Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Threats detected by windows security [Closed]


  • This topic is locked This topic is locked

#1
inventor24

inventor24

    Member

  • Member
  • PipPip
  • 10 posts

When I logged on to my computer this morning 3 threats were detected overnight.

2 of the threats were quarantined but 1 was not.

All 3 are the same...Trojan:Win64/Spyboy!MSR

 

Everything seems to be running fine

 

I ran Malwarebytes and it cleaned some issues (not sure what they were) and it showed I was clean.

Windows defender still showed that Trojan:Win64/Spyboy!MSR was detected and I can't quarantine or delete it.

 

I then ran Combo Cleaner,

As I was running Combo Cleaner, Windows Defender started detecting all kinds of threats.

Most were blocked or quarantined, but some show as "Remediation incomplete"

Trojan:Script/Wacatac.B!ml

Trojan:Win32/BruteRatel!ml

Trojan:Win32/BruteRatel!ml

Trojan:HTML/Phish.SMA

Ransom:Win32/Play!ml

Trojan:Script/Wacatac.B!ml

Trojan:JS/Phish.ZSM!MTB

 

Help would be greatly appreciated!

Attached Files


  • 0

Advertisements


#2
inventor24

inventor24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-07-2023 01
Ran by Tony (administrator) on GAGE24 (Gigabyte Technology Co., Ltd. X399 AORUS PRO) (26-07-2023 08:14:23)
Running from \\GBSERVER\RedirectedFolders\Tony\Desktop\FRST64.exe
Loaded Profiles: Tony
Platform: Microsoft Windows 10 Pro Version 21H2 19044.3086 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Autodesk, Inc. -> Autodesk) C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe
(C:\Program Files (x86)\EPSON Software\PMA_A\PMAService.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMA.exe
(C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe ->) (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\3DxService.exe ->) (3DCONNEXION SAM -> 3Dconnexion) C:\Program Files (x86)\3Dconnexion\3DxWare\3DxNLServer\bin\3dxnlserver.exe
(C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\3DxService.exe ->) (3DCONNEXION SAM -> 3Dconnexion) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\3dxpiemenus.exe
(C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\3DxService.exe ->) (3DCONNEXION SAM -> 3Dconnexion) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\3DxVirtualLCD.exe
(C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\ui-launcher\AdskAccessUIHost.exe <4>
(C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdskIdentityManager\1.9.18.0\AdskIdentityManager.exe
(C:\Program Files\Autodesk\AdskIdentityManager\1.9.18.0\AdskIdentityManager.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk AdSSO\AdSSO.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.183\msedgewebview2.exe <7>
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(explorer.exe ->) (3DCONNEXION SAM -> 3Dconnexion, INC) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\3DxService.exe
(explorer.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <14>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\tony\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Safer-Networking Ltd.) [File not signed] D:\Program File\Spybot - Search & Destroy\TeaTimer.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
(HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP DesignJet Utility\DesignJet Utility\HPDesignJetUtility.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) () [File not signed] C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
(services.exe ->) (3DCONNEXION SAM -> 3Dconnexion) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\Mgl3DCtlrRPCService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.1.0.5629\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2020\Moldflow\bin\mitsijm.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\Creative.UWPRPCService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe
(services.exe ->) (Mitsubishi Electric Corporation) [File not signed] D:\Program File\MSF\Common\MMS\MMSserve.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMAService.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Timetec Computing Sdn. Bhd.) [File not signed] C:\Program Files (x86)\FingerTec\FingerTec TCMS V3\TCMS V3\TCMSv3Service.exe
(svchost.exe ->) (3DCONNEXION SAM -> 3Dconnexion) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\3DxProfileServer.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2305.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235944 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [3DxWare Service] => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\3DxService.exe [2204312 2022-10-06] (3DCONNEXION SAM -> 3Dconnexion, INC)
HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe [18088224 2023-05-02] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2011-10-12] (Intel Corporation) [File not signed]
HKLM-x32\...\Run: [RunPUMonitor] => C:\Program Files (x86)\HP\HP DesignJet Utility\DesignJet Utility\HPDesignJetUtility.exe [515048 2020-05-19] (HP Inc. -> HP Development Company, L.P.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [File not signed]
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [670824 2020-12-08] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [896104 2020-12-08] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [3738160 2022-06-29] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [138214768 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [] 1
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKU\S-1-5-21-2342451961-4240078405-2464669458-1000\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2607520 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2342451961-4240078405-2464669458-1018\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2607520 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2342451961-4240078405-2464669458-1018\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2607520 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\Run: [SpybotSD TeaTimer] => D:\Program File\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation) [File not signed]
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2607520 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26363208 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\Run: [EPSDNMON] => C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\Run: [BingSvc] => C:\Users\tony\AppData\Local\Microsoft\BingSvc\BingSvc.exe [6638496 2022-09-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10087784 2022-10-12] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\Run: [MicrosoftEdgeAutoLaunch_3B0495682C50FA578830674FBE201E82] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088272 2023-07-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpipp122: C:\Windows\System32\spool\prtprocs\x64\hpipp122.dll [663552 2012-05-03] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\hpipp124: C:\Windows\System32\spool\prtprocs\x64\hpipp124.dll [636416 2012-10-13] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\hpippbob: C:\Windows\System32\spool\prtprocs\x64\hpippbob.dll [635904 2015-01-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpippE58: C:\Windows\System32\spool\prtprocs\x64\hpippE58.dll [1116672 2018-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\HPZPP4wm: C:\Windows\System32\spool\prtprocs\x64\hpzpp4wm.DLL [231424 2007-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\ssk5mPC: C:\Windows\System32\spool\prtprocs\x64\ssk5mpc.dll [43520 2014-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\XeroxV5Print: C:\Windows\System32\spool\prtprocs\x64\x5print.dll [11264 2013-10-28] (Microsoft Windows Hardware Compatibility Publisher -> Xerox Corporation)
HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\WINDOWS\system32\cpwmon64.dll [87152 2012-10-04] (Acro Software Inc -> )
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\HP Language Monitor: C:\WINDOWS\system32\hpltlm5.dll [15360 2011-11-18] (Hewlett-Packard Corporation, Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\KM Language Monitor: C:\WINDOWS\system32\KMPJL64.DLL [108024 2018-09-14] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.)
HKLM\...\Print\Monitors\KX Language Monitor: C:\WINDOWS\system32\KXPLM64.DLL [134784 2018-09-11] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.)
HKLM\...\Print\Monitors\ssk5m Langmon: C:\WINDOWS\system32\ssk5mlm.dll [22528 2015-06-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{28B89EEF-3007-0000-7102-CF3F3A09B77D}] -> msiexec /fus {28B89EEF-3007-0000-7102-CF3F3A09B77D}
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.248\Installer\chrmstp.exe [2023-07-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
HKLM\Software\...\Winlogon\GPExtensions: [{6490DB9D-2802-4956-BCCB-EC84EA0887BB}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{D7300225-081C-4CED-9FAD-BFCF9EC3D1D3}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-12-10]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
Task: {1EEC76A0-4616-4551-B4E8-9EA640E8098E} - System32\Tasks\{720CED58-A30C-47A5-8206-FF7F9273344A} => C:\Windows\system32\pcalua.exe [53760 2023-07-26] (Microsoft Windows -> Microsoft Corporation) -> -a C:\ISTS\EvoERPsetup.exe -d C:\ISTS
Task: {E72A8CC9-0E9E-4A77-80B3-FB788A36FAD3} - System32\Tasks\{B582A934-D80D-41F8-A911-E81F34925D90} => C:\Windows\system32\pcalua.exe [53760 2023-07-26] (Microsoft Windows -> Microsoft Corporation) -> -a E:\Setup.exe -d E:\
Task: {108E825D-D642-4C51-8DED-8FCDF5433B55} - System32\Tasks\{D5B8D574-3ABE-463A-A671-214E14A6982E} => C:\Windows\system32\pcalua.exe [53760 2023-07-26] (Microsoft Windows -> Microsoft Corporation) -> -a D:\Temp\HijackThis.exe -d \\GBSERVER\RedirectedFolders\tony\Desktop
Task: {C1AAB4CB-AF81-416B-9BAD-4A1DEAED380A} - System32\Tasks\3DconnexionCreateProcess_3DxSRV.EXE => C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3DxSRV.EXE  (No File)
Task: {4EC3FCC7-EBFE-4E58-87BD-66092BC44F8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {74CA9D6C-14E8-439A-9A6A-55D54A6C56EE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {BF3AF17C-737D-49B3-888D-25EAE6F03C16} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {96E526A1-4778-4299-95A9-583582DB216B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {3B4937A1-82FE-424B-870A-CC608F737FCF} - System32\Tasks\DolbySelectorTask => %ProgramFiles%\Dolby Digital Plus\ddp.exe  -autostart (No File)
Task: {C8EF00C2-E375-4F5C-B891-2C7861402AC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-30] (Google Inc -> Google Inc.)
Task: {97F6107B-2743-4204-AFFD-3B1E9CA0CEC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-30] (Google Inc -> Google Inc.)
Task: {51F163F2-E655-4047-AC46-DF144CCD34C3} - System32\Tasks\Insight Update => C:\ProgramData\Stratasys\Check For Updates\InsightUpdater.exe [465408 2017-06-21] (Stratasys, Inc.) [File not signed]
Task: {E0CAE0C3-07C7-44B5-B37F-DF1C56A7D68D} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe  Scan -ScheduleJob -RestrictPrivileges (No File)
Task: {3546714A-370D-4215-8FF1-525024DE95A8} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe  -IdleTask -TaskName MpIdleTask (No File)
Task: {EAD69017-A57F-48ED-A5A2-98F22F24A55D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616832 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2A0790A-1290-4783-91AF-5B4DEF5D432F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616832 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {31E40D0C-D471-49F6-AA16-0ECE8B66B1C1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {134F778A-6782-4376-8155-347085CA9E7D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D93EE6C9-F847-4CF2-9158-C0A189A05ABD} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [164752 2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {55CA5CDA-88A2-4ABB-9450-79FE617358D5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {324F6796-98BF-443F-A07B-E2756FE1F25E} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-06-01] (Microsoft Windows -> Microsoft Corporation)
Task: {0F536AD5-1E2B-4E07-8E04-48FB133E1453} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-06-01] (Microsoft Windows -> Microsoft Corporation)
Task: {102657E7-3F31-42AE-8118-BD0DFA3701D7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe  /DoActivateWindowsSearch (No File)
Task: {CBC08BCB-5376-46E6-9616-EC40F1DF709A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe  /DoConfigureInternetTimeService (No File)
Task: {085CA94D-CE20-4BEE-A0FD-A9352B869982} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe  /DoRecoveryTasks $(Arg0) (No File)
Task: {B9BADE7E-E8D7-4C4F-A9E6-48B5B6731D3A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe  /DRMInit (No File)
Task: {EF5ADF57-1F51-4FF1-BD46-4AF652844B24} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe  /InstallPlayReady $(Arg0) (No File)
Task: {3EE00FDC-86A8-46DA-AF9D-58D672F70055} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate  $(Arg0) (No File)
Task: {615C58CF-7278-4042-BEA3-A5F35B7DD7EB} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe  -MediaCenterRecoveryTask (No File)
Task: {7B6C1E23-B44E-47AF-BF63-E4DDBD416BE4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe  -ObjectStoreRecoveryTask (No File)
Task: {32FF2C9A-3226-499E-9DE8-08C8D09A937B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe  /OCURActivate (No File)
Task: {8EC8D116-EDB4-47C2-B04D-F8AC88295FCF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe  /OCURDiscovery $(Arg0) (No File)
Task: {F0032791-C9E0-4B31-A0CB-61E7B3F34D70} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe  /PBDADiscovery (No File)
Task: {4223ED89-D08E-449D-B13F-6171EAA77B25} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe  /wait:7 /PBDADiscovery (No File)
Task: {9CEC3EEC-7A81-4E04-B654-A4381FC20D16} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe  /wait:90 /PBDADiscovery (No File)
Task: {EBFC1F0A-DC8C-485F-B6DB-6C744CE1B321} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe  -pscn 0 (No File)
Task: {5AFCF829-36E4-4526-ABB6-06DB4BA472F4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe  -PvrRecoveryTask (No File)
Task: {D9C176F7-033E-41ED-801D-BF47984BA6B1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe  -PvrSchedule (No File)
Task: {35C2E39D-7102-477E-8031-4A1475FBBDA7} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec  /RestartRecording (No File)
Task: {FF9D7F0D-0269-4DD5-ACFB-DD2B371974E4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe  /DoRegisterSearch $(Arg0) (No File)
Task: {CB6F25E2-9DD5-4475-8BF4-4F250FA80269} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe  /DoReindexSearchRoot (No File)
Task: {62547097-4FC3-44C1-9A0F-761094B13A89} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe  -SqlLiteRecoveryTask (No File)
Task: {AE69C06D-4DBC-4C63-BF73-15E2C51CA3BD} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe  /DoUpdateRecordPath $(Arg0) (No File)
Task: {84E62965-F24B-493C-8805-F2ED4EA93EA4} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {450898E3-AD8F-45A4-AEAE-8BD095A56441} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B7AE8D71-A5D1-48CF-BC87-EA20C506CBA6} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {6BF375E2-2349-468C-8721-42ACDA4FD5E9} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {1778B779-2121-4240-8515-4547F5E8355F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {44DBB2A6-AD3D-4E5A-8BBD-E7A2F717B443} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F74AF31-6381-40EF-8184-505CCEEE66BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9CEAB85A-9094-4C4D-B8D0-BBA1273C3370} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A70136F1-B1CE-4FD8-B7E9-AD61BA75DAA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6505B890-BB48-4E37-91F9-7213A58F112E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2022-09-30] (Mozilla Corporation -> Mozilla Foundation)
Task: {60C81CF0-994B-494E-B7CF-145D9A92A1A8} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2096064 2018-01-13] (NVIDIA Corporation -> )
Task: {8A8B8CAA-1D18-4F24-A73D-4A94F997C50A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {60269885-3572-43E3-BAC8-BF3B37677010} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2342451961-4240078405-2464669458-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A627A566-BAC3-4E09-AB6F-3808D8B20D4E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2342451961-4240078405-2464669458-1018 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6AEB956-4971-4A0E-8319-182A047536D6} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-1138 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {47CA7DAA-406F-421D-99A3-19833919F358} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-1234 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {435712FB-A3A3-46B6-8081-161CD0FA5414} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-1239 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E7D0470-B2BD-4CF0-84E9-DE163760D5AF} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-1676 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7C0AB6A-60DA-4CE7-9CD0-0F8459B5B0ED} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-1697 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEFFC5DB-7C6D-47C0-AB3A-F0377CD735CB} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-2124 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {09C0CA34-FC75-4599-81E1-976C2273C0A8} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D69D569-5294-4BE6-904F-C6D5CFC39014} - System32\Tasks\Stratasys Update Manager Updater => C:\ProgramData\Stratasys\Stratasys Updater\Check For Updates\StratasysUpdateManagerUpdater.exe [489472 2013-10-24] (Stratasys, Inc.) [File not signed]
Task: {9B3EE84A-8117-4E68-ACFD-7D2B5B1EB0DD} - System32\Tasks\Stratasys Updater => C:\Program Files\Stratasys\Stratasys Updater\nt\StratasysUpdater.exe [1161584 2017-06-19] (Stratasys Inc -> Stratasys, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.251
Tcpip\..\Interfaces\{280a0e8b-4635-496c-b151-b1e822239798}: [DhcpNameServer] 192.168.1.251
 
Edge: 
=======
DownloadDir: C:\Users\tony\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\tony\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-26]
Edge Notifications: Default -> hxxps://meet.google.com
Edge Extension: (Edge relevant text changes) - C:\Users\tony\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-25]
 
FireFox:
========
FF DefaultProfile: xkqb43t7.default
FF ProfilePath: C:\Users\tony\AppData\Roaming\Mozilla\Firefox\Profiles\xkqb43t7.default [2023-07-20]
FF Homepage: Mozilla\Firefox\Profiles\xkqb43t7.default -> hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
FF NewTab: Mozilla\Firefox\Profiles\xkqb43t7.default -> about:newtab
FF SearchPlugin: C:\Users\tony\AppData\Roaming\Mozilla\Firefox\Profiles\xkqb43t7.default\searchplugins\yahoo-avast.xml [2017-09-13]
FF Plugin: @3ds.com/3dxml -> C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin\NP3DXMLPlugin.dll [2017-11-07] (Dassault Systemes SE -> )
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @3ds.com/3dxml -> C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin32\NP3DXMLPlugin.dll [2013-07-10] (DASSAULT SYSTEMES SA -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll [2012-08-08] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-13] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-13] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> D:\Program Files\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
 
Chrome: 
=======
CHR Profile: C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default [2023-07-26]
CHR Notifications: Default -> hxxps://www.cheaperthandirt.com; hxxps://www.thesun.co.uk
CHR Extension: (3Dconnexion extension for Google Chrome) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoclejgjkallknknpdaadeeecnajhmhl [2022-11-15]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-24]
CHR Extension: (Google Docs Offline) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-27]
CHR HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [aoclejgjkallknknpdaadeeecnajhmhl]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18099056 2021-05-07] (Autodesk, Inc. -> Autodesk)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-17] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [10539808 2023-05-20] (Autodesk, Inc. -> Autodesk, Inc.)
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2012-10-01] (Autodesk, Inc -> Autodesk)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11851240 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
S3 ComboCleaner.Guard; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe [143488 2021-11-05] (RCS LT, UAB -> RCS LT)
S3 ComboCleaner.WinService; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe [151168 2021-11-05] (RCS LT, UAB -> RCS LT)
R2 Epson PMAService A; C:\Program Files (x86)\Epson Software\PMA_A\PMAService.exe [113144 2017-03-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [678328 2018-06-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2018-04-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncHelper.exe [3447736 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
S2 GX Works2 Service; D:\Program File\GPPW2\GX Works2 Service.exe [61440 2012-05-23] (MITSUBISHI ELECTRIC CORPORATION) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [7168 2011-10-12] (Intel Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9267376 2023-07-26] (Malwarebytes Inc. -> Malwarebytes)
R2 MELSOFT Mediative Server; D:\Program File\MSF\Common\MMS\MMSserve.exe [1466368 2012-04-11] (Mitsubishi Electric Corporation) [File not signed]
R2 Mgl3DCtlrRPCService; C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\Mgl3DCtlrRPCService.exe [175256 2022-10-06] (3DCONNEXION SAM -> 3Dconnexion)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
R2 mitsijm2020; C:\Program Files\Autodesk\Inventor 2020\Moldflow\bin\mitsijm.exe [844088 2019-01-31] (Autodesk, Inc. -> Autodesk, Inc.)
R2 MSSQL$WLAUSERPROFILE; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 NVWMI; C:\WINDOWS\system32\nvwmi64.exe [4167528 2018-01-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.142.0709.0001\OneDriveUpdaterService.exe [3783544 2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [87040 2006-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336208 2023-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-09-14] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-09-14] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TCMS V3 Service; C:\Program Files (x86)\FingerTec\FingerTec TCMS V3\TCMS V3\TCMSv3Service.exe [309760 2020-10-29] (Timetec Computing Sdn. Bhd.) [File not signed]
R2 UWPService; C:\WINDOWS\SysWOW64\Creative.UWPRPCService.exe [357296 2021-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 3dxhid; C:\WINDOWS\system32\DRIVERS\3dxhid.sys [52216 2022-10-06] (WDKTestCert jenkins,132064741949377211 -> 3Dconnexion SAM)
S3 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 EZSocketGOT; C:\WINDOWS\system32\drivers\EZSocketGOT.sys [254976 2010-08-31] (MITSUBISHI ELECTRIC CORPORATION -> Jungo)
S3 gdrv; C:\Windows\gdrv.sys [25640 2015-01-30] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
S3 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
R3 KMJHidMini; C:\WINDOWS\System32\drivers\3dxkmj.sys [18944 2022-10-06] (Microsoft Windows Hardware Compatibility Publisher -> 3Dconnextion Inc.)
R3 KMJShim; C:\WINDOWS\System32\drivers\3dxshim.sys [7168 2022-10-06] (Microsoft Windows Hardware Compatibility Publisher -> 3Dconnextion Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [43456 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
S3 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [315696 2011-08-09] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2023-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\tony\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2023-07-26 08:12 - 2023-07-26 08:14 - 000000000 ____D C:\FRST
2023-07-26 08:12 - 2023-07-26 08:12 - 002383872 _____ (Farbar) C:\Users\tony\Downloads\FRST64.exe
2023-07-26 08:12 - 2023-07-26 08:12 - 000000000 ____D C:\Users\tony\Downloads\FRST-OlderVersion
2023-07-26 07:38 - 2023-07-26 08:01 - 000000000 ____D C:\Users\tony\AppData\Local\Malwarebytes
2023-07-26 07:38 - 2023-07-26 07:56 - 000000000 ____D C:\Users\tony\AppData\LocalLow\IGDump
2023-07-26 07:38 - 2023-07-26 07:38 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-07-26 07:36 - 2023-07-26 07:36 - 002601176 _____ (Malwarebytes) C:\Users\tony\Downloads\MBSetup-4.4 (1).exe
2023-07-26 07:02 - 2023-07-26 07:02 - 000000000 ___HD C:\$WinREAgent
2023-07-26 06:50 - 2023-07-26 06:52 - 000000000 ____D C:\Program Files (x86)\Combo Cleaner
2023-07-26 06:50 - 2023-07-26 06:50 - 000001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Combo Cleaner.lnk
2023-07-26 06:50 - 2023-07-26 06:50 - 000000000 ____D C:\Users\tony\AppData\Local\RCS_LT
2023-07-26 06:46 - 2023-07-26 06:46 - 003594016 _____ (RCS LT) C:\Users\tony\Downloads\CCSetup (2).exe
2023-07-26 06:46 - 2023-07-26 06:46 - 003594016 _____ (RCS LT) C:\Users\tony\Downloads\CCSetup (1).exe
2023-07-26 06:45 - 2023-07-26 07:48 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-07-26 06:44 - 2023-07-26 07:48 - 001075430 _____ C:\WINDOWS\ntbtlog.txt
2023-07-26 06:30 - 2023-07-26 06:30 - 003594016 _____ (RCS LT) C:\Users\tony\Downloads\CCSetup.exe
2023-07-26 06:12 - 2023-07-26 06:12 - 002601176 _____ (Malwarebytes) C:\Users\tony\Downloads\MBSetup-4.4.exe
2023-07-26 06:00 - 2023-07-26 06:00 - 000048426 _____ C:\Users\tony\Downloads\wushowhide.diagcab
2023-07-25 09:59 - 2023-07-25 09:59 - 000383916 _____ C:\Users\tony\Downloads\PB670_HS2_Thimble_design_advancement.pdf
2023-07-25 09:58 - 2023-07-25 09:58 - 000761561 _____ C:\Users\tony\Downloads\129174_selector_valve_940SV_supplement_(HK1188).pdf
2023-07-25 09:57 - 2023-07-25 09:57 - 002134648 _____ C:\Users\tony\Downloads\a_e_aerospace_nose_maintenance_pb693_.pdf
2023-07-25 09:56 - 2023-07-25 09:56 - 002326681 _____ C:\Users\tony\Downloads\HK-150_(HK1058).pdf
2023-07-25 09:56 - 2023-07-25 09:56 - 000252593 _____ C:\Users\tony\Downloads\Manual for USA Market (in English)_BV4500-118_180302 (1).pdf
2023-07-25 09:55 - 2023-07-25 09:55 - 006032505 _____ C:\Users\tony\Downloads\h_f_hfs_na_huck_tooling_catalog_5.pdf
2023-07-25 09:55 - 2023-07-25 09:55 - 000448477 _____ C:\Users\tony\Downloads\PB644_BOM_Gauge (1).pdf
2023-07-25 08:55 - 2023-07-25 08:55 - 000144629 _____ C:\Users\tony\Downloads\99BBS-05-ZXAD (1).pdf
2023-07-25 08:07 - 2023-07-25 08:07 - 001485841 _____ C:\Users\tony\Downloads\99UAB-MD-IRAC-78.pdf
2023-07-25 08:03 - 2023-07-25 08:03 - 000144629 _____ C:\Users\tony\Downloads\99BBS-05-ZXAD.pdf
2023-07-21 09:09 - 2023-07-21 09:09 - 003345893 _____ C:\Users\tony\Downloads\254_254OS_(HK1172).pdf
2023-07-19 11:16 - 2023-07-19 11:16 - 000000000 ____D C:\WW-ERP104
2023-07-19 11:16 - 2023-07-19 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WW-ERP104
2023-07-19 11:15 - 2023-07-19 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SynergyDE
2023-07-19 11:15 - 2023-07-19 11:15 - 000000000 ____D C:\Program Files\Synergex
2023-07-19 11:13 - 2023-07-19 11:13 - 000000000 ____D C:\ProgramData\Synergex
2023-07-19 07:12 - 2023-07-19 07:12 - 000196087 _____ C:\Users\tony\Downloads\99LGP-06-ZBAD.pdf
2023-07-19 05:53 - 2023-07-19 05:53 - 000049894 _____ C:\Users\tony\Downloads\99-7836.pdf
2023-07-07 15:42 - 2023-07-07 15:42 - 003107025 _____ C:\Users\tony\Downloads\2015_(HK958).pdf
2023-07-06 14:41 - 2023-07-06 14:41 - 001390611 _____ C:\Users\tony\Downloads\2_6_2624_2630_series__hk1052_.pdf
2023-07-06 08:25 - 2023-07-06 08:25 - 000000000 ____D C:\Users\tony\AppData\Roaming\UI Launcher
2023-06-28 06:51 - 2023-06-28 06:51 - 000065928 _____ C:\Users\tony\Downloads\99-7930.pdf
2023-06-28 06:41 - 2023-06-28 06:41 - 000190902 _____ C:\Users\tony\Downloads\99LGP-06-ZRAD (4).pdf
2023-06-28 06:40 - 2023-06-28 06:40 - 000344786 _____ C:\Users\tony\Downloads\99LGP-06-ZLAD (3).pdf
2023-06-28 06:39 - 2023-06-28 06:39 - 000354179 _____ C:\Users\tony\Downloads\99GP-08-ZLAD.pdf
2023-06-28 06:39 - 2023-06-28 06:39 - 000318146 _____ C:\Users\tony\Downloads\99GP-08-ZRAD.pdf
2023-06-28 06:38 - 2023-06-28 06:39 - 000303696 _____ C:\Users\tony\Downloads\99GP-08-ORAD.pdf
2023-06-28 06:38 - 2023-06-28 06:38 - 000342467 _____ C:\Users\tony\Downloads\99GP-08-OLAD.pdf
2023-06-28 06:38 - 2023-06-28 06:38 - 000316066 _____ C:\Users\tony\Downloads\99GP-06-ZRAD (1).pdf
2023-06-28 06:37 - 2023-06-28 06:37 - 000316066 _____ C:\Users\tony\Downloads\99GP-06-ZRAD.pdf
2023-06-28 06:36 - 2023-06-28 06:36 - 000356898 _____ C:\Users\tony\Downloads\99LGP-08-ZLAD.pdf
2023-06-28 06:36 - 2023-06-28 06:36 - 000344786 _____ C:\Users\tony\Downloads\99LGP-06-ZLAD (2).pdf
2023-06-28 06:35 - 2023-06-28 06:35 - 000190902 _____ C:\Users\tony\Downloads\99LGP-06-ZRAD (3).pdf
2023-06-26 11:33 - 2023-06-26 11:33 - 000190902 _____ C:\Users\tony\Downloads\99LGP-06-ZRAD (2).pdf
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2023-07-26 08:03 - 2021-06-01 16:53 - 000007712 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-26 08:02 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2023-07-26 08:01 - 2021-12-21 14:03 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-07-26 08:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-07-26 08:01 - 2015-09-23 09:27 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-07-26 08:01 - 2012-12-03 17:35 - 000000000 ____D C:\Program Files (x86)\Google
2023-07-26 08:00 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-26 08:00 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-26 07:59 - 2021-06-11 14:06 - 000008192 ___SH C:\DumpStack.log.tmp
2023-07-26 07:59 - 2021-06-01 16:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-07-26 07:59 - 2021-06-01 16:41 - 000617600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-26 07:59 - 2019-12-07 05:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-07-26 07:59 - 2012-09-29 09:51 - 000000128 _____ C:\WINDOWS\system32\config\netlogon.ftl
2023-07-26 07:59 - 2012-09-26 17:20 - 000000000 ____D C:\ProgramData\NVIDIA
2023-07-26 07:58 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-26 07:58 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-26 07:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-07-26 07:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-26 07:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-07-26 07:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-26 07:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-07-26 07:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-07-26 07:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-26 07:54 - 2019-06-14 19:05 - 000000000 ____D C:\Users\tony\AppData\Local\D3DSCache
2023-07-26 07:37 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-07-26 07:37 - 2017-07-25 16:16 - 000000000 ____D C:\Program Files\Malwarebytes
2023-07-26 07:37 - 2014-02-14 11:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-07-26 07:20 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-26 07:17 - 2021-06-01 16:41 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-07-26 06:50 - 2012-09-26 17:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-07-26 06:24 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-07-26 06:07 - 2012-10-04 13:54 - 000000000 ____D C:\Users\tony\AppData\Local\ElevatedDiagnostics
2023-07-26 05:47 - 2023-06-22 14:53 - 000000000 ____D C:\Users\tony\AppData\Local\CrashDumps
2023-07-26 05:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-07-26 05:44 - 2017-09-26 11:20 - 001026559 _____ C:\WINDOWS\ZAM.krnl.trace
2023-07-26 05:44 - 2017-09-26 11:20 - 001023702 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2023-07-26 05:44 - 2012-10-01 08:52 - 000000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Excel
2023-07-26 05:43 - 2012-10-01 10:10 - 000000000 ____D C:\TEMP
2023-07-26 05:42 - 2021-06-01 16:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-25 14:24 - 2019-06-13 16:42 - 000000000 ____D C:\Users\tony\AppData\Local\Packages
2023-07-25 12:29 - 2012-10-01 07:18 - 000000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Word
2023-07-25 11:33 - 2019-06-13 16:54 - 000000000 ____D C:\Users\tony\AppData\Local\PlaceholderTileLogoFolder
2023-07-25 11:13 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-25 11:10 - 2022-12-17 10:08 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-07-25 02:32 - 2019-06-13 16:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-07-23 00:33 - 2021-04-29 07:46 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-22 08:46 - 2022-12-16 07:58 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-1697
2023-07-22 08:46 - 2022-12-16 07:58 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-1676
2023-07-22 08:46 - 2022-12-16 07:58 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-1239
2023-07-22 08:46 - 2022-12-16 07:58 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-1234
2023-07-22 08:46 - 2022-12-16 07:58 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2342451961-4240078405-2464669458-1018
2023-07-22 08:46 - 2022-12-16 07:58 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2342451961-4240078405-2464669458-1000
2023-07-22 08:46 - 2022-12-16 07:58 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-500
2023-07-22 08:46 - 2022-12-16 07:58 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-07-22 08:46 - 2022-12-16 07:58 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-22 08:46 - 2022-10-04 08:03 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-2124
2023-07-22 08:46 - 2021-12-11 11:55 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3103852167-3425179606-4061663910-1138
2023-07-21 11:43 - 2019-02-06 08:24 - 000000000 ____D C:\Users\tony\AppData\Local\3Dconnexion
2023-07-21 07:03 - 2012-10-11 08:51 - 000000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Publisher Building Blocks
2023-07-20 22:23 - 2017-08-30 11:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-07-20 05:44 - 2021-06-01 16:43 - 000000000 ____D C:\Users\tony
2023-07-19 11:16 - 2021-10-25 11:03 - 000000000 ____D C:\tcm
2023-07-19 11:15 - 2021-10-25 10:32 - 000000000 ____D C:\Program Files (x86)\Synergex
2023-07-19 11:15 - 2016-01-13 04:02 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-19 05:46 - 2022-10-14 11:21 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-07-19 05:46 - 2021-06-01 16:54 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-07-19 05:41 - 2023-02-13 15:17 - 000000000 ____D C:\Program Files\Microsoft Office
2023-07-13 20:05 - 2010-11-20 23:27 - 000914872 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-07-12 02:37 - 2013-09-11 12:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-12 02:31 - 2012-09-26 17:32 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-06 10:00 - 2012-10-01 09:31 - 000000000 ____D C:\Users\tony\AppData\Local\Autodesk
2023-07-06 08:25 - 2012-10-01 09:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2023-07-06 08:25 - 2012-10-01 09:11 - 000000000 ____D C:\ProgramData\Autodesk
2023-07-06 08:24 - 2012-10-01 09:23 - 000000000 ____D C:\Program Files\Autodesk
2023-07-05 15:25 - 2021-06-01 16:54 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-05 15:25 - 2021-06-01 16:54 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
 
==================== Files in the root of some directories ========
 
2020-04-24 14:50 - 2020-04-24 14:50 - 000000383 _____ () C:\Users\tony\AppData\Roaming\SaraBat.bat
2020-04-24 14:50 - 2020-04-24 14:50 - 000200840 _____ (Microsoft Corporation) C:\Users\tony\AppData\Roaming\SetupProd_OfficeInstall.exe
2012-10-02 11:58 - 2023-06-21 14:05 - 000007675 _____ () C:\Users\tony\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
 
dditional scan result of Farbar Recovery Scan Tool (x64) Version: 25-07-2023 01
Ran by Tony (26-07-2023 08:15:54)
Running from \\GBSERVER\RedirectedFolders\Tony\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.3086 (X64) (2021-06-01 20:54:21)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-2342451961-4240078405-2464669458-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2342451961-4240078405-2464669458-503 - Limited - Disabled)
eManagerUser (S-1-5-21-2342451961-4240078405-2464669458-1012 - Administrator - Enabled)
ftpuser (S-1-5-21-2342451961-4240078405-2464669458-1013 - Limited - Enabled)
Guest (S-1-5-21-2342451961-4240078405-2464669458-501 - Limited - Disabled)
Owner (S-1-5-21-2342451961-4240078405-2464669458-1000 - Administrator - Enabled) => C:\Users\Owner
tony (S-1-5-21-2342451961-4240078405-2464669458-1018 - Administrator - Enabled) => C:\Users\tony.GAGE24
WDAGUtilityAccount (S-1-5-21-2342451961-4240078405-2464669458-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
3D XML Player (HKLM\...\{B844784B-F560-4389-86F8-2D8C84AB1D56}) (Version: 19.13.17311 - Dassault Systemes)
3Dconnexion 3DxSoftware (HKLM\...\{D0F5859A-5FF2-4F5F-8CE4-8912529F71F2}) (Version: 10.8.10.3503 - 3Dconnexion) Hidden
3Dconnexion 3DxWare 10 (HKLM-x32\...\{1249363f-99f3-4344-9de3-e42e9bd69c62}) (Version: 10.8.10.3503 - 3Dconnexion)
3Dconnexion 3DxWinCore (HKLM\...\{9B337A9A-D6A9-4B2B-B9C1-3D7A09B1BC20}) (Version: 17.8.10.19684 - 3Dconnexion) Hidden
3Dconnexion Add-In for AutoCAD (HKLM\...\{9DFA835B-2086-4C6A-9CF4-DE78FB33EF6D}) (Version: 5.7.2.19062 - 3Dconnexion) Hidden
3Dconnexion Add-In for Autodesk Inventor (HKLM\...\{6E6D5439-8AF9-4C3C-AA95-0A147CA6551E}) (Version: 2.4.1.19400 - 3Dconnexion) Hidden
3Dconnexion Add-In for Microsoft Office (HKLM\...\{B0B56E9C-7A10-4380-BCD8-A4F771CD0320}) (Version: 1.1.2.19333 - 3Dconnexion) Hidden
3Dconnexion Add-In for Navisworks (HKLM\...\{D0CBF4B8-FEC5-4FDD-8459-1F63D35B3654}) (Version: 1.0.0.34 - 3Dconnexion) Hidden
3Dconnexion Add-In for Revit (HKLM\...\{35F1220A-46B3-4ED4-A90A-58003C0A7304}) (Version: 1.0.1.31 - 3Dconnexion) Hidden
3Dconnexion Add-In for Solid Edge (HKLM\...\{5A69C62A-B2C9-4FDF-87DA-3C4F3B58EFF4}) (Version: 3.6.3 - 3Dconnexion) Hidden
3Dconnexion Add-In for SOLIDWORKS (HKLM\...\{7E3E4BAA-0F05-472A-BDD9-08EE4C6F11BD}) (Version: 3.5.14.19609 - 3Dconnexion) Hidden
3Dconnexion Assembly Demo (HKLM-x32\...\{6AC5E623-5E87-426A-8E6A-353D5DB1D250}) (Version: 0.9.8.0 - 3Dconnexion) Hidden
3Dconnexion Extension for SketchUp (HKLM\...\{10FA2E80-D6F1-404B-BFCC-1DAA8CC4FC17}) (Version: 5.3.2.19502 - 3Dconnexion) Hidden
3Dconnexion LCD Applets for SpacePilot Pro (HKLM\...\{E937DA80-FBD4-4AF9-8080-86CFDCAC9C68}) (Version: 1.5.1 - 3Dconnexion) Hidden
3Dconnexion Navigation Library Server (HKLM-x32\...\{668F898B-D74A-47B4-B3F7-B98945C4A63A}) (Version: 1.4.3.19386 - 3Dconnexion) Hidden
3Dconnexion Plug-In for 3ds Max 2014 - 2023 (HKLM\...\{F9F4AB81-F3D3-4952-887F-E536A5E910CC}) (Version: 7.0.13.19521 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Acrobat 3D (HKLM\...\{CBA2D3AE-60C8-48DC-A001-85A943908B72}) (Version: 1.5.1.763 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Creo 2.0 - 9.0 (HKLM\...\{98FFF4D0-3782-431B-9237-1351B625DE10}) (Version: 2.4.5.19249 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Maya (HKLM\...\{CAD35637-B3B8-47A6-85E5-3B829D6C76FD}) (Version: 6.0.14.19520 - 3Dconnexion) Hidden
3Dconnexion Plug-In for NX 8.0 - 2206 Series (HKLM\...\{1E1F65A8-5396-4F31-8405-36DF7FD1028D}) (Version: 3.5.1.19492 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop (HKLM\...\{13BD0BD1-CD9C-4B50-AC7F-CCEC9B209021}) (Version: 2.11.0.19618 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Unity Editor (HKLM\...\{8D3A5E0D-891E-4953-89A0-ED1FF2D2C86C}) (Version: 1.0.0.18 - 3Dconnexion) Hidden
3Dconnexion Plugin for Unreal Editor (HKLM\...\{5CCD541C-86AB-403A-9DDE-A17B91849BA3}) (Version: 1.1.5.95 - 3Dconnexion) Hidden
3Dconnexion Trainer (HKLM-x32\...\{5158E770-0862-478B-ADC3-E22B33061A86}) (Version: 3.2.7.17569 - 3Dconnexion) Hidden
3Dconnexion Viewer (HKLM\...\{61BEE16E-0556-4C29-9C14-DE02FE50B870}) (Version: 1.1.0.44 - 3Dconnexion) Hidden
3DPower B11.1121.1 (HKLM-x32\...\{53B0AB03-FC82-46C8-885B-F0A529FAFFAC}) (Version: 1.00.0001 - GIGABYTE)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.003.20244 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.14 - philandro Software GmbH)
ApowerREC V1.4.2.21 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.4.2.21 - Apowersoft LIMITED)
Apowersoft Online Launcher version 1.7.8 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.8 - APOWERSOFT LIMITED)
Asian Language And Spelling Dictionaries Support For Adobe Acrobat Reader (HKLM\...\{AC76BA86-7AD7-0000-0000-BC15014EA700}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Autodesk 3ds Max Design 2012 64-bit - English (HKLM\...\Autodesk 3ds Max Design 2012 64-bit - English) (Version: 14.0 - Autodesk)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk Configurator 360 addin (HKLM-x32\...\{086D6579-9AEA-4616-A7EC-A0FE29E72A43}) (Version: 24.0.10100 - Autodesk, Inc.)
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Desktop Connect Service (HKLM\...\{FC772454-BB19-0000-0502-44B459520227}) (Version: 5.02.0 - Autodesk)
Autodesk DirectConnect 2012 64-bit (HKLM\...\Autodesk DirectConnect 2012 64-bit) (Version: 6.0.443.0 - Autodesk)
Autodesk Download Manager (HKLM-x32\...\{402BEAF1-A9F1-4D40-85B4-4F43D0D0EA27}) (Version: 6.3.181.0 - Autodesk, Inc.)
Autodesk DWG TrueView 2020 - English (HKLM\...\DWG TrueView 2020 - English) (Version: 23.1.48.0 - Autodesk)
Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit) (Version:  - Autodesk)
Autodesk Genuine Service (HKLM\...\{3F9E7D4B-C2ED-48C6-ABB1-F7611724ACD9}) (Version: 5.0.0.134 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{317D67F2-9027-4E85-9ED1-ADF4D765AE02}) (Version: 3.0.11 - Autodesk)
Autodesk Guided Tutorial Plugin (HKLM\...\{B3AFC608-D811-0003-0702-21FB25B48D6E}) (Version: 7.02.0 - Autodesk)
Autodesk Identity Manager (HKLM\...\Autodesk Identity Manager) (Version: 1.9.18.0 - Autodesk)
Autodesk Inventor 2012 (HKLM\...\{7F4DD591-1664-0409-0000-7107D70F3DB4}) (Version: 16.2.21900.0000 - Autodesk) Hidden
Autodesk Inventor 2012 English (HKLM\...\Autodesk Inventor 2012) (Version: 16.2.21900.0000 - Autodesk)
Autodesk Inventor 2012 English Language Pack (HKLM\...\{7F4DD591-1664-0409-0001-7107D70F3DB4}) (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor 2012 SP1 (HKLM\...\Autodesk Inventor 2012 SP1) (Version: 16.2.21900.0000 - Autodesk)
Autodesk Inventor 2012 SP2 (HKLM\...\Autodesk Inventor 2012 SP2) (Version: 16.2.21900.0000 - Autodesk)
Autodesk Inventor Compatibility Pack 2021 (HKLM\...\{7F4DD591-2564-0006-0000-7107D70F3DB4}) (Version: 25.0.18300.0000 - Autodesk) Hidden
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (HKLM\...\{B46DECD1-1664-4EF1-0000-22D71E81877C}) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Content Center Libraries 2020 (Desktop Content) (HKLM\...\{B46DECD1-2464-4EF1-0000-22D71E81877C}) (Version: 24.0.16800.0000 - Autodesk,Inc.)
Autodesk Inventor Electrical Catalog Browser 2020 - English (HKLM\...\{28B89EEF-3007-0000-7102-CF3F3A09B77D}) (Version: 17.0.51.0 - Autodesk) Hidden
Autodesk Inventor Electrical Catalog Browser 2020 - English (HKLM\...\Autodesk Inventor Electrical Catalog Browser 2020 - English) (Version: 17.0.51.0 - Autodesk)
Autodesk Inventor Electrical Catalog Browser 2020 Language Pack - English (HKLM\...\{28B89EEF-3007-0409-8102-CF3F3A09B77D}) (Version: 17.0.51.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2012 (HKLM\...\{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}) (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 Language Pack (HKLM\...\{FFF7F80F-929E-497F-A112-B070DE816128}) (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (HKLM\...\{4E3B47F2-21EB-4F20-87C8-5A0E4D5F3858}) (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (HKLM\...\Autodesk Inventor Fusion for Inventor 2012 Add-in) (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Fusion for Inventor 2012 Add-in Language Pack (HKLM\...\{4E1A54A9-FFB3-4BE6-B59B-3CC94C3B31D2}) (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Professional 2020 - English (HKLM\...\Autodesk Inventor Professional 2020) (Version: 24.40.39600.0000 - Autodesk)
Autodesk Inventor Professional 2020 (HKLM\...\{7F4DD591-2464-0001-0000-7107D70F3DB4}) (Version: 24.40.39600.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2020 English Language Pack (HKLM\...\{7F4DD591-2464-0001-1033-7107D70F3DB4}) (Version: 24.30.37300.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2020.4 (HKLM\...\Autodesk Inventor Professional 2020 Service Pack) (Version: 24.40.39600.0000 - Autodesk) Hidden
Autodesk Inventor Publisher 2013 (HKLM\...\{6E542013-2013-0064-B703-2376D4CC9C8F}) (Version: 5.3.0.31 - Autodesk, Inc.) Hidden
Autodesk Inventor Publisher 2013 (HKLM\...\Autodesk Inventor Publisher 2013) (Version: 5.3.0.31 - Autodesk, Inc.)
Autodesk Inventor Publisher 2013 Language Pack (HKLM\...\{6E542013-2013-1064-B703-2376D4CC9C8F}) (Version: 5.0.0.106 - Autodesk, Inc.) Hidden
Autodesk Inventor Publisher 2013 SP3 (HKLM-x32\...\Autodesk Inventor Publisher 2013 SP3) (Version: 1 - Autodesk, Inc.)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library 2020 (HKLM-x32\...\{B9312A51-41B5-479D-9F72-E7448A2D89AF}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2020 (HKLM-x32\...\{0E976988-E753-4C81-BD96-434CE305B176}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2020 (HKLM-x32\...\{7979E1F2-682E-4A3C-B674-B3336F35D472}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Mechanical Desktop 2009 (HKLM\...\Autodesk Mechanical Desktop 2009) (Version: 13.0.59.0 - Autodesk)
Autodesk Revit Interoperability for Inventor 2020 (HKLM\...\{0BB716E0-2020-0210-0000-097DC2F354DF}) (Version: 20.0.0.364 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2020 (HKLM\...\Autodesk Revit Interoperability for Inventor 2020) (Version: 20.0.0.364 - Autodesk)
Autodesk Showcase 2012 64-bit - English (HKLM\...\Autodesk Showcase 2012 64-bit - English) (Version: 6.0.0.0 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{7F0FE09D-E25D-4C59-A1AA-DB17153FC353}) (Version: 11.3.0.1803 - Autodesk)
Autodesk Vault 2012 (Client) (HKLM\...\{CF526A26-1664-0000-0000-02E95019B628}) (Version: 16.3.10.0 - Autodesk, Inc.) Hidden
Autodesk Vault 2012 (Client) (HKLM-x32\...\Autodesk Vault 2012 (Client)) (Version: 16.3.10.0 - Autodesk, Inc.)
Autodesk Vault 2012 (Client) English Language Pack (HKLM\...\{266597A9-1664-0000-0100-DCBF2B69166B}) (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
Autodesk Vault 2012 Update 3 (Client) (HKLM-x32\...\Autodesk Vault 2012 (Client)_Autodesk Vault 2012 Update 3 (Client)) (Version:  - Autodesk, Inc.)
AXIS Media Control Embedded (HKLM-x32\...\AXIS Media Control Embedded) (Version:  - )
Belarc Advisor 8.3 (HKLM-x32\...\Belarc Advisor) (Version: 8.3.2.0 - Belarc Inc.)
CADENAS PARTwebViewer (HKLM-x32\...\{F6C0D92C-7EBC-4CEE-A0DD-BCE6ADB50E22}) (Version: 1.0.36.7 - CADENAS)
Cisco WebEx Meetings (HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Combo Cleaner (HKLM\...\{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT) Hidden
Combo Cleaner (HKLM-x32\...\InstallShield_{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Core Temp 1.18 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.18 - ALCPU)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DWG TrueView 2012 (HKLM\...\DWG TrueView 2012) (Version: 18.2.51.0 - Autodesk)
Eco Materials Adviser (x64) (HKLM\...\{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}) (Version: 1.32.0.0 - Granta Design Limited)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570}) (Version: 3.11.0053 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 3.20.00 - Seiko Epson Corporation)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - Seiko Epson Corporation)
Epson ReadyInk Agent (A) (HKLM-x32\...\{A9B4584F-A29E-4880-97E6-1744B4AF2AF8}) (Version: 1.0.2.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
Epson WF-3730 Series User’s Guide (HKLM-x32\...\UsersGuideEpson WF-3730 Series User’s Guide_is1) (Version: 1.0 - Epson America, Inc.)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
FileViewPro (HKLM\...\FileViewPro_is1) (Version: 1.9.8.19 - Solvusoft Corporation)
FingerTec TCMS V3 (HKLM-x32\...\{0DE4DB10-E0D7-4A36-B639-E5315D8133B5}) (Version: 3.0.2.5 - Timetec Computing Sdn. Bhd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.248 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GX Works2 Help (for FXCPU) (HKLM-x32\...\{EAA760B6-690B-4202-8CC9-76509ADC56E4}) (Version: 1.86Q - MITSUBISHI ELECTRIC CORPORATION)
GX Works2-FX (HKLM-x32\...\{F4B03BCC-F7B9-4E19-A3AF-6F3AC951D88C}) (Version: 1.87R - MITSUBISHI ELECTRIC CORPORATION)
HP DesignJet Utility (HKLM-x32\...\{540458DC-38A6-4F11-9D08-BF6787EE46D3}) (Version: 6.0.9.4660 - HP Inc.)
Insight 10.2 (HKLM\...\{E9A7671E-2A43-4943-B29F-7BE9DA95A135}) (Version: 10.2 - Stratasys)
Insight 11.5 (HKLM\...\{AE38E69F-0157-419D-9AB4-2E14FF7120FD}) (Version: 11.5 - Stratasys)
Intel® Chipset Device Software (HKLM\...\{C965318A-AA36-4F94-9ED5-AE5391F452B2}) (Version: 10.1.2.9 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{5fa248d9-79b2-48fb-9add-72660adaed4e}) (Version: 10.1.2.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{60DC6F22-D268-44F0-8720-200033508384}) (Version: 11.0.0.1158 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{DF17C0DB-76D8-4A45-B26E-674F8455B803}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Network Connections 16.5.2.0 (HKLM\...\{90899269-554B-4672-9F8D-4A2A0D0AF5B5}) (Version: 16.5.2.0 - Intel) Hidden
Intel® Network Connections 16.5.2.0 (HKLM\...\PROSetDX) (Version: 16.5.2.0 - Intel)
Intel® Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 3.0.0.2003 - Intel Corporation)
Inventor 2020.3 Update (HKLM-x32\...\{93d3a8bc-2400-3000-b242-2a19b2a704f8}) (Version: 24.30.37300.0 - Autodesk)
Inventor 2020.4 Update (HKLM-x32\...\{93d3a8bc-2400-4000-b242-2a19b2a704f8}) (Version: 24.40.39600.0 - Autodesk)
Inventor 2020.4.1 Update (INV24410) (HKLM\...\Autodesk Inventor Professional 2020_24410) (Version: 24.40.39601.0 - Autodesk)
Inventor ThreadModeler Addin (HKLM-x32\...\{2F2A308D-0A2E-46B6-8178-09346A0DE9E9}) (Version: 1.2.0 - Autodesk)
Inventor Unexpectedly exits after updating to Windows 8.1 (DL22506876) (HKLM\...\Autodesk Inventor 2012_16244) (Version: 1 - Autodesk)
IS Tech Support Update 2018.3 (HKLM-x32\...\{D69C500F-513C-42DC-9EF9-1211871F2DEC}_is1) (Version:  - IS TechSupport L.L.C.)
Logitech LCD Manager (HKLM\...\{F469B548-030B-41CD-BD46-D37A7EC9A530}) (Version: 3.06.109 - Logitech Inc.) Hidden
Malwarebytes version 4.5.33.272 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.33.272 - Malwarebytes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1010 - Marvell)
Microsoft .NET Framework 4.6.1 (HKLM\...\{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft 365 Apps for business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.16529.20182 - Microsoft Corporation)
Microsoft ASP.NET 2.0 AJAX Extensions 1.0 (HKLM-x32\...\{082BDF7B-4810-4599-BF0D-E3AC44EC8524}) (Version: 1.0.61025 - Microsoft Corporation)
Microsoft Bing Service (HKLM-x32\...\{27990F25-A90A-4CE5-868E-1A1BB70A58EE}) (Version: 2.0.0.7 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.183 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.183 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.142.0709.0001 - Microsoft Corporation)
Microsoft Security Client (HKLM\...\{2AA3C13E-0531-41B8-AE48-AE28C940A809}) (Version: 4.10.0209.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (WLAUSERPROFILE) (HKLM-x32\...\{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Support and Recovery Assistant - 1  (HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\1411bee0b739e9b9) (Version: 17.0.9326.9 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\f9a89bd2a46a7606) (Version: 17.0.4589.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\Teams) (Version: 1.5.00.31168 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{4713fdb0-2117-4d26-9e12-bbb11350a47f}) (Version: 8.0.57232 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 88.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 88.0.1 (x64 en-US)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.2 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network eManager V5.20B26 (HKLM-x32\...\{E173CE8D-CB7D-4ACB-84B6-63288A95037C}) (Version: 77.89.0000 - Toshiba America Information System Inc.) Hidden
Network eManager V5.20B26 (HKLM-x32\...\InstallShield_{E173CE8D-CB7D-4ACB-84B6-63288A95037C}) (Version: 77.89.0000 - Toshiba America Information System Inc.)
NirSoft ProduKey (HKLM-x32\...\NirSoft ProduKey) (Version:  - )
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 377.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 377.83 - NVIDIA Corporation)
NVIDIA Graphics Driver 377.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 377.83 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA nView 148.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.47 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden
NVIDIA WMI 2.29.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.29.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20182 - Microsoft Corporation) Hidden
Pervasive PSQL v10 SP3 Client (32-bit) (HKLM-x32\...\{0A3238D7-AA32-1030-B717-F3E3F18B4A8C}) (Version: 10.30.024 - Pervasive Software) Hidden
Pervasive PSQL v10 SP3 Client (32-bit) (HKLM-x32\...\Pervasive PSQL v10 SP3 Client (32-bit)) (Version: 10.30.024 - Pervasive Software)
Photo Common (HKLM-x32\...\{CAA0F57A-BA8C-4AD8-AA03-F32B0E4F5623}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{C992FFE0-AC32-4FA9-BC9A-F1637B9E655D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Quick Uninstall Tool for Autodesk Product Design Suite 2012 (HKLM\...\{D28EFBA5-1664-4B79-946A-000BE950E8E2}) (Version: 16.0.16000.0000 - Autodesk)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8245 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
Samsung DeX (HKLM-x32\...\{7956e352-c776-4193-bc90-4cc41187c2cd}) (Version: 2.4.1.11 - Samsung Electronics Co., Ltd.)
Samsung DeX (HKLM-x32\...\{A45AB475-00B9-4CCF-A277-6513F2C85C92}) (Version: 2.4.1.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.58.0 - Samsung Electronics Co., Ltd.)
Smart 6 B11.1124.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Stratasys Update Manager (HKLM\...\{7E0EA5C2-3D6A-4B94-8FF0-A2A258C2B9C0}) (Version: 2.4 - Stratasys)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synergy/DE 11.1.1i (HKLM-x32\...\{40ca69bb-e5a3-4d21-bf04-742bf8eb627e}) (Version: 11.1.109.3013 - Synergex International Corporation)
Synergy/DE 11.1.1i (HKLM-x32\...\{A6E24B1F-B146-4619-BC0E-03DA43F6049A}) (Version: 11.01.0109 - Synergex International Corporation) Hidden
Synergy/DE xfNetLink .NET Edition (x64) 11.1.1h (HKLM\...\{1CB750DD-4C04-4DD8-A9A3-19F25DBA4C2C}) (Version: 11.01.0108 - Synergex International Corporation) Hidden
Synergy/DE xfNetLink .NET Edition (x64) 11.1.1h (HKLM-x32\...\{dfccd557-9b83-4985-87c8-c28ac08adb38}) (Version: 11.1.108.3013 - Synergex International Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.30767 - Microsoft Corporation)
TS17204191 (HKLM-x32\...\Autodesk Vault 2012 (Client)_TS17204191) (Version:  - Autodesk, Inc.)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version:  - )
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Web Launch Recorder (HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\WebLaunchRecorder) (Version: 2.0 - )
Windows Driver Package - STMicroelectronics (usbser) Ports  (04/01/2021 2.02) (HKLM\...\50684D234758B0BFDC7A00400E126557529970F3) (Version: 04/01/2021 2.02 - STMicroelectronics)
Windows Driver Package - STMicroelectronics (WinUSB) STLinkWinUSB  (04/01/2021 2.02) (HKLM\...\650828C915E0BFA89E1E3E114A53B84189F5C9A3) (Version: 04/01/2021 2.02 - STMicroelectronics)
Windows Driver Package - STMicroelectronics (WinUSB) STLinkWinUSB  (04/01/2021 2.02) (HKLM\...\8B67378C6E26878C0204CF4149166C90625C2377) (Version: 04/01/2021 2.02 - STMicroelectronics)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{66B5819D-DE70-42BE-B40F-978FBA12452E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{CE52672C-A0E9-4450-8875-88A221D5CD50}) (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{6522F5F9-411B-4513-A75B-CEA00395F032}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
Windows Small Business Server 2011 Standard WMI Provider (HKLM-x32\...\{F7A8377A-3062-43B8-94F4-4E30EA43A9E9}) (Version: 6.1.7900.1 - Microsoft Corporation) Hidden
WW-ERP 10.4 Client (HKLM-x32\...\{5F2164F0-3D2C-4E4E-AC03-63507C5398D6}) (Version: 10.4.0.0 - WorkWise LLC)
Zoom (HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\ZoomUMX) (Version: 5.10.6 (5889) - Zoom Video Communications, Inc.)
 
Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Corporation)
HP DesignJet Print Experience -> C:\Program Files\WindowsApps\AD2F1837.HPDesignjetExperience_1.0.0.12_neutral__v10z8vjag6ke6 [2020-01-27] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_147.1.1079.0_x64__v10z8vjag6ke6 [2023-07-13] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-01] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-06-17] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-04-27] (Microsoft Corporation)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.425.600_x64__8wekyb3d8bbwe [2023-05-08] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Studios) [MS Ad]
Sound Blaster Connect -> C:\Program Files\WindowsApps\CreativeTechnologyLtd.SoundBlasterConnect_2.2.15.0_x86__13fcda18mhdz2 [2023-07-21] (Creative Technology Ltd.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\tony\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{04271989-C4D2-AA1E-E557-04610EA03711} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{17A14094-F274-44E2-B54B-FC0E966AE5C7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\LUxClientSink.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\tony\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22272.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\iDrop.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TI.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\Autodesk\MDT 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{2D5C6B27-86B3-4E81-9F8B-9C68887F5BE6}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\LUxUIMgr.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\Autodesk\MDT 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2020\Bin\RxTest.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\Autodesk\MDT 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtCp.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{714D325C-E9CE-44ab-A72A-36BB410BA19B}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\FEAFilesHandler.exe (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2020 - English\dwgviewr.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\Autodesk\MDT 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{87a21711-d517-42cf-a187-0753f0b18af5}\localserver32 -> C:\WINDOWS\System32\DriverStore\FileRepository\3dxhid.inf_amd64_1a41f4d90f24e0c7\3DxNS_CoInst.exe (Microsoft Windows Hardware Compatibility Publisher -> 3Dconnexion)
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\BodyReceiver.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{C0E7110B-2136-11D4-8DD0-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorMarshal.Dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxApprenticeServer.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\tony\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\tony\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\AcInetUI.dll (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorUtilities.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\MDT 2009\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{E6E92821-2731-4AA3-B919-D2BC514FEC64}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridgePS.Dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2020\Bin\DTInterop.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{F4363F9D-3BBA-46AC-ABFE-F27977981DA8}\localserver32 -> C:\Program Files\Autodesk\Inventor 2020\Bin\ApprenticeServerHost.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\InvResc.dll (Autodesk) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\InvTXTStack.exe (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2020\Bin\DTInterop.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2019-02-08] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2019-02-08] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2012-10-17] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [ScanNow] -> {41F8EF51-8CD0-4df4-A13A-0E09A7E98AB3} => C:\PROGRA~2\McAfee\MANAGE~1\VScan64\MVSSHE~1.DLL -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.142.0709.0001\FileSyncShell64.dll [2023-07-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2018-01-13] (NVIDIA Corporation -> )
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6_S-1-5-21-3103852167-3425179606-4061663910-1138: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll [2012-04-27] (Autodesk, Inc.) [File not signed]
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\tony\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
 
==================== Loaded Modules (Whitelisted) =============
 
2012-09-26 17:12 - 2011-10-12 12:52 - 000007680 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\PSIClient.dll
2010-03-08 02:22 - 2010-03-08 02:22 - 000237568 _____ () [File not signed] [File is in use] C:\Program Files\Autodesk\Vault 2012\Explorer\HtmlHelp.dll
2023-07-26 08:01 - 2023-07-26 08:01 - 000357888 _____ () [File not signed] \\?\C:\Users\tony\AppData\Local\Temp\2095e758-c38a-49e6-873a-6c323bc01a41.tmp.node
2023-07-26 08:01 - 2023-07-26 08:01 - 000915456 _____ () [File not signed] \\?\C:\Users\tony\AppData\Local\Temp\8125e413-d9b2-45fa-9d18-823ff6d699e3.tmp.node
2022-09-09 12:00 - 2022-09-09 12:00 - 013525504 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 002586112 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000658944 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000135680 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlicommon.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000041984 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlidec.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000056320 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\bz2.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 001130496 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000222208 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\fontconfig.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libcharset.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libexpat.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000918016 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libiconv.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000164864 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libpng16.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000152576 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000611328 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000074752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll
2022-10-06 12:06 - 2022-10-06 12:06 - 000249856 _____ (3Dconnexion, Inc) [File not signed] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\en-US\3DxService.dll
2021-06-01 16:46 - 2021-06-01 16:46 - 002449408 _____ (Developer Express Inc.) [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_MSIL\DevExpress.Data.v10.1\10.1.4.0__b88d1754d700e49a\DevExpress.Data.v10.1.dll
2021-06-01 16:46 - 2021-06-01 16:46 - 002931712 _____ (Developer Express Inc.) [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_MSIL\DevExpress.Utils.v10.1\10.1.4.0__b88d1754d700e49a\DevExpress.Utils.v10.1.dll
2021-06-01 16:46 - 2021-06-01 16:46 - 001808384 _____ (Developer Express Inc.) [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_MSIL\DevExpress.XtraBars.v10.1\10.1.4.0__b88d1754d700e49a\DevExpress.XtraBars.v10.1.dll
2021-06-01 16:46 - 2021-06-01 16:46 - 001644544 _____ (Developer Express Inc.) [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_MSIL\DevExpress.XtraEditors.v10.1\10.1.4.0__b88d1754d700e49a\DevExpress.XtraEditors.v10.1.dll
2021-06-01 16:46 - 2021-06-01 16:46 - 001751040 _____ (Developer Express Inc.) [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_MSIL\DevExpress.XtraGrid.v10.1\10.1.4.0__b88d1754d700e49a\DevExpress.XtraGrid.v10.1.dll
2021-06-01 16:46 - 2021-06-01 16:46 - 000698368 _____ (Developer Express Inc.) [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_MSIL\DevExpress.XtraLayout.v10.1\10.1.4.0__b88d1754d700e49a\DevExpress.XtraLayout.v10.1.dll
2021-06-01 16:46 - 2021-06-01 16:46 - 000293888 _____ (Developer Express Inc.) [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_MSIL\DevExpress.XtraNavBar.v10.1\10.1.4.0__b88d1754d700e49a\DevExpress.XtraNavBar.v10.1.dll
2012-09-26 17:14 - 2010-10-19 18:30 - 000249856 _____ (Gigabyte Technology CO., LTD.) [File not signed] [File is in use] C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\BPassDLL.dll
2012-09-26 17:14 - 2009-10-13 16:35 - 000204800 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\slmDB.dll
2012-09-26 17:14 - 2009-10-13 16:35 - 000122880 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\slmSecret.dll
2012-09-26 17:14 - 2009-10-13 16:35 - 000110592 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\slmWeekCtrlRule.dll
2012-09-26 17:14 - 2009-10-13 16:35 - 000155648 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\SmartLock.dll
2013-04-11 11:44 - 2012-05-03 15:33 - 000663552 _____ (Hewlett-Packard Corporation) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpipp122.dll
2013-04-11 11:46 - 2012-10-13 13:05 - 000636416 _____ (Hewlett-Packard Corporation) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpipp124.dll
2013-04-11 11:44 - 2011-11-18 12:35 - 000015360 _____ (Hewlett-Packard Corporation, Microsoft Corporation) [File not signed] C:\WINDOWS\System32\hpltlm5.dll
2019-07-16 13:24 - 2019-07-16 13:24 - 005624832 _____ (HP Inc) [File not signed] C:\Program Files (x86)\HP\HP DesignJet Utility\DesignJet Utility\hppihost.dll
2019-07-16 13:24 - 2019-07-16 13:24 - 005254656 _____ (HP Inc.) [File not signed] C:\Program Files (x86)\HP\HP DesignJet Utility\DesignJet Utility\hplfpsdk.dll
2018-09-28 11:49 - 2018-04-30 08:00 - 000075776 _____ (Igor Pavlov) [File not signed] D:\Program Files\7-Zip\7-zip.dll
2012-09-26 17:12 - 2011-10-12 12:52 - 000010752 _____ (Intel Corp.) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorCommon.dll
2012-09-26 17:12 - 2011-10-12 12:52 - 000040960 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgr.dll
2012-09-26 17:12 - 2011-10-12 12:52 - 000102912 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorUtil.dll
2012-09-26 17:12 - 2011-10-12 12:52 - 001485312 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IntelVisualDesign.dll
2012-09-26 17:12 - 2011-10-12 12:52 - 000388096 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\PSI.dll
2012-09-26 17:12 - 2011-10-12 12:52 - 000270336 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\PsiData.dll
2012-09-26 17:12 - 2011-10-12 12:52 - 000470528 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\ISDI2.dll
2021-06-01 16:46 - 2021-06-01 16:46 - 000884736 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Web.Services3\3.0.0.0__31bf3856ad364e35\Microsoft.Web.Services3.dll
2023-02-13 15:19 - 2023-02-13 15:19 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2023-02-13 15:19 - 2023-02-13 15:19 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2023-02-13 15:19 - 2023-02-13 15:19 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2023-02-13 15:19 - 2023-02-13 15:19 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\c2r64.dll
2012-09-26 17:12 - 2011-10-12 12:52 - 000008192 _____ (Microsoft) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvcInterfaces.dll
2013-04-29 10:35 - 2012-04-11 14:50 - 000041984 _____ (Mitsubishi Electric Corporation) [File not signed] D:\Program File\MSF\Common\MMS\AConvMMS9ur.dll
2023-06-21 14:06 - 2018-01-13 05:06 - 000747464 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2023-06-21 14:06 - 2018-01-13 05:06 - 000860776 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2023-06-21 14:07 - 2018-01-13 05:07 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000055808 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll
2022-10-12 17:52 - 2022-10-12 17:52 - 004475904 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll
2022-10-12 17:52 - 2022-10-12 17:52 - 002855424 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll
2022-10-12 17:51 - 2022-10-12 17:51 - 006599168 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll
2020-02-07 17:20 - 2020-02-07 17:20 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000098304 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\EbpD4Fax.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000212992 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUADRFIL.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCFG.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000446464 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCSR.DLL
2021-04-19 13:11 - 2020-12-08 01:00 - 000393216 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXLDB.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000651264 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXTIF.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUIMGCDC.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000278528 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FULEPP.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSTMMSG.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000356352 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSVCCLT.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000065536 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUUSBHLP.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000258048 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUVERDLG.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000073728 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDEVCOM.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDRVUTL.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUPRBDEV.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUSNMPUT.dll
2021-04-19 13:11 - 2020-12-07 12:00 - 000086016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUCMNMSG.dll
2021-04-19 13:11 - 2020-12-07 12:00 - 000090112 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll
2021-04-19 13:11 - 2020-12-07 12:00 - 000241664 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXRCV.dll
2021-04-19 13:11 - 2020-12-07 12:00 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXSTM.dll
2021-04-19 13:11 - 2020-12-07 12:00 - 000022016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FULEPPRes.dll
2021-04-19 13:11 - 2020-12-07 12:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000786432 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENCM.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000278528 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENNW.dll
2021-04-19 13:11 - 2020-12-08 01:00 - 000299008 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENUTIL.dll
2022-09-09 12:00 - 2022-09-09 12:00 - 000539136 _____ (The FreeType Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\freetype.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AeroadminService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
SearchScopes: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = 
SearchScopes: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138 -> {F139C7CE-3B37-4945-91F6-ACCDD7B2A8D1} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> No File
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {00000035-9593-4264-8B29-930B3E4EDCCD} hxxps://www.rooms.hp.com/vRoom_Cab/WebHPVCInstall35.cab
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {12545791-AC9A-44B2-8964-0DA216C4A4E5} hxxp://colder.partcommunity.com/PARTcommunity/static/all/cnsViewer3D/cnsweb3d.cab
DPF: HKLM-x32 {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://cabby.markur.com/activex/AMC.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-03-29] (Belarc, Inc. -> Belarc, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\sharepoint.com -> hxxps://gagebilt-files.sharepoint.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\123simsen.com -> www.123simsen.com
 
There are 7940 more sites.
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2017-07-25 16:02 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2342451961-4240078405-2464669458-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Local\Microsoft\Windows\Themes\US-wp3.jpg
HKU\S-1-5-21-2342451961-4240078405-2464669458-1018\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.251
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-3103852167-3425179606-4061663910-1138\...\StartupApproved\Run: => "Lync"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F3A0A648-4B58-497B-88B8-0E34456660D3}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{B471F3D5-279D-4F43-BB08-B24702A9A585}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{506191E3-275A-43B0-972D-29BE6A8FA00F}] => (Allow) C:\Users\tony\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{91A3CBE7-3E2A-444B-96B7-C963761C574F}] => (Allow) C:\Users\tony\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{0DA429FF-5CFF-4425-A70C-96B63F33C001}] => (Allow) C:\Users\tony\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{8BA49B78-4BE4-4539-B3C7-7BB4F497D9D5}C:\users\tony\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tony\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5C77D1FB-1853-43BE-A385-64DD7C4107D7}C:\users\tony\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tony\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39C8945A-2DC0-4778-AB99-933D97AD6966}] => (Allow) C:\Users\tony\AppData\Local\Temp\unpacksos\2\SRManagerSOS.exe => No File
FirewallRules: [{81229980-95A6-411F-9F66-A9B61C45DA41}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{36529882-5935-48A3-96AA-4619C4909D9C}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{B7A8E4F1-E2D9-4245-BCDB-1B509E4DAD0D}] => (Allow) C:\Users\tony\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{9F56748F-DCE0-4E8A-8312-6F73915F8A1B}] => (Allow) C:\Users\tony\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C8D57DC7-2E73-42B3-A9A8-04005FB06971}] => (Allow) C:\Program Files\Autodesk\Desktop Connect\forever\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [{77DD1B3B-B3A4-466A-810A-C17E37528942}] => (Allow) LPort=9247
FirewallRules: [{A11DF6F4-A942-4341-A10F-DACD6AD1EC15}] => (Allow) LPort=9246
FirewallRules: [{871AEEA2-A1B5-4919-9511-735BA59D1317}] => (Allow) LPort=9245
FirewallRules: [{4690D208-92CF-492B-B4A4-4C8BC97CA246}] => (Allow) LPort=9422
FirewallRules: [{757E1DA3-C357-4B28-B873-4B0B92DA2196}] => (Allow) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe => No File
FirewallRules: [{B93AE4C8-9E70-4226-9786-3CA5955B7D49}] => (Allow) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe => No File
FirewallRules: [TCP Query User{615270B3-1FA6-4CB9-AB80-0B9DBDD4E647}C:\users\tony\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\tony\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [UDP Query User{ADC5780B-7865-405D-83B5-65E7A9E2EBF5}C:\users\tony\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\tony\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [TCP Query User{BC07C171-CEFE-4895-82AF-77ABFDB2F82D}C:\program files\stratasys\insight 10.2\nt\fdmcontrolcenter.exe] => (Allow) C:\program files\stratasys\insight 10.2\nt\fdmcontrolcenter.exe (Stratasys, Inc. -> )
FirewallRules: [UDP Query User{4E43FAF0-0D6E-4F07-A1EB-F8B6B535E0D6}C:\program files\stratasys\insight 10.2\nt\fdmcontrolcenter.exe] => (Allow) C:\program files\stratasys\insight 10.2\nt\fdmcontrolcenter.exe (Stratasys, Inc. -> )
FirewallRules: [TCP Query User{F0441729-E734-4266-A954-3514D6F2D192}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe => No File
FirewallRules: [UDP Query User{8A587C96-1E07-4D10-92A7-1DDBEFD20B1C}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CF952D4D-2967-4571-9F66-FBEB9C6EBE25}C:\program files (x86)\java\jre1.8.0_144\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_144\bin\java.exe => No File
FirewallRules: [UDP Query User{D04973D5-EFEB-4E85-B360-E820ED78956F}C:\program files (x86)\java\jre1.8.0_144\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_144\bin\java.exe => No File
FirewallRules: [TCP Query User{CE91D22F-FFF5-4FA0-84A0-F03CEC0C2768}C:\program files (x86)\stratasys\stratasys updater\nt\stratasysupdater.exe] => (Block) C:\program files (x86)\stratasys\stratasys updater\nt\stratasysupdater.exe => No File
FirewallRules: [UDP Query User{767CE51D-14DD-453A-963B-CD9D0279583B}C:\program files (x86)\stratasys\stratasys updater\nt\stratasysupdater.exe] => (Block) C:\program files (x86)\stratasys\stratasys updater\nt\stratasysupdater.exe => No File
FirewallRules: [{397AA029-1C8B-4280-AA0D-B91599FB18DD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1696DA4-9916-4BAA-A1DE-000E3A7E1A25}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{10B2BEA2-C5B9-4458-8021-58BB0D69DB45}] => (Allow) C:\Program Files\Stratasys\Insight 11.5\nt\fdmcontrolcenter.exe (Stratasys Inc -> Stratasys)
FirewallRules: [{8214DFE0-1469-490F-B5B3-67E38A1ED265}] => (Allow) C:\Program Files\Stratasys\Insight 11.5\nt\fdmcontrolcenter.exe (Stratasys Inc -> Stratasys)
FirewallRules: [{3AC0BA5A-9390-4024-B810-4A68CF7C2CBC}] => (Allow) C:\Program Files\Stratasys\Stratasys Updater\nt\StratasysUpdater.exe (Stratasys Inc -> Stratasys, Inc.)
FirewallRules: [{3E3965FD-1A3C-4E00-9FE1-7EDCF4F9B1B3}] => (Allow) C:\Program Files\Stratasys\Stratasys Updater\nt\StratasysUpdater.exe (Stratasys Inc -> Stratasys, Inc.)
FirewallRules: [{85F96E96-6147-41F5-AE99-CC7EF4B9864B}] => (Allow) LPort=9422
FirewallRules: [{1F9CEF47-816D-4068-AF25-907B7A088CA6}] => (Allow) LPort=9245
FirewallRules: [{2D140FB6-405D-4607-A057-2CB44A64A93A}] => (Allow) LPort=9246
FirewallRules: [{ABDF4CAD-BFB7-4DDD-9538-0790FAE3D455}] => (Allow) LPort=9247
FirewallRules: [TCP Query User{ED63005E-2B98-4500-A6C8-95443BBF9180}C:\users\tony\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\tony\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [UDP Query User{22153E3F-228C-4003-9398-C3F557BD129B}C:\users\tony\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\tony\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [TCP Query User{55532AC5-A491-4C7B-B87A-264462A73DE3}C:\program files\stratasys\insight 11.5\nt\fdmcontrolcenter.exe] => (Allow) C:\program files\stratasys\insight 11.5\nt\fdmcontrolcenter.exe (Stratasys Inc -> Stratasys)
FirewallRules: [UDP Query User{165388A3-BD1C-49EC-9417-B1E616017241}C:\program files\stratasys\insight 11.5\nt\fdmcontrolcenter.exe] => (Allow) C:\program files\stratasys\insight 11.5\nt\fdmcontrolcenter.exe (Stratasys Inc -> Stratasys)
FirewallRules: [TCP Query User{9A04680E-15BA-495D-8309-4E813E5D7A68}C:\users\tony\appdata\local\logmein rescue applet\lmir09c61001.tmp\lmi_rescue.exe] => (Allow) C:\users\tony\appdata\local\logmein rescue applet\lmir09c61001.tmp\lmi_rescue.exe => No File
FirewallRules: [UDP Query User{A793C163-411E-4859-B7F0-CAEE5A6235B0}C:\users\tony\appdata\local\logmein rescue applet\lmir09c61001.tmp\lmi_rescue.exe] => (Allow) C:\users\tony\appdata\local\logmein rescue applet\lmir09c61001.tmp\lmi_rescue.exe => No File
FirewallRules: [TCP Query User{00B18E71-788A-4C10-B26A-7E11FDA43351}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [UDP Query User{664F0C9D-B453-4277-88DE-7E0E18B6FE26}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [TCP Query User{4A3EC2B7-F0D5-407E-B328-B65A18923621}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [UDP Query User{BF49765E-D632-45E6-A0E4-F448EED91E62}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [TCP Query User{6BB47F73-701D-4073-8889-C0C8C2F90928}C:\users\tony\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tony\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{537C9210-AB46-4BDA-8C5D-00829C99C1E9}C:\users\tony\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tony\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9C6189AB-2800-4470-9F75-F58DBC444926}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF977987-E74F-4648-ADB3-66F07C08960B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0F372BB3-BEB6-4471-B549-53FDA25DE406}C:\tcm\v101_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe] => (Allow) C:\tcm\v101_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe (WorkWise, LLC.) [File not signed]
FirewallRules: [UDP Query User{9DC200FD-6FB8-4BE0-AEF1-D4DFD099D957}C:\tcm\v101_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe] => (Allow) C:\tcm\v101_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe (WorkWise, LLC.) [File not signed]
FirewallRules: [{1BD1316D-86AF-40A9-90BD-557F18D4E360}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E060AF6A-6228-4A79-B8E9-56A4B69747D7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{3692C8C1-EEBD-461D-9CB9-5A73E6BF5C77}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{936364AE-D385-4C84-93C0-B22BD839DDFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{61454150-A916-4FD9-9417-1DC5C461B656}C:\program files\stratasys\stratasys updater\nt\stratasysupdater.exe] => (Block) C:\program files\stratasys\stratasys updater\nt\stratasysupdater.exe (Stratasys Inc -> Stratasys, Inc.)
FirewallRules: [UDP Query User{F5A18B4D-28EE-491E-AB9E-F08FD7B92F05}C:\program files\stratasys\stratasys updater\nt\stratasysupdater.exe] => (Block) C:\program files\stratasys\stratasys updater\nt\stratasysupdater.exe (Stratasys Inc -> Stratasys, Inc.)
FirewallRules: [TCP Query User{61E2592A-2C9D-4F6A-BF12-E20CC94835E3}C:\tcm\v101_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe] => (Allow) C:\tcm\v101_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe (WorkWise, LLC.) [File not signed]
FirewallRules: [UDP Query User{065B32F8-C623-460E-9737-18F57E820C15}C:\tcm\v101_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe] => (Allow) C:\tcm\v101_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe (WorkWise, LLC.) [File not signed]
FirewallRules: [TCP Query User{28B8C5C1-0038-4C1E-8025-89BD4DBB5B98}C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe] => (Allow) C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe => No File
FirewallRules: [UDP Query User{8E12FECC-2548-459D-B840-99E0E8C14055}C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe] => (Allow) C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe => No File
FirewallRules: [{A77ACE34-B5E0-49B5-8527-ECD8F5A0A2A5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D4AC0078-5E43-4C99-B1E8-71DD123BDFF2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{583321BD-87EC-4E49-897B-373648FF5F36}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{BDFAF581-A179-4B24-B2DC-EC3080F24704}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{23CCB054-ED1E-47B2-BECF-8304CCEC7FC9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{74250A5B-99C5-48EF-BD8D-D7B604C847A8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{DFF40EA7-9D4B-4F3A-8F7E-3DE92697A9F6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{AD397E9A-5BF6-4790-9D0A-C6F4AAA5FCEC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{D0F3036C-ADA2-4E9F-892C-4E9F8AF7968A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6BC602E7-09F3-420A-91F2-2FC2618F1EF9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F39B6B2E-B340-4CA7-B3B3-695F497705AA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2B81D2A2-37F3-4BBE-A64D-DD02947E5827}] => (Allow) C:\Users\tony\Downloads\AeroAdmin.exe (Aeroadmin LLC -> AeroAdmin LLC)
FirewallRules: [{F761757B-688F-4870-9C30-BE6C1CD88E07}] => (Allow) C:\Users\tony\Downloads\AeroAdmin.exe (Aeroadmin LLC -> AeroAdmin LLC)
FirewallRules: [{1E4A115F-E593-4C86-B1DA-6E611F70AC08}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5436720C-A5B0-4E57-9566-60330B00EB66}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD4F4AE1-8823-4C53-8032-8F3EB672AF32}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CEEB7496-D5E5-43F3-AF3B-5563EFF948F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{DDA74896-4F6D-46D4-A0F1-45B229BA3998}C:\tcm\v104_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe] => (Allow) C:\tcm\v104_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe (Aptean.) [File not signed]
FirewallRules: [UDP Query User{F355BACD-7D92-488E-BE77-28293B5E6F38}C:\tcm\v104_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe] => (Allow) C:\tcm\v104_tcm\cache\dotnet\client\workwise.tcm.client.common.workbench.exe (Aptean.) [File not signed]
FirewallRules: [{DD8D16EE-47A9-46E1-9303-FA9D5689B59D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{816B6070-51A8-4881-9EBF-25D2F62D2F5D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.183\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A9727B68-1F15-4046-A210-A76343525761}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{0A38CFB1-75D5-4BD6-B1E9-F1D219263402}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{1D59DCBC-B3DD-417B-800D-B05F3F1F5BFE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{3E38E7DF-31B7-4795-856A-7B2B41CAB21F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/26/2023 08:03:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (07/26/2023 08:03:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (07/26/2023 07:59:40 AM) (Source: MSSQL$WLAUSERPROFILE) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$WLAUSERPROFILE\Performance'. SQL Server performance counters are disabled.
 
Error: (07/26/2023 07:58:21 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: GAGEBILT)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (07/26/2023 07:58:20 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: GAGEBILT)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (07/26/2023 07:58:18 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: GAGEBILT)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (07/26/2023 07:58:17 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: GAGEBILT)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (07/26/2023 07:58:16 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: GAGEBILT)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
 
System errors:
=============
Error: (07/26/2023 08:00:17 AM) (Source: DCOM) (EventID: 10036) (User: GAGEBILT)
Description: The server-side authentication level policy does not allow the user GAGEBILT\SBSMonAcct SID (S-1-5-21-3103852167-3425179606-4061663910-1665) from address 192.168.1.251 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.
 
Error: (07/26/2023 08:00:17 AM) (Source: DCOM) (EventID: 10036) (User: GAGEBILT)
Description: The server-side authentication level policy does not allow the user GAGEBILT\SBSMonAcct SID (S-1-5-21-3103852167-3425179606-4061663910-1665) from address 192.168.1.251 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.
 
Error: (07/26/2023 08:00:17 AM) (Source: DCOM) (EventID: 10036) (User: GAGEBILT)
Description: The server-side authentication level policy does not allow the user GAGEBILT\SBSMonAcct SID (S-1-5-21-3103852167-3425179606-4061663910-1665) from address 192.168.1.251 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.
 
Error: (07/26/2023 08:00:17 AM) (Source: DCOM) (EventID: 10036) (User: GAGEBILT)
Description: The server-side authentication level policy does not allow the user GAGEBILT\SBSMonAcct SID (S-1-5-21-3103852167-3425179606-4061663910-1665) from address 192.168.1.251 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.
 
Error: (07/26/2023 08:00:17 AM) (Source: DCOM) (EventID: 10036) (User: GAGEBILT)
Description: The server-side authentication level policy does not allow the user GAGEBILT\SBSMonAcct SID (S-1-5-21-3103852167-3425179606-4061663910-1665) from address 192.168.1.251 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.
 
Error: (07/26/2023 08:00:17 AM) (Source: DCOM) (EventID: 10036) (User: GAGEBILT)
Description: The server-side authentication level policy does not allow the user GAGEBILT\SBSMonAcct SID (S-1-5-21-3103852167-3425179606-4061663910-1665) from address 192.168.1.251 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.
 
Error: (07/26/2023 08:00:17 AM) (Source: DCOM) (EventID: 10036) (User: GAGEBILT)
Description: The server-side authentication level policy does not allow the user GAGEBILT\SBSMonAcct SID (S-1-5-21-3103852167-3425179606-4061663910-1665) from address 192.168.1.251 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.
 
Error: (07/26/2023 08:00:17 AM) (Source: DCOM) (EventID: 10036) (User: GAGEBILT)
Description: The server-side authentication level policy does not allow the user GAGEBILT\SBSMonAcct SID (S-1-5-21-3103852167-3425179606-4061663910-1665) from address 192.168.1.251 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.
 
 
Windows Defender:
================
Date: 2023-07-26 07:26:47
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Backdoor:Win32/Bladabindi!ml
Severity: Severe
Category: Backdoor
Path: file:_C:\Program Files (x86)\FingerTec\FingerTec TCMS V3\TCMS V3\ingressinitdate+(3).exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe
Security intelligence Version: AV: 1.393.1471.0, AS: 1.393.1471.0, NIS: 1.393.1471.0
Engine Version: AM: 1.1.23060.1005, NIS: 1.1.23060.1005
 
Date: 2023-07-26 07:18:01
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Phonzy.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Temp\tmp00000234\tmp002c5fac
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe
Security intelligence Version: AV: 1.393.1471.0, AS: 1.393.1471.0, NIS: 1.393.1471.0
Engine Version: AM: 1.1.23060.1005, NIS: 1.1.23060.1005
 
Date: 2023-07-26 07:14:48
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Phonzy.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Temp\tmp00000234\tmp002818ec
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe
Security intelligence Version: AV: 1.393.1471.0, AS: 1.393.1471.0, NIS: 1.393.1471.0
Engine Version: AM: 1.1.23060.1005, NIS: 1.1.23060.1005
 
Date: 2023-07-26 07:12:10
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Script/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Temp\tmp00000234\tmp00241a44
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe
Security intelligence Version: AV: 1.393.1471.0, AS: 1.393.1471.0, NIS: 1.393.1471.0
Engine Version: AM: 1.1.23060.1005, NIS: 1.1.23060.1005
 
Date: 2023-07-26 07:11:35
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Script/Sabsik.TE.A!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Temp\tmp00000234\tmp0023c6ac
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe
Security intelligence Version: AV: 1.393.1471.0, AS: 1.393.1471.0, NIS: 1.393.1471.0
Engine Version: AM: 1.1.23060.1005, NIS: 1.1.23060.1005
Event[0]:
 
Date: 2023-07-26 07:58:13
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.393.1471.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.23060.1005
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
 
Date: 2023-07-26 07:48:10
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2023-07-26 07:12:42
Description: 
Microsoft Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Script/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Temp\tmp00000234\tmp00241a44
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe
Action: Unknown
Action Status:  No additional actions required
Error Code: 0x80508033
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 
Security intelligence Version: AV: 1.393.1471.0, AS: 1.393.1471.0, NIS: 1.393.1471.0
Engine Version: AM: 1.1.23060.1005, NIS: 1.1.23060.1005
 
Date: 2023-07-26 06:44:40
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2023-04-30 03:33:14
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.387.2599.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.20200.4
Error code: 0x80070643
Error description: Fatal error during installation. 
 
CodeIntegrity:
===============
Date: 2023-07-26 07:57:03
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F1 10/01/2018
Motherboard: Gigabyte Technology Co., Ltd. X399 AORUS PRO-CF
Processor: AMD Ryzen Threadripper 1950X 16-Core Processor 
Percentage of memory in use: 51%
Total physical RAM: 16282.77 MB
Available physical RAM: 7863.21 MB
Total Virtual: 19738.77 MB
Available Virtual: 10779.52 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:222.87 GB) (Free:36.27 GB) (Model: CT240BX500SSD1) NTFS
Drive d: (12052022) (Fixed) (Total:465.63 GB) (Free:415.96 GB) (Model: Samsung SSD 870 EVO 500GB) NTFS
Drive s: () (Network) (Total:200.4 GB) (Free:77.13 GB) (Model: Samsung SSD 870 EVO 500GB) NTFS
 
\\?\Volume{3ab2e22b-b104-4e5e-9d44-ab324c97e0a9}\ () (Fixed) (Total:0.48 GB) (Free:0.04 GB) NTFS
\\?\Volume{b089c358-f965-4d37-aace-45ecbd24448a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 638E7F22)
 
Partition: GPT.
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 5D0278C4)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


  • 0

#3
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,943 posts

Hello.

Welcome to GTG Forums. EPFGbk7.gif

I will be assisting you regarding your computer's issues. Here, we will check your computer for malware. As soon as I have your consent, I'll start giving you instructions on how to proceed. 

Please, adhere to the guidelines below. As soon as I have your consent, I'll give you instructions about how to proceed. 

1. Always ask before acting. Do not continue if you are not sure, or if something unexpected happens!

2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.

3. Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Having such programs installed, is the easiest way to get infected. Thus, no need to clean the computer, since, soon or later, it will get infected again. If you have such programs, please uninstall them now, before we start the cleaning procedure.

4. If your computer seems to start working normally, don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.

5. You have to reply to my posts within 3 days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback. If you are able, I would request you to check this thread at least once per day so that we can resolve your issues effectively and efficiently.

6. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.


  • 0

#4
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,943 posts

Hello,

 

Do you still need assistance? 


  • 0

#5
inventor24

inventor24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

Grecian Geek,

Yes...After I posted I ran a Malwarebytes checked for rootkits.

It found some other stuff and let the program fix them, but Widows Defender still finds Trojan:Win64/Spyboy!MSR.


  • 0

#6
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,943 posts

OK! Thanks you replied.

 

I'll be back to you in a while.  :thumbsup:


  • 0

#7
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,943 posts

Hi, Inventor24.

 

Your logs were huge!

 

My first comments/questions:

 

 

1. FRST

 

Please move it on to your Desktop.

 

 

2. Computer's owner

 

Is this a personal computer or a work computer? If the latter is the case, the ITs of the company should do the cleaning work on it.

 

 

3. Uninstall...

 

Out of date > Security Risk: 

 

Adobe Flash Player 32 NPAPI 
Adobe Flash Player 32 PPAPI 
Adobe Shockwave Player 11.6 
 
Security programs:
 
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Combo Cleaner 
 
You have already the built-in Windows Security, Malwarebytes, plus Spybot. You don't need anything else, and the Defender's detections have to do with Combo Cleaner, most possibly false/positive detections. 
 
 
4. Browsers
 
Did you intentionally set the computer to be getting notifications from the following sites in Chrome?
 
CHR Notifications: Default -> hxxps://www.cheaperthandirt.com; hxxps://www.thesun.co.uk
Did you intentionally install this?
 
FF SearchPlugin: C:\Users\tony\AppData\Roaming\Mozilla\Firefox\Profiles\xkqb43t7.default\searchplugins\yahoo-avast.xml [2017-09-13]
 
 
5. Fresh FRST logs
 
After uninstalling the programs, I'll need fresh FRST logs, assuming always that the computer is a personal computer. 

  • 0

#8
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,943 posts

Still with me?


  • 0

#9
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,943 posts
Due to lack of feedback, this topic has been closed.
 
If you need this topic reopened, please contact a staff member, or send me a personal message (hoover with the mouse on my profile name and choose Send message).

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP