () C:\Users\User1\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-09-30 15:12
==================== End of FRST.txt ============================