may be infected…Windows Explorer crashing on startup | #firefox | #chrome | #microsoftedge

Attached is the Farbar FRST.TXT file:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Dmarr (administrator) on DMARR (31-12-2021 13:11:19)
Running from D:UtilitiesMalware
Loaded Profiles: Dmarr (Available Profiles: Dmarr)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: “D:InternetWater Foxwaterfox.exe” -osint -url “%1”)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:WindowsSystem32igfxCUIService.exe
(Microsoft Corporation) C:WindowsSystem32wlanext.exe
(TEFINCOM S.A.) D:InternetNordVPNnordvpn-service.exe
(Adobe Systems, Incorporated) C:Program Files (x86)Common FilesAdobeAdobeGCClientAGMService.exe
(Adobe Systems, Incorporated) C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe
(Alps Electric Co., Ltd.) C:Program FilesDellTPadHidMonitorSvc.exe
(Apple Inc.) C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
(Apple Inc.) C:Program FilesBonjourmDNSResponder.exe
() C:Program Files (x86)DellUpdateServiceServiceShell.exe
(Dell Inc) C:Program FilesDellPPOTelemetrydpoTelemetrySvc.exe
(Intel® Corporation) C:Program FilesIntelWiFibinEvtEng.exe
(Flexera) C:Program Files (x86)Common FilesMacrovision SharedFlexNet PublisherFNPLicensingService.exe
(SafeNet Inc.) C:WindowsSystem32hasplms.exe
(Intel Corporation) C:Program Files (x86)IntelBluetoothibtsiva.exe
(Microsoft Corporation) C:Program Files (x86)Common Filesmicrosoft sharedVS7DEBUGmdm.exe
() C:WindowsSysWOW64srvany.exe
(Dell Inc.) C:Program FilesDellPPOpoaTaServ.exe
(TODO: <公司名>) C:WindowsSysWOW64SDIOAssist.exe
(Intel® Corporation) C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe
(Microsoft Corporation) C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe
(Sierra Wireless, Inc.) C:Program Files (x86)Sierra Wireless IncUtilsSwiService.exe
(Xtralis) C:Program Files (x86)Common FilesXhiWAySpaywPqiekg43JwqnBJhRZfSnay7rrBPrvice.exe
(Intel® Corporation) C:Program FilesIntelWiFibinZeroConfigService.exe
(WIBU-SYSTEMS AG) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe
(Microsoft Corporation) C:WindowsSystem32dllhost.exe
(Microsoft Corporation) C:WindowsTempOfficeClickToRun.exe.bak
(Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedClickToRunAppVShNotify.exe
(Motorola Solutions, Inc.) C:Program Files (x86)IntelBluetoothdevmonsrv.exe
(Motorola Solutions, Inc.) C:Program Files (x86)IntelBluetoothmediasrv.exe
(Motorola Solutions, Inc.) C:Program Files (x86)IntelBluetoothobexsrv.exe
(Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler.exe
(Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler64.exe
(Intel Corporation) C:DellIntel Mang Eng CompDALjhi_service.exe
(Intel Corporation) C:DellIntel Mang Eng CompLMSLMS.exe
(BayHubTech/O2Micro International) C:WindowsSystem32driverso2flash.exe
(Dell Inc.) C:Program FilesDellSupport1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe
(Dell Inc.) C:Program FilesDellDellDataVaultDDVDataCollector.exe
(Dell Inc.) C:Program FilesDellDellDataVaultDDVCollectorSvcApi.exe
(Alps Electric Co., Ltd.) C:Program FilesDellTPadApoint.exe
(Alps Electric Co., Ltd.) C:Program FilesDellTPadApMsgFwd.exe
(Alps Electric Co., Ltd.) C:Program FilesDellTPadhidfind.exe
(Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe
(Alps Electric Co., Ltd.) C:Program FilesDellTPadApntEx.exe
(Apple Inc.) D:Multi MediaiTunesiTunesHelper.exe
(Logitech, Inc.) C:Program FilesLogitechSetPointPSetPoint.exe
(Microsoft Corporation) C:WindowsSystem32rundll32.exe
(Logitech, Inc.) C:Program FilesLogitechLogiOptionsLogiOptions.exe
() C:WindowsSysWOW64CodecsTrayMenu.exe
(Logitech, Inc.) C:Program FilesCommon FilesLogiShrdKHAL3KHALMNPR.exe
(Logitech, Inc.) C:ProgramDat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.exe
(Logitech) C:ProgramDat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.exe
(Adobe Systems Inc.) D:PublishingAcrobat Pro XIAcrobatacrotray.exe
(Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
(Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextRadeonSettings.exe
(Apple Inc.) C:Program FilesiPodbiniPodService.exe
(Advanced Micro Devices Inc.) C:Program Files (x86)AMDCNextCCCSlimMOM.exe
(Advanced Micro Devices Inc.) C:Program Files (x86)AMDCNextCCCSlimCCC.exe
() C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP32.exe
(Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejucheck.exe
(Dell Inc.) C:Program FilesDellDellDataVaultatiw.exe
(Microsoft Corporation) C:WindowsSysWOW64prevhost.exe
(Adobe Systems Incorporated) D:PublishingAcrobat Pro XIAcrobatAcroRd32.exe
(Adobe Systems Incorporated) D:PublishingAcrobat Pro XIAcrobatAcroRd32.exe
(Microsoft Corporation) C:WindowsSystem32prevhost.exe
(Microsoft Corporation) C:Program FilesMicrosoft OfficerootOffice16EXCEL.EXE
(Microsoft Corporation) C:Program FilesMicrosoft OfficerootOffice16WINWORD.EXE
(Autodesk Inc.) C:Program FilesCommon FilesAutodesk SharedAcHelp.exe
(Waterfox) D:InternetWater Foxwaterfox.exe
(Waterfox) D:InternetWater Foxwaterfox.exe
(Waterfox) D:InternetWater Foxwaterfox.exe
(Waterfox) D:InternetWater Foxwaterfox.exe
(Waterfox) D:InternetWater Foxwaterfox.exe
(Waterfox) D:InternetWater Foxwaterfox.exe
(Waterfox) D:InternetWater Foxwaterfox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [iTunesHelper] => D:Multi MediaiTunesiTunesHelper.exe [301880 2018-11-15] (Apple Inc.)
HKLM…Run: [AdobeAAMUpdater-1.0] => C:Program Files (x86)Common FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9ility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM…Run: [EvtMgr6] => C:Program FilesLogitechSetPointPSetPoint.exe [3136136 2019-01-29] (Logitech, Inc.)
HKLM…Run: [BTMTrayAgent] => rundll32.exe “C:Program Files (x86)IntelBluetoothbtmshellex.dll”,TrayApp
HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor)
HKLM…Run: [Apoint] => C:Program FilesDellTPadApoint.exe [776224 2018-10-24] (Alps Electric Co., Ltd.)
HKLM…Run: [LogiOptions] => C:Program FilesLogitechLogiOptionsLogiOptions.exe [1667208 2020-11-23] (Logitech, Inc.)
HKLM-x32…Run: [Codec Settings UAC Manager] => C:WindowsSysWOW64CodecsCodecUACManager.exe [66192 2018-12-14] ()
HKLM-x32…Run: [Adobe ARM] => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [1160408 2016-12-17] (Adobe Systems Incorporated)
HKLM-x32…Run: [] => [X]
HKLM-x32…Run: [Acrobat Assistant 8.0] => D:PublishingAcrobat Pro XIAcrobatAcrotray.exe [3500056 2017-11-01] (Adobe Systems Inc.)
HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [646776 2020-03-12] (Oracle Corporation)
WinlogonNotifyGoToAssist: C:Program Files (x86)LogMeInGoToAssist Corporate1280G2AWinLogon_x64.dll (LogMeIn, Inc.)
WinlogonNotifyLBTWlgn: c:program filescommon fileslogishrdbluetoothLBTWlgn.dll (Logitech, Inc.)
HKUS-1-5-21-2705839474-1034495589-3787676121-1000…PoliciesExplorer: []
HKUS-1-5-21-2705839474-1034495589-3787676121-1000…MountPoints2: {96317c62-4aaa-11e9-b757-806e6f6e6963} – E:Windowsdpinst64.exe
HKUS-1-5-18…Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:Program Files (x86)Common FilesAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:Program Files (x86)Common FilesAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:Program Files (x86)Common FilesAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:Windowssystem32AcSignIcon.dll [2019-02-08] (Autodesk, Inc.)
Startup: C:ProgramDataMicrosoftWindowsStart MSTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.lnk [2018-12-16]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:WindowsSysWOW64CodecsTrayMenu.exe ()
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScriptsUser: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 192.168.1.9    advint04
TcpipParameters: [DhcpNameServer] 192.168.1.254
Tcpip..Interfaces{50AA58DC-6F33-485C-9945-E9A90F8F8625}: [NameServer] 192.168.1.2 192.168.1.17
Tcpip..Interfaces{8916EDF1-FC24-4A95-A6FE-28890C3B9550}: [DhcpNameServer] 103.86.96.100 103.86.99.100
Tcpip..Interfaces{A7CEE4E8-0BB2-44FB-BC23-6D895446BC42}: [DhcpNameServer] 192.168.1.2 192.168.1.17
Tcpip..Interfaces{DB0A7BE7-A939-42E8-BBE3-B63ED23CAA6E}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKUS-1-5-21-2705839474-1034495589-3787676121-1000SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKUS-1-5-21-2705839474-1034495589-3787676121-1000SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxps://www.google.com/
SearchScopes: HKUS-1-5-21-2705839474-1034495589-3787676121-1000 -> DefaultScope {3697673E-13D4-453E-A2B9-D3E9D92B92DA} URL =
SearchScopes: HKUS-1-5-21-2705839474-1034495589-3787676121-1000 -> {3697673E-13D4-453E-A2B9-D3E9D92B92DA} URL =
SearchScopes: HKUS-1-5-21-2705839474-1034495589-3787676121-1000 -> {BEE4E2DD-BCF3-4C80-A90E-9C95BF6BCD66} URL =
BHO: Legacy Browser Support -> {08B5789A-BD8E-4DAE-85DF-EF792C658B86} -> C:Program FilesGoogleLegacy Browser Supportbrowser_switcher_bho.dll [2021-11-01] (Google Inc)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootOffice16OCHelper.dll [2021-02-02] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:InternetJavabinssv.dll [2020-05-01] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:Program Files (x86)Common FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9avClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:Program FilesLogitechSetPointPSetPointSmooth.dll [2019-01-29] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program FilesMicrosoft OfficerootOffice16URLREDIR.DLL [2021-07-17] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:InternetJavabinjp2ssv.dll [2020-05-01] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:Program Files (x86)Common FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9avClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Legacy Browser Support -> {08B5789A-BD8E-4DAE-85DF-EF792C658B86} -> C:Program Files (x86)GoogleLegacy Browser Supportbrowser_switcher_bho.dll [2021-11-01] (Google Inc)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2021-02-02] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:Program Files (x86)Common FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9ient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:Program FilesLogitechSetPointP32-bitSetPointSmooth.dll [2019-01-29] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16URLREDIR.DLL [2021-07-17] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:Program Files (x86)Common FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9ient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM – Adobe Acrobat Create PDF Toolbar – {47833539-D0C5-4125-9FA8-0819E2EAAC93} – C:Program Files (x86)Common FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9avClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 – Adobe Acrobat Create PDF Toolbar – {47833539-D0C5-4125-9FA8-0819E2EAAC93} – C:Program Files (x86)Common FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9ient.dll [2016-04-23] (Adobe Systems Incorporated)
Handler: AutorunsDisabled – {314111c7-a502-11d2-bbca-00c04f8ec294} – C:Program FilesCommon FilesMicrosoft SharedHelphxds.dll [2008-05-23] (Microsoft Corporation)
Handler-x32: belarc – {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} – C:Program Files (x86)BelarcBelarcAdvisorSystemBAVoilaX.dll [2018-04-17] (Belarc, Inc.)
Handler: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-09-20] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-09-20] (Microsoft Corporation)
Handler: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-09-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-09-20] (Microsoft Corporation)
Handler: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-09-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-09-20] (Microsoft Corporation)
Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-09-20] (Microsoft Corporation)
Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-09-20] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:Windowssyst1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.dll [2019-03-22] ()
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> D:Int1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.dll [2020-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> D:InternetJavabinplugin2npjp2.dll [2020-05-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:Microsoft OfficeMS ProjectOffice14NPAUTHZ.DLL [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_32_0_0_156.dll [2019-03-22] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-02-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~2Microsoft OfficeOffice14NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> D:PublishingAcrobat Pro XIAcrobatAirnppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems)
FF Plugin HKUS-1-5-21-2705839474-1034495589-3787676121-1000: LWA64Plugin15.8 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9Plugin15.8.dll [No File]
FF Plugin HKUS-1-5-21-2705839474-1034495589-3787676121-1000: SkypeForBusinessPlugin-16.2 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9essPlugin16.2.0.511npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation)
FF Plugin HKUS-1-5-21-2705839474-1034495589-3787676121-1000: SkypeForBusinessPlugin64-16.2 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9essPlugin16.2.0.511npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH964Plugin15.8.dll [2013-03-13] (Microsoft Corporation)
FF HKLM…FirefoxExtensions: [web2pdfextension.17@acrobat.adobe.com] – D:PublishingAcrobat Pro XIAYqLVR2jqojevDBgbFFiKiamWQXsLHZtR4B7kF7AUy4T51vdgiMkNE1VDnMy7at-1.0-windows.xpi
FF Extension: No Name – D:PublishingAcrobat Pro XIAYqLVR2jqojevDBgbFFiKiamWQXsLHZtR4B7kF7AUy4T51vdgiMkNE1VDnMy7at-1.0-windows.xpi [2017-11-01]
FF HKLM-x32…FirefoxExtensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] – C:Program FilesLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9oxExt
FF Extension: No Name – C:Program FilesLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9oxExt [2019-02-21] [not signed]
FF HKLM-x32…FirefoxExtensions: [web2pdfextension.17@acrobat.adobe.com] – D:PublishingAcrobat Pro XIAYqLVR2jqojevDBgbFFiKiamWQXsLHZtR4B7kF7AUy4T51vdgiMkNE1VDnMy7at-1.0-windows.xpi

Chrome:
=======
CHR Profile: C:UsersDmarrAppDataLocalGoogleChromeUser DataDefault
CHR Extension: (Slides) – C:UsersDmarrAppDataLocalGoogleChromeUser Dat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH [2021-04-27]
CHR Extension: (Slides) – C:UsersDmarrAppDataLocalGoogleChromeUser Dat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH [2021-04-27]
CHR Extension: (Google Drive) – C:UsersDmarrAppDataLocalGoogleChromeUser Dat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH [2021-04-27]
CHR Extension: (YouTube) – C:UsersDmarrAppDataLocalGoogleChromeUser Dat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH [2021-04-27]
CHR Extension: (Slides) – C:UsersDmarrAppDataLocalGoogleChromeUser Dat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH [2021-12-05]
CHR Extension: (Slides) – C:UsersDmarrAppDataLocalGoogleChromeUser Dat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH [2021-04-27]
CHR Extension: (Slides) – C:UsersDmarrAppDataLocalGoogleChromeUser Dat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH [2021-12-05]
CHR Extension: (Chrome Web Store Payments) – C:UsersDmarrAppDataLocalGoogleChromeUser Dat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH [2021-04-27]
CHR Extension: (Gmail) – C:UsersDmarrAppDataLocalGoogleChromeUser Dat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH [2021-04-27]
CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj] – D:PublishingAcrobat Pro XIAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9Extn.crx [2017-11-01]
StartMenuInternet: Google Chrome – C:Program FilesGoogleChromeApplicationchrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:Program Files (x86)AutodeskAutodesk Desktop AppAdAppMgrSvc.exe [1233272 2019-05-14] (Autodesk Inc.)
S4 AdobeUpdateService; C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe [818128 2019-03-01] (Adobe Inc.)
S3 AdskLicensingService; C:Program Files (x86)Common FilesAutodesk SharedAYqLVR2jqojevDBgbFFiKiamWQXsLHZtR4B7kF7AUy4T51vdgiMkNE1VDnMy7ce.exe [16939312 2019-01-08] (Autodesk)
R2 AGMService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
R2 ApHidMonitorService; C:Program FilesDellTPadHidMonitorSvc.exe [104800 2018-10-24] (Alps Electric Co., Ltd.)
R2 Apple Mobile Device Service; C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
S3 BrYNSvc; C:Program Files (x86)Browny02BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [11136880 2021-12-16] (Microsoft Corporation)
R2 DDVCollectorSvcApi; C:Program FilesDellDellDataVaultDDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc.)
R2 DDVDataCollector; C:Program FilesDellDellDataVaultDDVDataCollector.exe [3347440 2018-10-22] (Dell Inc.)
S2 DDVRulesProcessor; C:Program FilesDellDellDataVaultDDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc.)
R2 DellClientManagementService; C:Program Files (x86)DellUpdateServiceServiceShell.exe [36032 2019-11-08] ()
R2 dpoTelemetrySvc; C:Program FilesDellPPOTelemetrydpoTelemetrySvc.exe [157936 2017-03-20] (Dell Inc)
S4 DSAService; C:Program Files (x86)IntelDriver and Support AssistantDSAService.exe [26984 2019-07-25] (Intel)
S4 DSAUpdateService; C:Program Files (x86)IntelDriver and Support AssistantDSAUpdateService.exe [80744 2019-07-25] (Intel)
R2 FlexNet Licensing Service; C:Program Files (x86)Common FilesMacrovision SharedFlexNet PublisherFNPLicensingService.exe [2657616 2019-05-08] (Flexera)
S3 GoogleChromeElevationService; C:Program FilesGoogleChromeApplication96.0.4664.110elevation_service.exe [1392984 2021-12-12] (Google LLC)
S4 GoToAssist; C:Program Files (x86)LogMeInGoToAssist Corporate1280G2AC_Service.exe [316872 2019-03-20] (LogMeIn, Inc.)
R2 hasplms; C:Windowssystem32hasplms.exe [4665168 2015-08-16] (SafeNet Inc.)
R2 iBtSiva; C:Program Files (x86)IntelBluetoothibtsiva.exe [518240 2019-01-23] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:Windowssystem32igfxCUIService.exe [342360 2019-08-30] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:Program FilesInteliCLS ClientSocketHeciServer.exe [732448 2017-02-24] (Intel® Corporation)
S3 Intel® SUR QC SAM; C:Program FilesInt1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.exe [18168 2017-07-13] (Intel Corporation)
S2 Intel® TPM Provisioning Service; C:Program FilesInteliCLS ClientTPMProvisioningService.exe [548648 2017-02-24] (Intel® Corporation)
R2 jhi_service; C:DellIntel Mang Eng CompDALjhi_service.exe [197264 2017-06-26] (Intel Corporation)
R2 LMS; C:DellIntel Mang Eng CompLMSLMS.exe [419984 2017-06-26] (Intel Corporation)
R2 MDM; C:Program Files (x86)Common FilesMicrosoft SharedVS7DEBUGmdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:Program FilesIntelWiFibinPanDhcpDns.exe [310880 2018-09-05] ()
R2 nordvpn-service; D:InternetNordVPNnordvpn-service.exe [277688 2021-04-21] (TEFINCOM S.A.)
R2 O2FLASH; C:Windowssystem32DRIVERSo2flash.exe [65536 2014-03-07] (BayHubTech/O2Micro International)
R2 O2SDIOAssist; C:WindowsSysWOW64srvany.exe [8192 2012-03-09] () [File not signed]
S3 poaService; C:Program FilesDellPPOpoaService.exe [1282288 2017-03-20] (Dell Inc.)
S3 PoaSMSrv; C:Program FilesDellPPOpoaSmSrv.exe [353008 2017-03-20] (Dell Inc.)
R2 poaTaServ; C:Program FilesDellPPOpoaTaServ.exe [1086192 2017-03-20] (Dell Inc.)
R2 SupportAssistAgent; C:Program FilesDellSupport1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe [50648 2020-01-14] (Dell Inc.)
R2 SwiService; C:Program Files (x86)Sierra Wireless IncUtilsSWIService.exe [792840 2015-07-02] (Sierra Wireless, Inc.)
R2 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2016-03-25] (Microsoft Corporation)
R2 XtralisUSBDriverService; C:Program Files (x86)Common FilesXhiWAySpaywPqiekg43JwqnBJhRZfSnay7rrBPrvice.exe [1412608 2020-07-21] (Xtralis) [File not signed]
R2 ZeroConfigService; C:Program FilesIntelWiFibinZeroConfigService.exe [4059744 2018-09-05] (Intel® Corporation)
S3 Dell.CommandPowerManager.Service; C:Windowssystem32dllhost.exe /Processid:{BD05A1F7-D0F1-4FB3-B203-B40AC87AF3F3}

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 akshasp; C:WindowsSystem32DRIVERSakshasp.sys [77912 2015-08-16] (SafeNet Inc.)
R3 akshhl; C:WindowsSystem32DRIVERSakshhl.sys [81368 2015-08-16] (SafeNet Inc.)
R3 aksusb; C:WindowsSystem32DRIVERSaksusb.sys [322560 2015-08-16] (SafeNet Inc.)
R0 amdkmpfd; C:WindowsSystem32DRIVERSamdkmpfd.sys [65248 2016-10-26] (Advanced Micro Devices, Inc.)
R2 asdlog; C:Windowssystem32DRIVERSasdlog.sys [29440 2009-11-25] (AGG Software (hxxp://www.aggsoft.com))
S3 ausb3hub; C:Windowssystem32driversausb3hub.sys [404480 2015-08-20] (Intel Corporation)
S3 ausb3xhc; C:Windowssystem32driversausb3xhc.sys [817664 2015-08-20] (Intel Corporation)
R3 btmaux; C:WindowsSystem32DRIVERSbtmaux.sys [156760 2019-01-17] (Motorola Solutions, Inc.)
R3 btmhsf; C:WindowsSystem32DRIVERSbtmhsf.sys [1566088 2019-01-17] (Motorola Solutions, Inc.)
S3 btmlehid; C:WindowsSystem32DRIVERSbtmlehid.sys [95112 2019-01-17] (Motorola Solutions, Inc.)
R3 com0com; C:WindowsSystem32DRIVERScom0com.sys [90544 2017-07-12] (Vyacheslav Frolov)
S3 DDDriver; C:WindowsSystem32driversDDDriver64Dcsa.sys [41608 2018-10-20] (Dell Inc.)
S3 DellProf; C:WindowsSystem32driversDellProf.sys [32952 2017-03-20] (Dell Computer Corporation)
R3 e1dexpress; C:WindowsSystem32DRIVERSe1d62x64.sys [501216 2015-08-05] (Intel Corporation)
S3 ebdrv; C:Windowssystem32driversevbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 hardlock; C:Windowssystem32drivershardlock.sys [350552 2015-08-16] (SafeNet Inc.)
R3 hhdserhelp; C:WindowsSystem32DRIVERShhdserhelp64.sys [40064 2020-02-07] (HHD Software Ltd.)
R3 hhdserial64; C:WindowsSystem32DRIVERShhdserial64.sys [57992 2020-02-07] (HHD Software Ltd.)
S3 IaNVMe; C:Windowssystem32driversIaNVMe.sys [101872 2015-07-07] (Intel Corporation)
R0 IaNVMeF; C:WindowsSystem32driversIaNVMeF.sys [27120 2015-07-07] (Intel Corporation)
R0 iaStorF; C:WindowsSystem32DRIVERSiaStorF.sys [28008 2016-10-26] (Intel Corporation)
R3 ibtusb; C:WindowsSystem32DRIVERSibtusb.sys [230792 2019-01-17] (Intel Corporation)
R3 KbdBlock2; C:WindowsSystem32DriversKbdBlock2.sys [15672 2018-08-17] (ILLC)
R3 MEIx64; C:WindowsSystem32DRIVERSTeeDriverx64.sys [200792 2017-06-25] (Intel Corporation)
R2 NDivert; C:WindowsSystem32DRIVERSNDivert.sys [95944 2021-03-29] ()
R3 NETwNs64; C:WindowsSystem32DRIVERSNetwsw02.sys [3486288 2018-09-26] (Intel Corporation)
R3 nlwt; C:WindowsSystem32DRIVERSnlwt.sys [29888 2020-12-12] (WireGuard LLC)
R1 nordlwf; C:WindowsSystem32DRIVERSnordlwf.sys [29384 2020-07-10] (TEFINCOM S.A.)
R1 npcap; C:WindowsSystem32DRIVERSnpcap.sys [65944 2020-09-25] (Insecure.Com LLC.)
S3 nvme; C:Windowssystem32driversnvme.sys [83784 2015-12-15] (Samsung Electronics Co., Ltd)
R0 nvmeF; C:WindowsSystem32driversnvmeF.sys [30776 2015-12-15] (Samsung Electronics Co., Ltd)
R3 O2FJ2RDR; C:WindowsSystem32DRIVERSO2FJ2w7x64.sys [210592 2014-05-14] (BayHubTech/O2Micro )
S3 OxPCIeMf; C:WindowsSystem32DRIVERSOxPCIeMf.sys [62000 2009-09-23] (OEM)
S3 OxPCIeSer; C:WindowsSystem32DRIVERSOxPCIeSer.sys [102960 2009-09-23] (OEM)
R3 POADrvr; C:WindowsSystem32driversPOADrvr.sys [31552 2017-02-20] (Dell Computer Corporation)
S3 PORTMON; D:UtilitiesSysInternalsPORTMSYS.SYS [28656 2020-01-16] (Systems Internals) [File not signed]
R2 Sentinel64; C:WindowsSystem32DriversSentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R2 SPSniff; D:EngineeringPLCSerial Port MonitorEltimaSPSniff.sys [35432 2020-07-10] ()
R3 ST_ACCEL; C:WindowsSystem32DRIVERSST_Accel.sys [75952 2014-04-21] (STMicroelectronics)
R3 swg3kmbb05; C:WindowsSystem32DRIVERSswg3kmbb05.sys [567552 2016-10-26] (Sierra Wireless Incorporated)
R3 swg3knmea05; C:WindowsSystem32DRIVERSswg3knmea05.sys [276720 2015-07-02] (Sierra Wireless Incorporated)
R3 swg3kser05; C:WindowsSystem32DRIVERSswg3kser05.sys [287504 2016-10-26] (Sierra Wireless Incorporated)
S3 tapnordvpn; C:WindowsSystem32DRIVERStapnordvpn.sys [35592 2018-07-24] (The OpenVPN Project)
S3 USA19H; C:WindowsSystem32DRIVERSUSA19Hx64.sys [740096 2007-10-30] (Keyspan)
S3 USA19HP; C:WindowsSystem32DRIVERSUSA19Hx64p.SYS [35840 2007-10-23] (Keyspan)
R3 WDC_SAM; C:WindowsSystem32DRIVERSwdcsam64_prewin8.sys [31920 2018-02-26] (Western Digital Technologies)
R3 WinDriver6; C:WindowsSystem32driverswindrvr6.sys [254976 2019-12-13] (Jungo)
S2 ACCESNT; SystemRootSYSTEM32DRIVERSaccesnt.sys [X]
S4 btmaudio; system32driversbtmaud.sys [X]
R4 DBUtil_2_3; ??C:WindowsTEMPDBUtil_2_3.Sys [X]
U4 npcap_wifi; no ImagePath
S3 NSNDIS5; ??C:Windowssystem32NSNDIS5.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-31 13:10 – 2021-12-31 13:11 – 00000000 ____D C:FRST
2021-12-30 16:47 – 2021-12-30 16:47 – 00037200 _____ C:UsersDmarrAppDataLocalrecently-used.xbel
2021-12-28 10:40 – 2021-12-28 10:40 – 00000004 ____H C:ProgramDatacm-lock
2021-12-25 13:24 – 2021-12-25 13:24 – 00000000 ____D C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9Ed
2021-12-25 13:23 – 2021-12-25 13:26 – 00000000 ____D C:UsersDmarrDocumentsScrapingExpert
2021-12-25 13:22 – 2021-12-25 13:22 – 00000000 ____D C:UsersDmarrAppDataLocalOfi Labs
2021-12-25 13:11 – 2021-12-25 13:11 – 00002621 _____ C:UsersPublicDesktopScrapingExpert 6.0.43.lnk
2021-12-25 13:11 – 2021-12-25 13:11 – 00002621 _____ C:ProgramDataDesktopScrapingExpert 6.0.43.lnk
2021-12-25 11:52 – 2021-12-25 12:57 – 00000000 ____D C:UsersDmarrAppDataRoamingOctoparse8
2021-12-25 11:52 – 2021-12-25 11:52 – 00000000 ____D C:UsersDmarrAppDataRoamingOctopus8
2021-12-25 11:52 – 2021-12-25 11:52 – 00000000 ____D C:UsersDmarrAppDataLocalOctopusSoftV8
2021-12-25 11:52 – 2021-12-25 11:52 – 00000000 ____D C:UsersDmarrAppDataLocaloctoparse-updater
2021-12-25 09:50 – 2021-12-25 13:05 – 00000000 ____D C:UsersDmarrAppDataRoamingScrapeStorm
2021-12-25 09:50 – 2021-12-25 09:50 – 00001168 _____ C:UsersPublicDesktopScrapeStorm.lnk
2021-12-25 09:50 – 2021-12-25 09:50 – 00001168 _____ C:ProgramDataDesktopScrapeStorm.lnk
2021-12-25 09:50 – 2021-12-25 09:50 – 00000000 ____D C:UsersDmarrAppDataLocalhouyicaiji-updater
2021-12-25 09:50 – 2021-12-25 09:50 – 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsScrapeStorm
2021-12-25 09:31 – 2021-12-25 09:31 – 00000000 ____D C:UsersDmarrAppDataRoamingParseHub
2021-12-25 09:31 – 2021-12-25 09:31 – 00000000 ____D C:UsersDmarrAppDataRoaming.parsehub
2021-12-25 09:31 – 2021-12-25 09:31 – 00000000 ____D C:UsersDmarrAppDataLocalParseHub
2021-12-23 08:38 – 2021-12-23 08:38 – 00000000 ____D C:UsersDmarrAppDataLocalkvibes
2021-12-11 18:30 – 2021-12-15 23:21 – 00000000 ____D C:UsersDmarrDesktopDangerous (2021) 2160p
2021-12-11 17:00 – 2021-12-11 17:00 – 00000000 ____D C:UsersDmarrAppDataLocalKaren’s Power Tools
2021-12-11 13:30 – 2021-12-11 13:30 – 00003236 _____ C:WindowsSystem32TasksLUPServices
2021-12-11 13:30 – 2021-12-11 13:30 – 00000000 __SHD C:UsersDmarrAppDataRoamingMxmetamux
2021-12-11 13:30 – 2021-12-11 13:30 – 00000000 ____D C:WindowsSystem32TasksTASKDIRFORTASKCREATE
2021-12-11 13:29 – 2021-12-11 13:29 – 00000000 ____D C:UsersDmarrAppDataLocalYandex
2021-12-10 15:53 – 2021-12-11 09:56 – 00000000 ____D C:Script Results

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-31 13:06 – 2018-12-10 14:48 – 00000000 ____D C:UsersDmarrAppDataLocalCrashDumps
2021-12-31 13:04 – 2018-12-12 08:34 – 00000000 ____D C:UsersDmarrAppDataLocalLowMozilla
2021-12-31 12:43 – 2018-12-09 19:02 – 00100539 _____ C:WindowsSysWOW64Gms.log
2021-12-31 12:41 – 2018-12-09 11:37 – 01826667 _____ C:WindowsWindowsUpdate.log
2021-12-31 12:26 – 2018-12-13 15:44 – 00003544 _____ C:WindowsSystem32TasksAdobeGCInvoker-1.0-DMARR-Dmarr
2021-12-31 07:28 – 2020-05-23 19:36 – 00000000 ____D C:Program Files (x86)Google
2021-12-30 16:47 – 2018-12-18 13:56 – 00000000 ____D C:UsersDmarrAppDataLocalgtk-2.0
2021-12-30 16:47 – 2018-12-18 13:52 – 00000000 ____D C:UsersDmarrAppDataLocalbabl-0.1
2021-12-28 12:57 – 2019-03-02 15:42 – 00000000 ____D C:UsersDmarrAppDataLocalDeployment
2021-12-28 10:49 – 2009-07-13 22:45 – 00033584 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-12-28 10:49 – 2009-07-13 22:45 – 00033584 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-12-28 10:46 – 2009-07-13 23:13 – 00785858 _____ C:Windowssystem32PerfStringBackup.INI
2021-12-28 10:42 – 2019-06-13 13:39 – 00000000 ____D C:Program FilesMicrosoft Office
2021-12-28 10:41 – 2009-07-13 21:20 – 00000000 ____D C:Windowsregistration
2021-12-28 10:40 – 2018-12-09 18:21 – 00221996 _____ C:Windowssetupact.log
2021-12-28 10:40 – 2009-07-13 23:08 – 00000006 ____H C:WindowsTasksSA.DAT
2021-12-28 10:39 – 2018-12-09 18:27 – 00579244 _____ C:WindowsPFRO.log
2021-12-28 10:39 – 2018-12-09 18:27 – 00065536 _____ C:Windowssystem32spu_storage.bin
2021-12-27 14:32 – 2021-09-05 19:11 – 00000000 ____D C:UsersDmarrAppDataRoamingqBittorrent
2021-12-26 15:56 – 2021-05-02 14:07 – 00000000 ____D C:UsersDmarr.zenmap
2021-12-26 13:34 – 2021-05-02 14:07 – 00000142 _____ C:UsersDmarrAppDataLocalzenmap.exe.log
2021-12-25 11:13 – 2018-12-09 11:34 – 00000000 ____D C:UsersDmarr
2021-12-25 08:32 – 2019-08-05 13:30 – 00702208 _____ C:acadminidump.dmp
2021-12-23 10:34 – 2018-12-13 09:56 – 00000000 ___RD C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9rt Menu5 Multi Media
2021-12-20 13:46 – 2021-01-19 19:08 – 00024846 _____ C:UsersDmarrDocumentsnew block.dwg
2021-12-20 07:29 – 2021-07-06 10:52 – 00002102 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2021-12-20 07:29 – 2021-07-06 10:52 – 00002102 _____ C:ProgramDataDesktopGoogle Chrome.lnk
2021-12-15 15:07 – 2020-12-10 08:56 – 00002300 _____ C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9rt MenuProgramsMicrosoft Teams.lnk
2021-12-15 15:07 – 2020-06-05 11:02 – 00002292 _____ C:UsersDmarrDesktopMicrosoft Teams.lnk
2021-12-11 11:48 – 2018-12-29 12:09 – 00000000 ____D C:UsersDmarrAppDataRoamingMedia_Companion

==================== Files in the root of some directories =======

2020-05-19 20:09 – 2020-05-19 20:09 – 0000724 _____ () C:Program Files#readme_zip_users.txt
2020-05-19 20:09 – 2020-05-19 20:09 – 0141280 _____ (Irfan Skiljan, IrfanView) C:Program Filesiv_uninstall.exe
2020-05-19 20:09 – 2020-05-19 20:09 – 0002304 _____ () C:Program Filesi_about.txt
2020-05-19 20:09 – 2020-05-19 20:09 – 0102670 _____ () C:Program Filesi_changes.txt
2020-05-19 20:09 – 2020-05-19 20:09 – 0000765 _____ () C:Program Filesi_languages.txt
2020-05-19 20:09 – 2020-05-19 20:09 – 0021615 _____ () C:Program Filesi_options.txt
2020-05-19 20:09 – 2020-05-19 20:09 – 0014784 _____ () C:Program Filesi_plugins.txt
2020-05-19 20:09 – 2020-05-19 20:09 – 0281205 _____ () C:Program Filesi_view32.chm
2020-05-19 20:09 – 2020-05-19 20:09 – 2300552 _____ (Irfan Skiljan) C:Program Filesi_view64.exe
2020-05-19 20:09 – 2021-11-19 19:05 – 0004808 _____ () C:Program Filesi_view64.ini
2018-12-16 13:24 – 2018-12-16 13:24 – 0000351 _____ () C:Program Files (x86)BootAnalyzerInstaller.log
2020-05-01 12:59 – 2020-08-27 08:56 – 0020532 _____ () C:UsersDmarrAppDataLocaldigikamrc
2019-02-18 07:02 – 2019-02-18 07:02 – 0004096 ____H () C:UsersDmarrAppDataLocalkeyfile3.drm
2018-12-14 14:23 – 2018-12-14 14:23 – 0000000 _____ () C:UsersDmarrAppDataLocaloobelibMkey.log
2020-11-26 11:07 – 2020-11-26 11:07 – 0000600 _____ () C:UsersDmarrAppDataLocalPUTTY.RND
2021-12-30 16:47 – 2021-12-30 16:47 – 0037200 _____ () C:UsersDmarrAppDataLocalrecently-used.xbel
2019-06-04 19:46 – 2021-04-16 16:14 – 0007625 _____ () C:UsersDmarrAppDataLocalResmon.ResmonCfg
2021-05-02 14:07 – 2021-12-26 13:34 – 0000142 _____ () C:UsersDmarrAppDataLocalzenmap.exe.log
2021-12-28 10:40 – 2021-12-28 10:40 – 0000004 ____H () C:ProgramDatacm-lock
2020-03-14 18:25 – 2020-03-14 18:25 – 0000000 ____H () C:ProgramDataDP45977C.lfl
2019-04-02 10:18 – 2019-04-02 10:18 – 0002618 _____ () C:ProgramDataregid.1996-01.com.microridge_3D98D609-C022-4334-875D-258A6B833BF2.swidtag

Some files in TEMP:
====================
C:UsersDmarrAppDataLocalTemp-0512p7b.dll
C:UsersDmarrAppDataLocalTemp-gqkvcum.dll
C:UsersDmarrAppDataLocalTemp-pavjlc3.dll
C:UsersDmarrAppDataLocalTemp-xjymsuf.dll
C:UsersDmarrAppDataLocalTemp1b56r2k3.dll
C:UsersDmarrAppDataLocalTemp23hyo35y.dll
C:UsersDmarrAppDataLocalTemp2zh5lofx.dll
C:UsersDmarrAppDataLocalTemp302v4bfh.dll
C:UsersDmarrAppDataLocalTemp3ae6jtzd.dll
C:UsersDmarrAppDataLocalTemp3f72gv3d.dll
C:UsersDmarrAppDataLocalTemp3gb9c74l.dll
C:UsersDmarrAppDataLocalTemp3ulii93c.dll
C:UsersDmarrAppDataLocalTemp4_1mgve5.dll
C:UsersDmarrAppDataLocalTemp5xgahbba.dll
C:UsersDmarrAppDataLocalTemp8058tu9s.dll
C:UsersDmarrAppDataLocalTemp84s-onab.dll
C:UsersDmarrAppDataLocalTemp8uwtqoh6.dll
C:UsersDmarrAppDataLocalTempa5zmuujp.dll
C:UsersDmarrAppDataLocalTempaa5gqude.dll
C:UsersDmarrAppDataLocalTempAcDeltree.exe
C:UsersDmarrAppDataLocalTempadhf_a5h.dll
C:UsersDmarrAppDataLocalTempapi32.exe
C:UsersDmarrAppDataLocalTempasrwinlu.dll
C:UsersDmarrAppDataLocalTempbwbqk7fd.dll
C:UsersDmarrAppDataLocalTempbyh0-5ab.dll
C:UsersDmarrAppDataLocalTempc16vbs0l.dll
C:UsersDmarrAppDataLocalTempcm1v9ju6.dll
C:UsersDmarrAppDataLocalTempcojs0url.dll
C:UsersDmarrAppDataLocalTempcyjo4rkg.dll
C:UsersDmarrAppDataLocalTempd8_m76av.dll
C:UsersDmarrAppDataLocalTempdateinj01.dll
C:UsersDmarrAppDataLocalTempedllru7y.dll
C:UsersDmarrAppDataLocalTempexb8o5mv.dll
C:UsersDmarrAppDataLocalTempfdh_0buq.dll
C:UsersDmarrAppDataLocalTempflgvyn2f.dll
C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9A.dll
C:UsersDmarrAppDataLocalTempf_zirx_-.dll
C:UsersDmarrAppDataLocalTempg9fxosaz.dll
C:UsersDmarrAppDataLocalTempgp5kntex.dll
C:UsersDmarrAppDataLocalTempguo-ogfa.dll
C:UsersDmarrAppDataLocalTempgysbdhsy.dll
C:UsersDmarrAppDataLocalTemphb4mihjo.dll
C:UsersDmarrAppDataLocalTemphi8bgzbk.dll
C:UsersDmarrAppDataLocalTemphtv9hf-3.dll
C:UsersDmarrAppDataLocalTempiostot8h.dll
C:UsersDmarrAppDataLocalTempiouqtulm.dll
C:UsersDmarrAppDataLocalTempiv_uninstall.exe
C:UsersDmarrAppDataLocalTempj2lxo3jn.dll
C:UsersDmarrAppDataLocalTempjbnkbspy.dll
C:UsersDmarrAppDataLocalTempjqtumiij.dll
C:UsersDmarrAppDataLocalTempjre-8u221-windows-au.exe
C:UsersDmarrAppDataLocalTempjre-8u231-windows-au.exe
C:UsersDmarrAppDataLocalTempjre-8u281-windows-au.exe
C:UsersDmarrAppDataLocalTempjre-8u291-windows-au.exe
C:UsersDmarrAppDataLocalTempk6-dfatx.dll
C:UsersDmarrAppDataLocalTempk9dr3bzt.dll
C:UsersDmarrAppDataLocalTempkae01cbe.dll
C:UsersDmarrAppDataLocalTempkkabrnre.dll
C:UsersDmarrAppDataLocalTemplbcd84g_.dll
C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBPr.exe
C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9UI.exe
C:UsersDmarrAppDataLocalTemplf6hiumx.dll
C:UsersDmarrAppDataLocalTemplla5vdvk.dll
C:UsersDmarrAppDataLocalTemplogapi32.exe
C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9nstaller.exe
C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9ller.exe
C:UsersDmarrAppDataLocalTempltojm-aa.dll
C:UsersDmarrAppDataLocalTempltt18vfz.dll
C:UsersDmarrAppDataLocalTemplzpb5v19.dll
C:UsersDmarrAppDataLocalTempm-g8zv3y.dll
C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9ce.exe
C:UsersDmarrAppDataLocalTempmdxyi9fc.dll
C:UsersDmarrAppDataLocalTempmhrgzajc.dll
C:UsersDmarrAppDataLocalTempmj59z1ny.dll
C:UsersDmarrAppDataLocalTempmwx-i1hf.dll
C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBPp.exe
C:UsersDmarrAppDataLocalTempn9qwi1x1.dll
C:UsersDmarrAppDataLocalTempnjtgeldx.dll
C:UsersDmarrAppDataLocalTempose00000.exe
C:UsersDmarrAppDataLocalTempovbacyux.dll
C:UsersDmarrAppDataLocalTemppasejb3s.dll
C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9lity.exe
C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBPb.dll
C:UsersDmarrAppDataLocalTempprja43m2.dll
C:UsersDmarrAppDataLocalTemppt3ydme4.dll
C:UsersDmarrAppDataLocalTempq2lsobvc.dll
C:UsersDmarrAppDataLocalTempq9kdiqzt.dll
C:UsersDmarrAppDataLocalTempqyeb1slr.dll
C:UsersDmarrAppDataLocalTempr-cesgln.dll
C:UsersDmarrAppDataLocalTemprnbbyxv-.dll
C:UsersDmarrAppDataLocalTempruhwrqy0.dll
C:UsersDmarrAppDataLocalTemps2uw5-el.dll
C:UsersDmarrAppDataLocalTempsgh97hoj.dll
C:UsersDmarrAppDataLocalTempshxvv-39.dll
C:UsersDmarrAppDataLocalTempsnoxf34v.dll
C:UsersDmarrAppDataLocalTempsyfrnvp-.dll
C:UsersDmarrAppDataLocalTempt2t5hoym.dll
C:UsersDmarrAppDataLocalTempteljszxe.dll
C:UsersDmarrAppDataLocalTemptmatrkxn.dll
C:UsersDmarrAppDataLocalTemptpmqd8hg.dll
C:UsersDmarrAppDataLocalTemptshatcuo.dll
C:UsersDmarrAppDataLocalTemptv7ppxud.dll
C:UsersDmarrAppDataLocalTempuh7jd1vb.dll
C:UsersDmarrAppDataLocalTempvo3qjhvh.dll
C:UsersDmarrAppDataLocalTempvsgcekua.dll
C:UsersDmarrAppDataLocalTempvstej225.dll
C:UsersDmarrAppDataLocalTempw0yzohqt.dll
C:UsersDmarrAppDataLocalTempwf9kcvjy.dll
C:UsersDmarrAppDataLocalTempwin32.exe
C:UsersDmarrAppDataLocalTempwin64.exe
C:UsersDmarrAppDataLocalTempwuyaux-9.dll
C:UsersDmarrAppDataLocalTempxiov_nnb.dll
C:UsersDmarrAppDataLocalTempxyafmhor.dll
C:UsersDmarrAppDataLocalTempygajj32y.dll
C:UsersDmarrAppDataLocalTempytef_fmu.dll
C:UsersDmarrAppDataLocalTempywiniwqq.dll
C:UsersDmarrAppDataLocalTempz7im3lor.dll
C:UsersDmarrAppDataLocalTempzeug0dbk.dll
C:UsersDmarrAppDataLocalTempzfclgzqg.dll
C:UsersDmarrAppDataLocalTemp_-2jsuad.dll
C:UsersDmarrAppDataLocalTemp{B304B870-E1AB-4B39-AF23-3638D4C76F8B}.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:Windowssystem32winlogon.exe => File is digitally signed
C:Windowssystem32wininit.exe => File is digitally signed
C:WindowsSysWOW64wininit.exe => File is digitally signed
C:Windowsexplorer.exe => File is digitally signed
C:WindowsSysWOW64explorer.exe => File is digitally signed
C:Windowssystem32svchost.exe => File is digitally signed
C:WindowsSysWOW64svchost.exe => File is digitally signed
C:Windowssystem32services.exe => File is digitally signed
C:Windowssystem32User32.dll => File is digitally signed
C:WindowsSysWOW64User32.dll => File is digitally signed
C:Windowssystem32userinit.exe => File is digitally signed
C:WindowsSysWOW64userinit.exe => File is digitally signed
C:Windowssystem32rpcss.dll => File is digitally signed
C:Windowssystem32dnsapi.dll => File is digitally signed
C:WindowsSysWOW64dnsapi.dll => File is digitally signed
C:Windowssystem32Driversvolsnap.sys => File is digitally signed

LastRegBack: 2018-12-14 00:38

==================== End of FRST.txt ============================

 

Attached is the Addition.txt file

dditional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Dmarr (2021-12-31 13:11:44)
Running from D:UtilitiesMalware
Windows 7 Professional Service Pack 1 (X64) (2018-12-09 17:34:11)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2705839474-1034495589-3787676121-500 – Administrator – Enabled)
Dmarr (S-1-5-21-2705839474-1034495589-3787676121-1000 – Administrator – Enabled) => C:UsersDmarr
Guest (S-1-5-21-2705839474-1034495589-3787676121-501 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled – Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader (HKLM…{62C59C21-F5F5-41A1-B575-DE37FEAA285B}) (Version: 4.18.1.4500 – Open Media LLC)
4Team OST2 (HKLM…{EC747D5D-B624-44FB-BDE7-DFAF5EEBAA73}) (Version: 2.12.0022 – 4Team Corporation)
7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)
ACA & MEP 2017 Object Enabler (Version: 7.9.45.0 – Autodesk) Hidden
ACAD Private (Version: 21.0.52.0 – Autodesk) Hidden
Adobe Acrobat XI Pro (HKLM-x32…{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 – Adobe Systems)
Adobe Bridge CC 2019 (HKLM-x32…KBRG_9_0_2) (Version: 9.0.2 – Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32…Adobe Creative Cloud) (Version: 4.8.1.435 – Adobe Systems Incorporated)
Adobe Customization Wizard XI (HKLM-x32…{AC76BA86-1033-0000-0000-000000000063}) (Version: 11.0.03 – Adobe Systems, Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32…Adobe Flash Player NPAPI) (Version: 32.0.0.156 – Adobe Systems Incorporated)
Adobe Reader 64-bit fixes (HKLM…{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version:  – Leo Davidson / Pretentious Name)
Advanced PDF Password Recovery (HKLM-x32…{A85CC7BA-760F-4B65-8E2F-640BE314F2F8}) (Version: 5.06.113.2041 – Elcomsoft Co. Ltd.)
Advanced Serial Data Logger (HKLM-x32…Advanced Serial Data Logger_is1) (Version: 3 – AGG Software)
AMD Software (HKLM…AMD Catalyst Install Manager) (Version: 9.0.000.8 – Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32…{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 – Apple Inc.)
Apple Application Support (64-bit) (HKLM…{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 – Apple Inc.)
Apple Mobile Device Support (HKLM…{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 – Apple Inc.)
Apple Software Update (HKLM-x32…{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 – Apple Inc.)
Asterisk Key 10.0 (HKLM-x32…asterisk key) (Version:  – )
AutoBatch Plug-In, v. 2.0 (TRIAL VERSION) (HKLM-x32…AutoBatch Plug-In (TRIAL VERSION)_is1) (Version:  – EverMap Company, LLC.)
AutoBookmark Professional Plug-In, v. 4.7.0 (TRIAL VERSION) (HKLM-x32…AutoBookmark Professional Plug-In (TRIAL VERSION)_is1) (Version:  – EverMap Company, LLC.)
AutoCAD 2010 – English (HKLM…AutoCAD 2010 – English) (Version: 18.0.55.0 – Autodesk)
AutoCAD 2010 – English (Version: 18.0.55.0 – Autodesk) Hidden
AutoCAD 2010 Language Pack – English (Version: 18.0.55.0 – Autodesk) Hidden
AutoCAD 2017 – English (Version: 21.0.52.0 – Autodesk) Hidden
AutoCAD 2017 (Version: 21.0.52.0 – Autodesk) Hidden
AutoCAD 2017 Language Pack – English (Version: 21.0.52.0 – Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32…{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 – Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32…{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 – Autodesk)
Autodesk AutoCAD 2017 – English (HKLM…AutoCAD 2017 – English) (Version: 21.0.52.0 – Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32…{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 – Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM…{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 – Autodesk)
Autodesk Desktop App (HKLM-x32…Autodesk Desktop App) (Version: 7.0.16.29 – Autodesk)
Autodesk DWG TrueView 2017 – English (HKLM…DWG TrueView 2017 – English) (Version: 21.0.52.0 – Autodesk)
Autodesk DWG TrueView 2020 – English (HKLM…DWG TrueView 2020 – English) (Version: 23.1.48.0 – Autodesk)
Autodesk Featured Apps 2016-2017 (HKLM-x32…{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 – Autodesk)
Autodesk Genuine Service (HKLM-x32…{317D67F2-9027-4E85-9ED1-ADF4D765AE02}) (Version: 3.0.11 – Autodesk)
Autodesk License Service (x64) – 3.1 (HKLM…{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 – Autodesk)
Autodesk Material Library 2017 (HKLM-x32…{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 – Autodesk)
Autodesk Material Library 2019 (HKLM-x32…{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 – Autodesk)
Autodesk Material Library 2020 (HKLM-x32…{B9312A51-41B5-479D-9F72-E7448A2D89AF}) (Version: 18.11.1.0 – Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32…{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 – Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32…{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 – Autodesk)
Autodesk Material Library Base Resolution Image Library 2020 (HKLM-x32…{0E976988-E753-4C81-BD96-434CE305B176}) (Version: 18.11.1.0 – Autodesk)
Autodesk Navisworks 2020 Exporters – 64 bit – English Language Pack (HKLM…Autodesk Navisworks 2020 Exporters – 64 bit – English Language Pack (SP1)) (Version: 17.0.1336.83 – Autodesk)
Autodesk Navisworks 2020 Exporters – 64 bit – English Language Pack (Version: 17.0.1336.83 – Autodesk) Hidden
Autodesk Navisworks 2020 Exporters – 64 bit (HKLM…Autodesk Navisworks 2020 Exporters – 64 bit) (Version: 17.0.1336.83 – Autodesk)
Autodesk Navisworks 2020 Exporters – 64 bit (Version: 17.0.1336.83 – Autodesk) Hidden
Autodesk Navisworks Freedom 2019 – English Language Pack (HKLM…Autodesk Navisworks Freedom 2019 – English Language Pack) (Version: 16.0.1326.55 – Autodesk)
Autodesk Navisworks Freedom 2019 – English Language Pack (Version: 16.0.1326.55 – Autodesk) Hidden
Autodesk Navisworks Freedom 2019 (HKLM…Autodesk Navisworks Freedom 2019) (Version: 16.0.1326.55 – Autodesk)
Autodesk Navisworks Freedom 2019 (Version: 16.0.1326.55 – Autodesk) Hidden
Autodesk Navisworks Freedom 2020 – English Language Pack (HKLM…Autodesk Navisworks Freedom 2020 – English Language Pack) (Version: 17.0.1336.83 – Autodesk)
Autodesk Navisworks Freedom 2020 – English Language Pack (Version: 17.0.1336.83 – Autodesk) Hidden
Autodesk Navisworks Freedom 2020 (HKLM…Autodesk Navisworks Freedom 2020) (Version: 17.0.1336.83 – Autodesk)
Autodesk Navisworks Freedom 2020 (Version: 17.0.1336.83 – Autodesk) Hidden
Autodesk Navisworks Manage 2020 – DWG File Reader (Version: 17.0.1336.83 – Autodesk) Hidden
Autodesk Navisworks Manage 2020 – English Language Pack (HKLM…Autodesk Navisworks Manage 2020 – English Language Pack) (Version: 17.0.1336.83 – Autodesk)
Autodesk Navisworks Manage 2020 – English Language Pack (Version: 17.0.1336.83 – Autodesk) Hidden
Autodesk Navisworks Manage 2020 (HKLM…Autodesk Navisworks Manage 2020) (Version: 17.0.1336.83 – Autodesk)
Autodesk Navisworks Manage 2020 (Version: 17.0.1336.83 – Autodesk) Hidden
Autodesk ReCap 360 (HKLM…Autodesk ReCap 360) (Version: 3.0.0.52 – Autodesk)
Autodesk ReCap 360 (Version: 3.0.0.52 – Autodesk) Hidden
Autodesk Revit Interoperability for Navisworks Manage 2020 (Version: 20.0.0.364 – Autodesk) Hidden
Autodesk Screencast 3.7 (HKLM-x32…AutodeskChronicle_is1) (Version: 3.7 – Autodesk, Inc.)
Autodesk Single Sign On Component (HKLM…{E3807FC8-DD0A-4D6D-89E9-EAADE00C845C}) (Version: 10.22.00.1800 – Autodesk)
AutoMetadata (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…d7bb04ec04539e56) (Version: 1.0.0.20 – EverMap)
AutoPagex Plug-In, v. 1.9 (TRIAL VERSION) (HKLM-x32…AutoPagex Plug-In (TRIAL VERSION)_is1) (Version:  – EverMap Company, LLC.)
AutroSafe Configuration Tool 4.8.2 C4.67 (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…{0aeae26d-6b12-45ee-8a39-2f8b6ee26a1c}) (Version: 4.8.2 – Autronica Fire and Security)
Avery Design & Print (HKLM-x32…Avery Design & Print 4.0.1) (Version: 4.0.1 – Avery Products Corporation)
Avidemux VC++ 64bits (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…{4fe17cd6-cb97-4779-a2f0-80e293aefba9}) (Version: 2.7.5 – Mean)
Balabolka (HKLM-x32…Balabolka) (Version: 2.15.0.802 – Ilya Morozov)
BeCyPDFMetaEdit (HKLM-x32…BeCyPDFMetaEdit) (Version: 2.37.0 – Benjamin Bentmann)
Belarc Advisor 8.6b (HKLM-x32…Belarc Advisor) (Version: 8.6.2.0 – Belarc Inc.)
Blizz (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…Blizz) (Version: 13.2.956 – TeamViewer)
BlueJeans (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…{36ebe37b-8bb1-4bd3-bcc3-72cd7264d0b9}) (Version: 2.13.533 – BlueJeans Network, Inc.)
BlueJeans (Version: 2.12.204 – BlueJeans Network, Inc.) Hidden
Bonjour (HKLM…{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 – Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.1201.1734.31588 – Advanced Micro Devices, Inc.) Hidden
Cisco Webex Meetings (HKLM-x32…ActiveTouchMeetingClient) (Version: 41.3.3 – Cisco Webex LLC)
Citadon CW (HKLM-x32…InstallShield_{26256198-660E-4999-9190-7DD965D59E07}) (Version: 8.1.9 (1904) – Citadon, Inc)
Citadon CW (x32 Version: 8.1.9 (1904) – Citadon, Inc) Hidden
ComTestSerial (HKLM-x32…{C0C32AE7-B0FA-4A61-ABB3-04828C665FCB}) (Version: 3.1.0.133 – MicroRidge Systems)
ContextEdit (PC Magazine) (HKLM-x32…ContextEdit_is1) (Version: 1.2 – Ziff Davis Media, Inc.)
Dell Command | Update (HKLM-x32…{0C8D5FDB-111E-4F8C-B469-5F330066410E}) (Version: 3.1.0 – Dell, Inc.)
Dell Data Vault (64 bit) (HKLM…{1C43F351-57A4-4174-B6A4-F87AB210C182}) (Version: 5.1.1.46 – Dell)
Dell Precision Optimizer (HKLM-x32…{D66A3355-FEA4-4F60-8BAF-D6CBEDB396D8}) (Version: 4.0.04 – Dell Inc.)
Dell SupportAssist (HKLM…{B7682259-63F5-42FA-933B-ACD343CF7049}) (Version: 3.4.1.49 – Dell Inc.)
Dell Touchpad (HKLM…{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.121 – ALPS ELECTRIC CO., LTD.)
Deluge 1.3.14 (HKLM-x32…Deluge) (Version:  – )
DiffEngineX (HKLM-x32…{AAD5EC2E-CCB5-4CAA-8AC8-FF3451612243}) (Version: 3.15.0000 – Florencesoft)
digiKam 6.4.0 (HKLM-x32…digiKam) (Version: 6.4.0 – The digiKam team)
Discovery SimSystem (HKLM-x32…{13079DB0-D461-4A15-ABAA-BDF6FE10A152}) (Version: 2.15.0016 – Apollo Fire Detectors Ltd)
DWG TrueView 2017 – English (Version: 21.0.52.0 – Autodesk) Hidden
DWG TrueView 2020 – English (Version: 23.1.48.0 – Autodesk) Hidden
EaseUS Data Recovery Wizard (HKLM…EaseUS Data Recovery Wizard_is1) (Version:  – EaseUS)
EBPro (HKLM…{DD0B8B2F-F82E-410F-9663-047FC473F5F4}) (Version: 6.04.02.620 – Maple Systems)
Excel VBA Code Documentor 5.0 (HKLM-x32…Excel VBA Code Documentor 5.0) (Version:  – )
FARO LS 1.1.505.0 (64bit) (HKLM-x32…{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 – FARO Scanner Production)
FARO LS 1.1.700.0 (64bit) (HKLM-x32…{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 – FARO Scanner Production)
FCC 3.1.7183.1001 (current user) (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…FreeConferenceCall (current user)) (Version: 3.1.7183.1001 – FreeConferenceCall LLC)
FCC Master (HKLM-x32…{ACAE0200-D0AF-4A6B-A4E9-0192DA0E2BCF}) (Version: 3.0.5530 – FreeConferenceCall)
FileZilla Client 3.41.2 (HKLM-x32…FileZilla Client) (Version: 3.41.2 – Tim Kosse)
Fluke DAQ v6.0 (HKLM-x32…InstallShield_{BF177D7F-6D6A-4C01-9A64-993DE54FD49A}) (Version: 60.0.4 – Fluke)
Fluke DAQ v6.0 (x32 Version: 60.0.4 – Fluke) Hidden
Fluke USB Serial Driver (HKLM-x32…{9CC8EAC2-7502-44DB-8CB9-456B6092F6C6}) (Version: 1.00.0000 – Fluke)
FlukeView Forms (HKLM-x32…{63702CB3-38D5-11D4-9A93-00C04F281EE2}) (Version:  – )
FlukeViewFormsVcRedist (HKLM-x32…{3709EF38-C2EF-4298-AB38-37F4B14D147E}) (Version: 9.0.21022 – Fluke)
FMS PDF Metadata Editor 2.6.3 (HKLM-x32…{A7B7AF4F-03F0-4253-A657-FBB39CA5897F}_is1) (Version:  – FileManagerSoft Ltd.)
FoV Calculator (HKLM-x32…FoV Calculator) (Version: 4.10.0 – HANWHA TECHWIN CO.,LTD.)
Foxit PhantomPDF Business (HKLM-x32…{62BCDCA9-7686-4DD9-BC3D-944842759209}) (Version: 7.2.0.722 – Foxit Software Inc.)
FreeConferenceCallMicrosoftOfficePlugin (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…FreeConferenceCallMicrosoftOfficePlugin) (Version: 0.8.17406.0 – FreeConferenceCall Corporation)
FreeFileSync 10.22 (HKLM-x32…FreeFileSync_is1) (Version: 10.22 – FreeFileSync.org)
Friture (HKLM-x32…{869AC8F0-5D26-44D2-9BF4-130AE0225068}) (Version: 0.48 – Silent Gain)
Gas_Inspector_2.0.15 (HKLM-x32…Gas_Inspector_2.0.15) (Version: 2.0.15 – Detector Electronics Corporation)
GasLab (HKLM-x32…{7C34FAD6-6979-4894-B4D2-25442241ADC0}) (Version: 2.2.137 – Co2meter)
Generic Universal PCL5 (HKLM…Generic Universal PCL5) (Version:  – Generic)
GIMP 2.10.8 (HKLM…GIMP-2_is1) (Version: 2.10.8 – The GIMP Team)
Google Books Downloader version 2.7 (HKLM-x32…{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.7 – GBOOKSDOWNLOADER.COM)
Google Chrome (HKLM…{E9AB118B-2341-3DD2-BD45-27B55F5F3802}) (Version: 96.0.4664.110 – Google LLC)
Google Earth Pro (HKLM…{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 – Google)
Google Legacy Browser Support (HKLM…{631CE0F9-6159-45A8-9548-F435A3B575CA}) (Version: 7.1.0.0 – Google Inc)
GoTo Opener (HKLM-x32…{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 – LogMeIn, Inc.)
GoToAssist Corporate (HKLM-x32…GoToAssist) (Version: 11.9.0.1280 – LogMeIn, Inc.)
GoToMeeting 10.14.0.18962 (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…GoToMeeting) (Version: 10.14.0.18962 – LogMeIn, Inc.)
GrampsAIO64 (HKLM…GrampsAIO64 5.1.2) (Version: 5.1.2 – The Gramps project)
HEIC Converter Free 1.5.0 (HKLM-x32…{D3C39EE7-4C82-48AD-939D-4C0AB9E9939D}_is1) (Version: 1.5.0 – FonePaw)
Help Explorer 3.0 (HKLM-x32…{87022FF4-CD0C-44A5-8084-1FE3F5F96369}) (Version: 3.00.0000 – HelpExplorer Software)
HHD Software Free Serial Port Monitor 8.35 (HKLM…HHD Device Monitoring Studio 5.01) (Version: 8.35.0.9398 – HHD Software, Ltd.)
HL-L8350CDW series (HKLM-x32…{620626CC-9A2D-4A22-A4CA-3750FDC05CB2}) (Version: 1.0.5.0 – Brother Industries, Ltd.)
Image Composite Editor (HKLM…{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 – Microsoft Corporation)
inFlux version 1.25 (64-bit) (HKLM…{FDCA087B-5897-481A-AEAC-47213DBECA0D}_is1) (Version: 1.25 (64-bit) – Insight Numerics, LLC)
Inkscape 0.92.3 (HKLM…{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.92.3.0 – Inkscape project)
Intel Driver && Support Assistant (x32 Version: 19.7.30.2 – Intel) Hidden
Intel® Chipset Device Software (x32 Version: 10.1.1.18 – Intel® Corporation) Hidden
Intel® Computing Improvement Program (HKLM…{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 – Intel Corporation)
Intel® Management Engine Components (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 – Intel Corporation)
Intel® Network Connections Drivers (HKLM…PROSet) (Version: 20.2 – Intel)
Intel® Processor Graphics (HKLM-x32…{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5074 – Intel Corporation)
Intel® Wireless Bluetooth® (HKLM…{00004090-0200-4FD1-8F3D-148929CC1385}) (Version: 20.90.4 – Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32…{12d2d1d9-5223-431d-96ac-6a82d3a1391c}) (Version: 19.7.30.2 – Intel)
Intel® Driver & Support Assistant (HKLM-x32…{dbe96554-7594-4bba-b7c5-fc6c72dbaa39}) (Version: 19.6.26.3 – Intel)
Intel® PROSet/Wireless Software (HKLM-x32…{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 – Intel Corporation)
IP Video System Design Tool 11 v.11.0.0.1928 (HKLM-x32…IP Video System Design Tool 11_is1) (Version:  – www.jvsg.com)
IrfanView 4.54 (64-bit) (HKLM…IrfanView64) (Version: 4.54 – Irfan Skiljan)
iTunes (HKLM…{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 – Apple Inc.)
Java 8 Update 201 (64-bit) (HKLM…{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 – Oracle Corporation)
Java 8 Update 251 (64-bit) (HKLM…{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 – Oracle Corporation)
Keyspan USB Serial Adapter (HKLM-x32…{2E97DE76-851A-48AA-A0D6-665860FAD9CA}) (Version: 3.7.2 – Keyspan)
KFS Hydraulic Flow Calculation Program v4.00 (HKLM-x32…{91FC0EF6-A689-4CE6-B51A-CB3187767C4B}) (Version: 4.00.619.434 –  Jensen Hughes, Inc.)
Kodi (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…Kodi) (Version:  – XBMC-Foundation)
LogiOptionsExcelAddin (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…5B9DBC017A73395321F758581D1CBC19EA9DF4FF) (Version: 8.36.40.0 – Logitech)
LogiOptionsPowerPointAddin (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…2C15990041C0A40782166403A24D0F52DFC41095) (Version: 8.36.40.0 – Logitech)
LogiOptionsWordAddin (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…77F95DB8F75F35C40BD868B4D39ADCCB966A0FD1) (Version: 8.36.40.0 – Logitech)
Logitech Options (HKLM…LogiOptions) (Version: 8.36.86 – Logitech)
Logitech SetPoint 6.69 (HKLM…sp6) (Version: 6.69.123 – Logitech)
Media Center Master (HKLM-x32…Media Center Master_is1) (Version: 2.18.32818.738 – Media Center Master, Inc.)
Media Player Codec Pack 4.5.1 (HKLM-x32…Media Player – Codec Pack) (Version: 4.5.1 – Media Player Codec Pack)
Mendeley Desktop 1.19.3 (HKLM-x32…Mendeley Desktop) (Version: 1.19.3 – Mendeley Ltd.)
Microsoft .NET Framework 4.8 (HKLM…{92FB6C44-E685-45AD-9B20-CADF4CABA132} – 1033) (Version: 4.8.03761 – Microsoft Corporation)
Microsoft Lync Web App Plug-in (64-bit) (HKLM…{8E1176BA-902C-46E6-8C22-6F80BCFEB629}) (Version: 15.8.8308.965 – Microsoft Corporation)
Microsoft Office 365 Business – en-us (HKLM…O365BusinessRetail – en-us) (Version: 16.0.12527.22079 – Microsoft Corporation)
Microsoft OneDrive (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…OneDriveSetup.exe) (Version: 18.151.0729.0013 – Microsoft Corporation)
Microsoft Project Professional 2016 – en-us (HKLM…ProjectProRetail – en-us) (Version: 16.0.12527.22079 – Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM…{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 – Microsoft Corporation)
Microsoft Teams (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…Teams) (Version: 1.4.00.32771 – Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM…Office14.VISIOR) (Version: 14.0.4763.1000 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40660 (HKLM-x32…{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.21005 (HKLM-x32…{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40660 (HKLM-x32…{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29914 (HKLM-x32…{43d1ce82-6f55-4860-a938-20e5deb28b98}) (Version: 14.28.29914.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.26.28720 (HKLM-x32…{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 – Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM…Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 – Microsoft Corporation)
MZ-Tools 8.0 – VBA (Build 8.0.0.2173) (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…{A831F45B-3864-4D2E-B586-3E7DCEB5EA66}_is1) (Version:  – MZTools Software)
Nmap 7.91 (HKLM-x32…Nmap) (Version: 7.91 – Nmap Project)
Node.js (HKLM…{35B295DD-D13C-495D-A8D2-8E3199112F75}) (Version: 12.18.3 – Node.js Foundation)
NordVPN (HKLM…{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.36.6.0 – TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32…{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 – NordVPN)
NordVPN network TUN (HKLM…{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 – NordVPN)
NordVPN network TUN (HKLM…{FD40B53E-299B-45AE-AFB3-B94FD7CC96FE}) (Version: 1.0.1 – NordVPN)
NorthBright CHM Tool 1.0.1.523 (HKLM-x32…{F7C91E70-566D-4C35-B395-82B68FD127D8}_is1) (Version:  – NorthBright, Inc.)
Notepad++ (64-bit x64) (HKLM…Notepad++) (Version: 7.8.8 – Notepad++ Team)
Notifier Battery Calculations (HKLM-x32…{99693393-E14B-4597-A20E-634A279DBC83}) (Version: 3.0 – Notifier)
Npcap (HKLM-x32…NpcapInst) (Version: 1.00 – Nmap Project)
Null-modem emulator (com0com) (HKLM-x32…com0com) (Version: 3.0.0.0 – Vyacheslav Frolov)
O2Micro Flash Memory Card Windows Driver (HKLM-x32…InstallShield_{C834E5DF-AB21-4142-8234-0C4FA77F3A04}) (Version: 3.0.08.38 – O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.08.38 – O2Micro International LTD.) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.12527.22060 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.12527.22060 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.12527.22060 – Microsoft Corporation) Hidden
PDF Filename Stamper version 2.73 (HKLM-x32…{922CF989-AD0A-4144-98B0-9249D3F216AA}_is1) (Version: 2.73 – Saintjohnny’s Software Tools)
PDF Impress 11 (HKLM…{E540E8BA-8F10-4FDB-9267-03EDBD039465}) (Version: 11.00.003 – Amyuni Technologies, Inc.)
PeaZip configuration (WIN64) (HKLM…{4F8D60A8-C53D-47BD-AE5C-31AE6566D638}_is1) (Version:  – Giorgio Tani)
PrettyCode.Print v.2.00 (HKLM-x32…PrettyCode.Print v.2.00) (Version:  – )
PX Profile Update (x32 Version: 1.00.1. – AMD) Hidden
qBittorrent 4.3.8 (HKLM-x32…qBittorrent) (Version: 4.3.8 – The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 – Realtek Semiconductor Corp.)
S³ 8.0 (HKLM-x32…S³_7.0) (Version: 8.0 – Detector Electronics)
S3 Version Switcher (HKLM-x32…{18FB275C-3E76-483B-B525-6CBEE3FD588B}) (Version: 1.0.0 – Microsoft)
ScrapeStorm 3.6.1 (HKLM-x32…b88bf8c0-1706-5e34-b86b-b15c4718cb60) (Version: 3.6.1 – 后羿采集)
ScrapingExpert 6.0.43 (HKLM-x32…{6B617840-F8BA-4D81-8DED-130D2B5E5ED1}) (Version: 1.0.0 – Microsoft)
Sentinel Protection Installer 7.6.6 (HKLM-x32…{8C2218AC-D1B1-4530-9E67-15164E0E52AB}) (Version: 7.6.6 – SafeNet, Inc.)
Serial Port Monitor 8.0.388 (HKLM…Serial Port Monitor_is1) (Version: 8.0 – ELTIMA Software)
Sierra Wireless Dell Mobile Broadband Driver Package (HKLM-x32…SWIDellDrvInstaller) (Version: 6.14.4316.0502 – Sierra Wireless, Inc.)
Sierra Wireless Skylight (HKLM…Sierra Wireless Skylight) (Version: 6.0.4777.0005 – Sierra Wireless, Inc.)
SketchUp Import 2016-2017 (HKLM-x32…{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 – Autodesk)
Skype Meetings App (HKLM-x32…{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 – Microsoft Corporation)
Spectracizer 1.2.0.12 (HKLM-x32…SpectracizerInnoInstall_is1) (Version: 1.2.0.12 – Fountain Computer Products)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32…{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0055 – ST Microelectronics)
SysTools OST Recovery v7.0 (HKLM-x32…{A57D479E-A04A-4B6F-AAF9-00C39E233990}_is1) (Version:  – SysTools Software Pvt. Ltd.)
tbl2cad version 1.5 (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…{0D05E1C0-0604-420B-9542-D750F0530DF1}_is1) (Version: 1.5 – TECHSOFT s.r.o.)
Teams Machine-Wide Installer (HKLM-x32…{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.26064 – Microsoft Corporation)
Telegram Desktop version 3.3 (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.3 – Telegram FZ-LLC)
VBAcodePrint 19.0.3.19071 (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…{4EC56406-AD74-492e-8BB4-56E854BE1A1E}_is1) (Version:  – StarPrint Limited)
VeryPDF PDF Editor v4.1 (HKLM-x32…VeryPDF PDF Editor v4.1_is1) (Version:  – VeryPDF.com, Inc.)
VNC Viewer 6.20.529 (HKLM…{DCF5BBEA-3BDB-4E03-BF06-03836F320CA6}) (Version: 6.20.529.42646 – RealVNC Ltd)
VSC (HKLM-x32…{145F2DF5-34AE-463F-9051-E8094A7A016C}) (Version: 3.9.5003 – Xtralis)
Vulkan Run Time Libraries 1.0.54.0 (HKLM…VulkanRT1.0.54.0) (Version: 1.0.54.0 – LunarG, Inc.)
Waterfox Classic 56.6 (x64 en-US) (HKLM…Waterfox Classic 56.6 (x64 en-US)) (Version: 56.6 – Waterfox Ltd)
WhatsApp (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…WhatsApp) (Version: 2.2114.9 – WhatsApp)
Windows Driver Package – B&B Electronics USB-to-Serial Driver (01/18/2013 2.08.28) (HKLM…493555ECFF87DB8E6F2319D8927605E8C9BD8691) (Version: 01/18/2013 2.08.28 – B&B Electronics)
Windows Driver Package – SLS (usbser) Ports  (04/28/2012 1.0.0.0) (HKLM…29E6CA5178D97C871CE7456B4415A85FA55E4106) (Version: 04/28/2012 1.0.0.0 – SLS)
Windows Mobile Device Center (HKLM…{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 – Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM…{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 – Microsoft Corporation)
Zoom (HKUS-1-5-21-2705839474-1034495589-3787676121-1000…ZoomUMX) (Version: 5.4.3 (58891.1115) – Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{01F918D4-A050-5613-AD39-32EB5D92D095}InprocServer32 -> D:EngineeringAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9isworks Manage 2020lcodieD.dll (Autodesk Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}localserver32 -> C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP8.151.0729.0013FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{073CB204-6B29-46FC-AB98-451F1D068741}InprocServer32 -> D:EngineeringAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9isworks Manage 2020LoadersInvInventor Server (the data entry has 29 more characters).
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{0D327DA6-B4DF-4842-B833-2CFF84F0948F}localserver32 -> D:EngineeringAutoCADAutoCAD 2017acad.exe (Autodesk, Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{1019ADC7-17CB-4489-AFD5-6642C7400ACE}localserver32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9sptOIEx64.exe (Cisco WebEx LLC)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{1542FC7D-8D51-43D5-B757-67C763F27BF4}localserver32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH915.8LWAVersionPlugin.exe (Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{2ce8e606-f468-59c0-9428-e67530836937}InprocServer32 -> D:EngineeringAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9isworks Manage 2020lcodieD.dll (Autodesk Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{389510b7-9e58-40d7-98bf-60b911cb0ea9}localserver32 -> C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP8.151.0729.0013FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{3faa4380-a399-11cf-a466-00805fe418f6}InprocServer32 -> D:EngineeringAutoCADTrueViewDWG TrueView 2017 – EnglishDWG TrueView 2020 – Englishen-USdwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{6D7AE628-FF41-4CD3-91DD-34825BB1A251}localserver32 -> D:EngineeringAutoCADacad.exe (Autodesk, Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}localserver32 -> C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP8.151.0729.0013FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{720DB9AF-D62C-4ED0-A377-429C22312852}localserver32 -> D:EngineeringAutoCADAutoCAD 2017acad.exe (Autodesk, Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}localserver32 -> D:EngineeringAutoCADTrueViewDWG TrueView 2017 – EnglishDWG TrueView 2020 – Englishdwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}localserver32 -> C:Windowssystem32igfxEM.exe (Intel Corporation)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}InprocServer32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9xe2ZnYmTphg4.dll (LogMeIn, Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{899FE301-0751-11D5-A066-00B0D011BBC8}InprocServer32 -> D:EngineeringAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9isworks Manage 2020lcodieD.dll (Autodesk Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{8C23B656-4E6E-4B45-9920-9617168D39A3}InprocServer32 -> D:EngineeringAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9isworks Manage 2020LoadersInvInventor Server (the data entry has 29 more characters).
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{94269C4E-071A-4116-90E6-52E557067E4E}localserver32 -> C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP8.151.0729.0013FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{9489FEB2-1925-4D01-B788-6D912C70F7F2}localserver32 -> C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP8.151.0729.0013FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{96CAE7ED-F021-4FEB-A5E9-7CC58829A67A}localserver32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH915.8LWAPlugin.exe (Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{A21A30F2-5768-5584-A931-51CDD84ED222}localserver32 -> D:EngineeringAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9isworks Manage 2020Roamer.exe (Autodesk Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{A926714B-7BFC-4D08-A035-80021395FFA8}localserver32 -> C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP8.151.0729.0013FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{AEECE333-8900-4915-9697-7A0B4034B3D8}InprocServer32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9sptWbxMS64.dll (Cisco WebEx LLC)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{b0376cb2-1834-5e31-9d03-3fe3f3827102}InprocServer32 -> D:EngineeringAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9isworks Manage 2020lcodieD.dll (Autodesk Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{BAEE998A-9C95-4966-8E52-DBCA67D8482A}InprocServer32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9sptoiEnt64.dll (Cisco WebEx LLC)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{C27B97DA-258D-4C14-935A-03548FFEC265}InprocServer32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQXsLHZtR4B7kF7AUy4TYR2HupL1SyUXqGcpzeDy9N11HMAHex5eHnYmTphgE.dll ()
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{C3741FD4-FABE-4C36-88E7-40C0C09FCE8D}InprocServer32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9sptWbxMS64.dll (Cisco WebEx LLC)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}InprocServer32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9ddin1.0.20244.4x64Microsoft.Teams.AddinLoader (the data entry has 15 more characters).
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}localserver32 -> D:EngineeringAutoCADacad.exe (Autodesk, Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{D716C80B-32AA-58AB-9689-48D445943181}InprocServer32 -> D:EngineeringAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9isworks Manage 2020lcodieD.dll (Autodesk Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{E2C40589-DE61-11ce-BAE0-0020AF6D7005}InprocServer32 -> D:EngineeringAutoCADacadficn.dll (Autodesk, Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{E5B0515D-48D2-4F04-906D-0192ED65A2DD}InprocServer32 -> D:EngineeringAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9isworks Manage 2020LoadersInvInventor Server (the data entry has 29 more characters).
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{e8c77137-e224-5791-b6e9-ff0305797a13}InprocServer32 -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{E8D0CE8D-BC70-4025-978F-E86068362730}InprocServer32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9sptusredt64.dll (Cisco WebEx LLC)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{EA47D2DE-76CC-4138-97FF-A62F9D28A341}InprocServer32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9sptolkadd64.dll (Cisco WebEx LLC)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{f1662f03-efed-5404-9100-a4eb0f23d3ff}InprocServer32 -> D:EngineeringAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9isworks Manage 2020lcodieD.dll (Autodesk Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{F24A8124-94B4-5D9A-8A32-740DCD2A490E}InprocServer32 -> D:EngineeringAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9isworks Manage 2020lcodieD.dll (Autodesk Inc.)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{F6E0DEDD-F6D5-4195-BE2D-AB628A0BBDF4}InprocServer32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9sptWbxMS64.dll (Cisco WebEx LLC)
CustomCLSID: HKUS-1-5-21-2705839474-1034495589-3787676121-1000_ClassesCLSID{FE2EC208-BECF-4E83-8BF4-E35DBA4EB6A1}localserver32 -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9essPlugin16.2.0.511GatewayVersion-x64.exe (Microsoft Corporation)

==================== Restore Points =========================

30-11-2021 00:00:00 Scheduled Checkpoint
07-12-2021 00:00:00 Scheduled Checkpoint
17-12-2021 18:53:11 Scheduled Checkpoint
25-12-2021 13:11:31 Installed ScrapingExpert 6.0.43
26-12-2021 13:13:06 Windows Modules Installer

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 – 2020-07-23 08:43 – 00000844 ____A C:Windowssystem32Driversetchosts

192.168.1.9    advint04

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03AB4144-EA47-4943-88B1-83AE25C457F6} – System32TasksIUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:Program Files (x86)IntelIntel® Update Managerbiniumsvc.exe
Task: {073F8E8C-D8DB-45ED-B639-0DAB44B9CA9A} – Syst1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH => C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP32.exe [] ()
Task: {076BF0DB-F7B7-4782-B6E3-262EF54E55B4} – Syst1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [2021-12-22] (Microsoft Corporation)
Task: {0A812714-4467-4253-84FC-71D7DF9D1484} – System32TasksDriver Easy Scheduled Scan => D:Multi Mediadrive EasyDriverEasyDriverEasy.exe
Task: {0F4825A9-C352-4880-A36E-208DC5D0F190} – System32TasksAdobeGCInvoker-1.0-DMARR-Dmarr => C:Program Files (x86)Common FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {13B13056-915B-4CF6-8B54-B4253CDE2E41} – System32Tasks{600991E7-797D-4735-893D-32A51CF4F8BB} => C:Program FilesinFluxinFlux.exe
Task: {17C4933A-8E60-4BA1-87E5-5E559858E6CD} – System32Tasks4Team updater => C:Program Files4Team Corporation4Team-Updater4Team-Updater.exe [2018-05-24] (4Team Corporation)
Task: {26C3EEC9-22C6-48C3-B74B-28CED976406D} – Syst1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [2021-12-16] (Microsoft Corporation)
Task: {2719BFBF-687A-404C-B090-60C4E082DFB1} – System32TasksG2MUploadTask-S-1-5-21-2705839474-1034495589-3787676121-1000 => C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9load.exe [2020-11-10] (LogMeIn, Inc.)
Task: {4058AC68-2A18-43AE-ABE2-B73B3F19C648} – Syst1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [2021-12-22] (Microsoft Corporation)
Task: {4DE7D500-E55F-4EB8-9464-DD72BDEC8B84} – System32TasksDell SupportAssistAgent AutoUpdate => C:Program FilesDellSupport1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe [2020-01-14] (Dell Inc.)
Task: {5DD83FE4-CA8C-45C0-AA50-20D9955E977D} – System32TasksOneDrive Standalone Update Task-S-1-5-21-2705839474-1034495589-3787676121-1000 => %localappdata%MSTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.exe
Task: {6600BDE7-4DAD-4079-BE93-CF220D5B710A} – System32Tasksnpcapwatchdog => C:Program FilesNpcapCheckStatus.bat [2020-09-24] ()
Task: {87EC50A5-9495-4D4C-A304-609FEB0CF54F} – Syst1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [2021-12-22] (Microsoft Corporation)
Task: {8AC5D26F-B4C3-46A3-8027-DCD6AB5DAC1A} – System32Tasks{0AE4A9B4-93A3-45A8-93D1-6358589C8680} => C:Program FilesinFluxinFlux.exe
Task: {920A77E4-B92C-4B3B-8083-0914663CC78E} – System32TasksAdobe Acrobat Update Task => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [2016-12-17] (Adobe Systems Incorporated)
Task: {9703C081-3160-46C2-820D-7A7465E0A7D7} – Syst1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [2021-12-22] (Microsoft Corporation)
Task: {9BA8ED51-3B9F-4DF9-9F0F-353CCDAB1465} – Syst1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2020-05-23] (Google Inc.)
Task: {ABB60A60-6114-43B4-9287-8CF3EFD79AA2} – Syst1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [2021-12-16] (Microsoft Corporation)
Task: {AE25CBA9-72C4-4C4A-9662-F82F9F0DEEB5} – System32TasksLUPServices => C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9.exe [2021-12-11] (VideoLAN)
Task: {B7476AF2-3E07-4516-BE60-188691B666B3} – System32TasksDellPPO SM Manual Update => C:Program FilesDellPPODcsuWrap.exe [2017-03-20] (Dell Inc.)
Task: {C0C2DD59-F742-470E-8A5E-DF41A26C75C5} – Syst1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2020-05-23] (Google Inc.)
Task: {CC29ABD6-785D-405F-9B17-777EFCBD6FCA} – System32Tasks{184928FA-2D05-4637-AACA-0AE54DF4E584} => pcalua.exe -a G:Dell_DriversWiDi_Utility_Intel_A05_W7W8.14-SETUP_ZPE.exe -d G:Dell_Drivers
Task: {CF1EC46F-DD86-4CEE-9EAA-68417BD32030} – Syst1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B Error ReportingSystemInfoTool => %appdata%\sysinfotool\sitool.exe
Task: {DAB35BF1-23FF-47D1-8F69-34BBCFCC1E86} – System32TasksIntel PTT EK Recertification => C:Program FilesInteliCLS ClientIntelPTTEKRecertification.exe [2017-02-24] (Intel® Corporation)
Task: {DE6D9854-5C5D-4C58-B13A-E2308EE2F37C} – System32TasksIntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:Program FilesInt1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eHrEice.exe [2017-07-13] (Intel Corporation)
Task: {F02EF1F7-AC08-40DE-8D00-F523E5F88EC9} – System32TasksIntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:Program FilesInt1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eHrEice.exe [2017-07-13] (Intel Corporation)
Task: {F0DF0C44-261D-4648-86DD-0F73ACDA8C3A} – System32TasksStartCN => C:Program FilesAMDCNextCNextcncmd.exe [2017-12-01] (Advanced Micro Devices, Inc.)
Task: {F87CBF25-B096-4337-8BBA-2296CC1592EA} – System32TasksG2MUpdateTask-S-1-5-21-2705839474-1034495589-3787676121-1000 => C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9date.exe [2020-11-10] (LogMeIn, Inc.)
Task: {FD7728BE-E283-466F-AA47-27227C04261B} – Syst1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B Subscription Maintenance => C:Program FilesMicrosoft Officeroot1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B SharedOffice16OLicenseHeartbeat.exe [2021-12-22] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:WindowsTasksDriver Easy Scheduled Scan.job => D:Multi Mediadrive EasyDriverEasyDriverEasy.exe
Task: C:WindowsTasksG2MUpdateTask-S-1-5-21-2705839474-1034495589-3787676121-1000.job => C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9date.exe
Task: C:WindowsTasksG2MUploadTask-S-1-5-21-2705839474-1034495589-3787676121-1000.job => C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9load.exe

==================== Loaded Modules (Whitelisted) ==============

2020-10-29 17:31 – 2015-09-02 20:53 – 00025584 _____ () C:WindowsSystem32KOAZ8J_L.DLL
2021-05-19 06:30 – 2021-04-26 09:01 – 08981592 _____ () D:InternetNordVPN6.36.6.0x64nordlynx.dll
2021-05-19 06:30 – 2021-04-26 09:01 – 00411824 _____ () D:InternetNordVPN6.36.6.0x64Liberation.Native.Firewall.dll
2018-11-01 05:27 – 2018-11-01 05:27 – 01356088 _____ () C:Program FilesCommon FilesAppleApple Application Supportlibxml2.dll
2018-11-01 05:27 – 2018-11-01 05:27 – 00088888 _____ () C:Program FilesCommon FilesAppleApple Application Supportzlib1.dll
2019-11-08 10:29 – 2019-11-08 10:29 – 00036032 _____ () C:Program Files (x86)DellUpdateServiceServiceShell.exe
2018-12-09 19:11 – 2012-03-09 10:27 – 00008192 _____ () C:WindowsSysWOW64srvany.exe
2018-03-05 20:47 – 2018-03-05 20:47 – 00614848 _____ () C:Program Files (x86)Common FilesAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP64.dll
2019-03-18 08:16 – 2019-03-18 08:16 – 00050952 _____ () D:InternetFileZillafzshellext_64.dll
2019-02-14 09:45 – 2019-02-14 09:45 – 00043944 _____ () C:Program FilesCommon FilesAmyuni TechnologiesPDFImpress 11PDFImpressShellExtension.dll
2020-06-23 18:58 – 2020-06-23 18:58 – 00230032 _____ () D:UtilitiesNotePad++NppShell_06.dll
2018-11-29 13:40 – 2018-11-29 13:40 – 01356088 _____ () D:Multi MediaiTuneslibxml2.dll
2018-11-29 13:41 – 2018-11-29 13:41 – 00088888 _____ () D:Multi MediaiTuneszlib1.dll
2017-11-08 10:49 – 2017-11-08 10:49 – 00894416 _____ () C:WindowsSysWOW64CodecsTrayMenu.exe
2016-08-29 16:54 – 2016-08-29 16:54 – 00014336 _____ () C:Program FilesAMDCNextCNextQtQuick.2qtquick2plugin.dll
2016-08-29 16:54 – 2016-08-29 16:54 – 00739840 _____ () C:Program FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9ickcontrolsplugin.dll
2016-08-29 16:54 – 2016-08-29 16:54 – 00014336 _____ () C:Program FilesAMDCNextCNextQtQuickWindow.2windowplugin.dll
2016-08-29 16:54 – 2016-08-29 16:54 – 00071168 _____ () C:Program FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9klayoutsplugin.dll
2016-08-29 16:54 – 2016-08-29 16:54 – 00011776 _____ () C:Program FilesAMDCNextCNextlibEGL.dll
2016-08-29 16:54 – 2016-08-29 16:54 – 02013696 _____ () C:Program FilesAMDCNextCNextlibGLESv2.dll
2016-08-29 16:54 – 2016-08-29 16:54 – 00191488 _____ () C:Program FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9gplugin.dll
 –  – 00000000 ___SH () C:UsersDmarrAYqLnTTThKqhV4npsciGstSpAa1XdkrrBP32.exe
2018-04-24 01:53 – 2018-04-24 01:53 – 01270192 _____ () C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQXsLHZtR4B7kF7AUy4TYR2HupL1SyUXqGcpzeDy9N11HMAHex5eHnYmTphgE.dll
2019-12-13 16:38 – 2019-12-13 16:38 – 00091136 _____ () C:Program Files (x86)Common FilesXtralisDriversVXRboost_thread-vc141-mt-1_65_1.dll
2019-12-13 16:38 – 2019-12-13 16:38 – 00022016 _____ () C:Program Files (x86)Common FilesXtralisDriversVXRboost_system-vc141-mt-1_65_1.dll
2019-12-13 16:38 – 2019-12-13 16:38 – 00028160 _____ () C:Program Files (x86)Common FilesXtralisDriversVXRboost_chrono-vc141-mt-1_65_1.dll
2019-12-13 16:38 – 2019-12-13 16:38 – 00047104 _____ () C:Program Files (x86)Common FilesXhiWAySpaywPqiekg43JwqnBJhRZfSnay7e-vc141-mt-1_65_1.dll
2017-06-26 13:24 – 2017-06-26 13:24 – 01244304 _____ () C:DellIntel Mang Eng CompLMSACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:ProgramDataTEMP:05E9FFE5
AlternateDataStreams: C:UsersDmarrAppDataRoamingProXoft:RVBA

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLVR2jqojevDBgbFFiKiamWQXsLHZtR4B7kF7AUy4T51vdgiMkNE1VDnM01000.sys => “”=”Driver”
HKLVR2jqojevDBgbFFiKiamWQXsLHZtR4B7kF7AUy4T51vdgiMkNE1VDnMoAssist => “”=”Service”
HKLVR2jqojevDBgbFFiKiamWQXsLHZtR4B7kF7AUy4T51vdgiMkNE1VDnM01000.sys => “”=”Driver”

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU.DEFAULT…dell.com -> dell.com
IE trusted site: HKUS-1-5-21-2705839474-1034495589-3787676121-1000…sharepoint.com -> hxxps://advantagefireprotection-files.sharepoint.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKUS-1-5-21-2705839474-1034495589-3787676121-1000Control PanelDesktop\Wallpaper -> C:UsersDmarrAYqLVR2jqojevDBgbFFiKiamWQXsLHZtR4B7kF7AUy4T51vdgiMkNE1VDnMr.jpg
DNS Servers: 192.168.1.2 – 192.168.1.17
HKLVR2jqojevDBgbFFiKiamWQXsLHZtR4B7kF7AUy4T51vdgiMkNE1VDnMstem => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIGstartupreg: AdobeAAMUpdater-1.0 => “C:Program Files (x86)Common FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9ility.exe”
MSCONFIGstartupreg: AdobeGCInvoker-1.0 => “C:Program Files (x86)Common FilesAYqLVR2jqojevDBgbFFiKiamWQT49cQvsBPH9.exe”
MSCONFIGstartupreg: DellPoaEvents => C:Program FilesDellPPODellPoaEvents.exe
MSCONFIGstartupreg: Windows Mobile Device Center => %windir%WindowsMobilewmdc.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%system32sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%system32sppsvc.exe
FirewallRules: [{224BAA43-29EE-440F-9904-FD33B6B279D3}] => (Allow) D:InternetWater Foxwaterfox.exe
FirewallRules: [{B8500223-154A-4B94-A46B-724E5AB3825C}] => (Allow) D:InternetWater Foxwaterfox.exe
FirewallRules: [{9E6F5B49-ED38-49FC-A50A-9A32A877D490}] => (Allow) D:Microsoft OfficeOffice14ONENOTE.EXE
FirewallRules: [{6F2C521B-D419-48D2-8120-BB217BD3D0A8}] => (Allow) D:Microsoft OfficeOffice14ONENOTE.EXE
FirewallRules: [{B295A57A-F171-44D4-AE1B-E18114D82A54}] => (Allow) D:Microsoft OfficeOffice14outlook.exe
FirewallRules: [{1559D547-D880-479B-9BD0-63EEC73569AF}] => (Allow) C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
FirewallRules: [{CE1B663E-34B1-4723-B836-C7E72EE0E22F}] => (Allow) C:Program FilesBonjourmDNSResponder.exe
FirewallRules: [{52A58ECF-C7C1-4F0B-926C-E5F38807D6C7}] => (Allow) C:Program FilesBonjourmDNSResponder.exe
FirewallRules: [{DB6456AE-AF15-42F7-AFCE-92C93EA736BC}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe
FirewallRules: [{A6242EC5-9917-4D2D-88AD-EB81D3AA7F92}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe
FirewallRules: [{87C73501-0F70-41C4-BD0A-0386533DAD4E}] => (Allow) D:Multi MediaiTunesiTunes.exe
FirewallRules: [TCP Query User{CE189AFD-F3C1-4DC4-9029-F04F932BA8E5}D:internetdtorrentdelugedeluge.exe] => (Allow) D:internetdtorrentdelugedeluge.exe
FirewallRules: [UDP Query User{218A6CD2-1AEC-4BFF-9F61-807C2174C36D}D:internetdtorrentdelugedeluge.exe] => (Allow) D:internetdtorrentdelugedeluge.exe
FirewallRules: [TCP Query User{ED3F4E04-3ED5-45A8-90C9-228BDFFA1E15}D:multi mediakodikodi.exe] => (Allow) D:multi mediakodikodi.exe
FirewallRules: [UDP Query User{A58F2088-30C5-432E-BCB8-3DF059B07B4F}D:multi mediakodikodi.exe] => (Allow) D:multi mediakodikodi.exe
FirewallRules: [{F2D18C9F-17F4-43B8-910A-705367E947D3}] => (Allow) C:Program FilesIntelWiFibinPanDhcpDns.exe
FirewallRules: [TCP Query User{FC446CA5-5F62-48A5-A509-326B2FB3F923}C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe] => (Allow) C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe
FirewallRules: [UDP Query User{731166B3-B02E-498A-B844-0649E656386A}C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe] => (Allow) C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe
FirewallRules: [TCP Query User{071A3FE8-2AA4-4FD5-9FF1-9B2C5995658C}C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe] => (Allow) C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe
FirewallRules: [UDP Query User{1EB0DE2C-1218-49EF-B1D4-BFF1FBDE7899}C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe] => (Allow) C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe
FirewallRules: [TCP Query User{95CB24C9-0942-4E02-A395-46D640FA94A4}C:decbinsdcd.exe] => (Block) C:decbinsdcd.exe
FirewallRules: [UDP Query User{6143AC5A-0559-4B69-A06E-764BF8147620}C:decbinsdcd.exe] => (Block) C:decbinsdcd.exe
FirewallRules: [TCP Query User{9AF416F8-3468-4379-ADDB-AFE3B8CAF2B4}D:engineeringelect1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B-818.1.0clipprojectmarking.exe] => (Block) D:engineeringelect1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B-818.1.0clipprojectmarking.exe
FirewallRules: [UDP Query User{1CA84D8E-1898-428A-BA0C-DCFBB1D3AD22}D:engineeringelect1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B-818.1.0clipprojectmarking.exe] => (Block) D:engineeringelect1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B-818.1.0clipprojectmarking.exe
FirewallRules: [TCP Query User{57D6AE4B-D0AF-40CB-A099-4BEF1D33DDAC}C:usersdmarrappdat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.2.0.511pluginhost.exe] => (Allow) C:usersdmarrappdat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.2.0.511pluginhost.exe
FirewallRules: [UDP Query User{647407EB-AF6F-4C35-9794-AA576060D1A3}C:usersdmarrappdat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.2.0.511pluginhost.exe] => (Allow) C:usersdmarrappdat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.2.0.511pluginhost.exe
FirewallRules: [{FA13D6DD-57E4-46ED-835B-BF806EBC882B}] => (Allow) C:UsersDmarrAppDataRoamingZoombinZoom.exe
FirewallRules: [{122AE7CA-E28F-4A8D-9E65-C11950403AF1}] => (Allow) C:UsersDmarrAppDataRoamingZoombinairhost.exe
FirewallRules: [TCP Query User{2B229638-CF2D-4BC8-80A6-ADE927AE9F60}C:usersdmarrappdat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.2.0.511pluginhost.exe] => (Allow) C:usersdmarrappdat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.2.0.511pluginhost.exe
FirewallRules: [UDP Query User{76640985-4531-4E7B-98BB-B0D28D5DF1BD}C:usersdmarrappdat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.2.0.511pluginhost.exe] => (Allow) C:usersdmarrappdat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.2.0.511pluginhost.exe
FirewallRules: [{C35F1E7A-1C8E-44D0-B4B6-0C77FE0D0D6D}] => (Allow) D:InternetWater Foxwaterfox.exe
FirewallRules: [{046029AE-485F-4AEF-B793-4641262B0BBF}] => (Allow) D:InternetWater Foxwaterfox.exe
FirewallRules: [TCP Query User{4A09E5C0-8DAE-4286-BA7D-8FCD21C5CE7C}C:usersdmarrappdatalocalfccfcc en.exe] => (Allow) C:usersdmarrappdatalocalfccfcc en.exe
FirewallRules: [UDP Query User{0076366C-32C6-4073-91E3-7C4A1A15B91B}C:usersdmarrappdatalocalfccfcc en.exe] => (Allow) C:usersdmarrappdatalocalfccfcc en.exe
FirewallRules: [TCP Query User{7089F0B2-8232-495B-9844-FB57C3A033E3}C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe] => (Allow) C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe
FirewallRules: [UDP Query User{DD9D471F-01F5-4AE1-A7A5-82B4E2CE83BE}C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe] => (Allow) C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe
FirewallRules: [{E75357FA-D726-47C8-AEEF-DB80058EBE21}] => (Allow) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe
FirewallRules: [{826DCF39-6ACF-49B5-B371-28A76C7C9410}] => (Allow) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe
FirewallRules: [{B11F1B52-C7F5-4DCC-9545-FB425ACE3C0C}] => (Allow) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe
FirewallRules: [TCP Query User{FCEE82E7-0C19-4AD6-B986-5521955EC808}D:engineeringelectricalfluke2683a data loggerflukedaq-v6.0.4binstudio manager.exe] => (Allow) D:engineeringelectricalfluke2683a data loggerflukedaq-v6.0.4binstudio manager.exe
FirewallRules: [UDP Query User{9DEB5139-93E3-43BA-85A1-7D8A2B561D0E}D:engineeringelectricalfluke2683a data loggerflukedaq-v6.0.4binstudio manager.exe] => (Allow) D:engineeringelectricalfluke2683a data loggerflukedaq-v6.0.4binstudio manager.exe
FirewallRules: [{974BF1FC-9516-476E-9FAA-4A29B202EC7F}] => (Allow) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe
FirewallRules: [{67CE9E28-DC48-40F9-9BD3-B8B51D710B4E}] => (Allow) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe
FirewallRules: [TCP Query User{EA698F59-CA23-4E64-91E0-9E03D7675CDA}D:engineeringelectricalfluke2683a data loggerflukedaq-v6.0.4binstudio manager.exe] => (Allow) D:engineeringelectricalfluke2683a data loggerflukedaq-v6.0.4binstudio manager.exe
FirewallRules: [UDP Query User{E3414252-6DE7-47DA-9230-040AEF654CFC}D:engineeringelectricalfluke2683a data loggerflukedaq-v6.0.4binstudio manager.exe] => (Allow) D:engineeringelectricalfluke2683a data loggerflukedaq-v6.0.4binstudio manager.exe
FirewallRules: [TCP Query User{D0103B3C-C822-4ABD-B24C-9853CFB7C842}C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe] => (Allow) C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe
FirewallRules: [UDP Query User{5AA12006-C9E8-43EA-81FE-4F99DC4A145C}C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe] => (Allow) C:usersdmarrappdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe
FirewallRules: [{0AEB2C26-1942-49D3-80FE-7FBC47956625}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe
FirewallRules: [{A56D5E21-8B67-47E0-BBC5-C5C74A8666C3}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe
FirewallRules: [TCP Query User{A2BF2218-CADD-4787-869B-3A2E2C1C4EE0}D:engineeringplcmaple systemsebprogui_e30.exe] => (Allow) D:engineeringplcmaple systemsebprogui_e30.exe
FirewallRules: [UDP Query User{3D52A14C-1662-4C00-BDB1-1977CC91E37B}D:engineeringplcmaple systemsebprogui_e30.exe] => (Allow) D:engineeringplcmaple systemsebprogui_e30.exe
FirewallRules: [TCP Query User{B5CA3C10-0AA8-42B2-9708-B2591E06FA7D}D:engineeringplcmaple systemsebprocom_e30.exe] => (Allow) D:engineeringplcmaple systemsebprocom_e30.exe
FirewallRules: [UDP Query User{6BFF8677-9A2C-4053-A56F-58C1A7E633DD}D:engineeringplcmaple systemsebprocom_e30.exe] => (Allow) D:engineeringplcmaple systemsebprocom_e30.exe
FirewallRules: [TCP Query User{34983917-240C-4F1F-B74E-27945011643E}D:engineeringplcmaple systemsebprocmtviewer.exe] => (Allow) D:engineeringplcmaple systemsebprocmtviewer.exe
FirewallRules: [UDP Query User{269A2AEF-3D24-4119-9868-549164855D20}D:engineeringplcmaple systemsebprocmtviewer.exe] => (Allow) D:engineeringplcmaple systemsebprocmtviewer.exe
FirewallRules: [TCP Query User{0116CDDB-6F50-4942-BCC7-38B1AFD1230F}D:engineeringplcmaple systemsebprocom_c30.exe] => (Allow) D:engineeringplcmaple systemsebprocom_c30.exe
FirewallRules: [UDP Query User{2DE7AF79-C389-4192-9DCD-9389FFC09EFD}D:engineeringplcmaple systemsebprocom_c30.exe] => (Allow) D:engineeringplcmaple systemsebprocom_c30.exe
FirewallRules: [TCP Query User{AEF9C4EA-8100-4EAC-B569-97C8B8444164}D:engineeringplcmaple systemsebprodserver.exe] => (Allow) D:engineeringplcmaple systemsebprodserver.exe
FirewallRules: [UDP Query User{F132C097-5452-48A6-8D19-5D72F2E3D771}D:engineeringplcmaple systemsebprodserver.exe] => (Allow) D:engineeringplcmaple systemsebprodserver.exe
FirewallRules: [TCP Query User{1FCC9F3D-5303-4442-A320-72070E3F8380}D:engineeringplcmaple systemsebproeasydiagnoser.exe] => (Allow) D:engineeringplcmaple systemsebproeasydiagnoser.exe
FirewallRules: [UDP Query User{ADE41659-D52C-4376-BA66-484E1B133DC7}D:engineeringplcmaple systemsebproeasydiagnoser.exe] => (Allow) D:engineeringplcmaple systemsebproeasydiagnoser.exe
FirewallRules: [TCP Query User{794F8A46-C6F8-48E4-B69D-C503D713CC3C}D:engineeringplcmodbus toolsmodrssimmod_rssim.exe] => (Allow) D:engineeringplcmodbus toolsmodrssimmod_rssim.exe
FirewallRules: [UDP Query User{E397B97E-B9C9-41E4-BE92-84691B8571DF}D:engineeringplcmodbus toolsmodrssimmod_rssim.exe] => (Allow) D:engineeringplcmodbus toolsmodrssimmod_rssim.exe
FirewallRules: [TCP Query User{2F4CB7D5-6A86-49D4-94B5-3B283A03D917}D:engineeringplcmaple systemsebproeasybuilder pro.exe] => (Allow) D:engineeringplcmaple systemsebproeasybuilder pro.exe
FirewallRules: [UDP Query User{30FA55A6-04B1-4898-8CA0-1326A007CB34}D:engineeringplcmaple systemsebproeasybuilder pro.exe] => (Allow) D:engineeringplcmaple systemsebproeasybuilder pro.exe
FirewallRules: [TCP Query User{21F6C5BE-5EF5-48AC-BE3C-4063ED14D8D7}D:engineeringplcmaple systemsebproeasywatch.exe] => (Allow) D:engineeringplcmaple systemsebproeasywatch.exe
FirewallRules: [UDP Query User{55AADE1B-20ED-4E85-B1E5-5C40A2C8E21A}D:engineeringplcmaple systemsebproeasywatch.exe] => (Allow) D:engineeringplcmaple systemsebproeasywatch.exe
FirewallRules: [TCP Query User{90BFF4E8-EC0F-4773-94F7-EA99D080FCDE}D:engineeringplcmaple systemsebproeasyaccess.exe] => (Allow) D:engineeringplcmaple systemsebproeasyaccess.exe
FirewallRules: [UDP Query User{DFE14A09-E62D-4357-9B9F-FF269F5B1AEC}D:engineeringplcmaple systemsebproeasyaccess.exe] => (Allow) D:engineeringplcmaple systemsebproeasyaccess.exe
FirewallRules: [TCP Query User{0A238CE1-1F24-4EE9-B16F-A73356F07AE6}D:engineeringplcmaple systemsebprocom_e30.exe] => (Allow) D:engineeringplcmaple systemsebprocom_e30.exe
FirewallRules: [UDP Query User{A39AAEEC-1416-42DB-BABB-622D974E33CB}D:engineeringplcmaple systemsebprocom_e30.exe] => (Allow) D:engineeringplcmaple systemsebprocom_e30.exe
FirewallRules: [TCP Query User{C7EE043E-6A3C-4C26-9C74-860EE930BCC5}D:engineeringplcmaple systemsebprogui_e30.exe] => (Allow) D:engineeringplcmaple systemsebprogui_e30.exe
FirewallRules: [UDP Query User{191E96FB-8C4F-49E0-84C3-B2DA30757457}D:engineeringplcmaple systemsebprogui_e30.exe] => (Allow) D:engineeringplcmaple systemsebprogui_e30.exe
FirewallRules: [TCP Query User{4C533891-3C77-486B-B898-92E7A9805E2B}D:engineeringplcmaple systemsebproutilitymanagerex.exe] => (Allow) D:engineeringplcmaple systemsebproutilitymanagerex.exe
FirewallRules: [UDP Query User{18426583-0598-4A2E-BBAE-7BD0DE98816B}D:engineeringplcmaple systemsebproutilitymanagerex.exe] => (Allow) D:engineeringplcmaple systemsebproutilitymanagerex.exe
FirewallRules: [TCP Query User{46A04B89-AE53-4981-A99A-B0D77D9BF6F9}D:engineeringplcmaple systemsebproeasyprinter.exe] => (Allow) D:engineeringplcmaple systemsebproeasyprinter.exe
FirewallRules: [UDP Query User{A406EDA8-7905-48BF-814B-C040556D601F}D:engineeringplcmaple systemsebproeasyprinter.exe] => (Allow) D:engineeringplcmaple systemsebproeasyprinter.exe
FirewallRules: [{D02E4909-8FAA-4B3B-B6D1-78E15EF955B8}] => (Allow) C:ProgramDat1MrxfTYR2HupL1SyUXqGcpzeDy9N11HMAHex5eH.EXE
FirewallRules: [TCP Query User{DBDCA070-DC8C-4674-A763-B7C850CFEFAD}C:programdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.36.86logioptionsmgr.exe] => (Allow) C:programdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.36.86logioptionsmgr.exe
FirewallRules: [UDP Query User{DFF26E74-FB78-4A04-95D2-ACF8A43BEEA2}C:programdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.36.86logioptionsmgr.exe] => (Allow) C:programdat1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.36.86logioptionsmgr.exe
FirewallRules: [{F910D79E-1C82-4574-9104-5087219C8205}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe
FirewallRules: [{534807D6-D73B-4D9D-AA89-D8031F41207E}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe
FirewallRules: [{F4F45030-70BD-4416-BC6B-E31E9511DA16}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe
FirewallRules: [TCP Query User{19E98444-B96D-4528-ACAA-3722F96E4199}C:decbinsdcd.exe] => (Allow) C:decbinsdcd.exe
FirewallRules: [UDP Query User{0731FE0E-BB27-4635-8CC1-F60F1BBD823F}C:decbinsdcd.exe] => (Allow) C:decbinsdcd.exe
FirewallRules: [TCP Query User{0CB40AAB-B815-48D0-9C80-7CAD8C5D033F}D:utilitiesdip switch decodermodbus rs simulator.exe] => (Allow) D:utilitiesdip switch decodermodbus rs simulator.exe
FirewallRules: [UDP Query User{94AFC7E4-AFD5-4462-92E1-CD909FE91A36}D:utilitiesdip switch decodermodbus rs simulator.exe] => (Allow) D:utilitiesdip switch decodermodbus rs simulator.exe
FirewallRules: [{BDF6CAC4-0184-40D4-9441-003A5C0035E0}] => (Allow) C:Windowssystem32hasplms.exe
FirewallRules: [TCP Query User{C951A864-9E8B-4EC4-982A-8A4EF6F9C7C2}D:engineeringplcmaple systemsebprocmtviewer.exe] => (Allow) D:engineeringplcmaple systemsebprocmtviewer.exe
FirewallRules: [UDP Query User{285263D8-2BCF-430F-A8BD-B54E2EDDBA19}D:engineeringplcmaple systemsebprocmtviewer.exe] => (Allow) D:engineeringplcmaple systemsebprocmtviewer.exe
FirewallRules: [{5F775E76-2972-4BA9-BE49-38517F40E171}] => (Allow) D:InternetQTorrentqbittorrent.exe
FirewallRules: [{46830F6F-874F-4024-910E-C0AD20A18A49}] => (Allow) D:InternetQTorrentqbittorrent.exe
FirewallRules: [TCP Query User{AB361291-5618-4CCF-A142-6B6D8C45C622}D:multi mediamedia manager (tiny)jrebinjavaw.exe] => (Allow) D:multi mediamedia manager (tiny)jrebinjavaw.exe
FirewallRules: [UDP Query User{1849269C-683B-432A-9218-0670FD673DD4}D:multi mediamedia manager (tiny)jrebinjavaw.exe] => (Allow) D:multi mediamedia manager (tiny)jrebinjavaw.exe
FirewallRules: [{601017B8-7246-45D1-B286-F6B571D4A25A}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe
FirewallRules: [TCP Query User{FE25BC4E-6A0E-4D96-992E-91C1DD3E9CFD}D:multi mediamedia manager (tiny) v4jrebinjavaw.exe] => (Allow) D:multi mediamedia manager (tiny) v4jrebinjavaw.exe
FirewallRules: [UDP Query User{E6478C4D-0E95-4562-B526-32F45C13F232}D:multi mediamedia manager (tiny) v4jrebinjavaw.exe] => (Allow) D:multi mediamedia manager (tiny) v4jrebinjavaw.exe
FirewallRules: [TCP Query User{23DEEE17-ECDF-4C12-AE42-8FA2B94D317A}D:int1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe] => (Allow) D:int1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe
FirewallRules: [UDP Query User{4B089743-FF10-4B7D-AF53-2F78AE4E1250}D:int1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe] => (Allow) D:int1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe
FirewallRules: [TCP Query User{C82DE8FB-53EF-46B1-8EB6-FAC041149D59}D:utilitieswirelessnmapnmap.exe] => (Allow) D:utilitieswirelessnmapnmap.exe
FirewallRules: [UDP Query User{60ABD474-CB41-4645-94ED-C5E9B91A9FAB}D:utilitieswirelessnmapnmap.exe] => (Allow) D:utilitieswirelessnmapnmap.exe
DomainProfileAuthorizedApplications: [C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe] => Enabled:CodeMeter Runtime Server
St1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B: [C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Faulty Device Manager Devices =============

Name: TAP-NordVPN Windows Adapter V9
Description: TAP-NordVPN Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-NordVPN Windows Provider V9
Service: tapnordvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Low Energy HID Device
Description: Bluetooth Low Energy HID Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Intel Corporation
Service: btmlehid
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.

Name: Bluetooth Low Energy HID Device
Description: Bluetooth Low Energy HID Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Intel Corporation
Service: btmlehid
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.

Name: Bluetooth Low Energy HID Device
Description: Bluetooth Low Energy HID Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Intel Corporation
Service: btmlehid
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.

Name: Bluetooth Low Energy HID Device
Description: Bluetooth Low Energy HID Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Intel Corporation
Service: btmlehid
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/31/2021 01:10:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for “C:WindowsWinSxSmanifestsamd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest1”.Error in manifest or policy file “C:WindowsWinSxSmanifestsamd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest2” on line C:WindowsWinSxSmanifestsamd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:WindowsWinSxSmanifestsamd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest.
Component 2: C:WindowsWinSxSmanifestsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest.

Error: (12/31/2021 01:06:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WSCommCntr1.exe, version: 18.0.55.0, time stamp: 0x498fdff7
Faulting module name: WSCommCntr1.exe, version: 18.0.55.0, time stamp: 0x498fdff7
Exception code: 0xc0000005
Fault offset: 0x000000000000b25c
Faulting process id: 0x28a4
Faulting application start time: 0xWSCommCntr1.exe0
Faulting application path: WSCommCntr1.exe1
Faulting module path: WSCommCntr1.exe2
Report Id: WSCommCntr1.exe3

Error: (12/31/2021 01:04:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program acad.exe version 24.0.55.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2428

Start Time: 01d7fce182bbe200

Termination Time: 141

Application Path: D:EngineeringAutoCADacad.exe

Report Id: 663bc12c-6a6c-11ec-a02b-f81654843045

Error: (12/31/2021 12:57:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: waterfox.exe, version: 56.6.0.7949, time stamp: 0x615dbd38
Faulting module name: xul.dll, version: 56.6.0.7949, time stamp: 0x615dbd86
Exception code: 0x80000003
Fault offset: 0x00000000004bea68
Faulting process id: 0x2e40
Faulting application start time: 0xwaterfox.exe0
Faulting application path: waterfox.exe1
Faulting module path: waterfox.exe2
Report Id: waterfox.exe3

Error: (12/28/2021 10:46:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.23537, time stamp: 0x6186a6bb
Faulting module name: explorer.exe, version: 6.1.7601.23537, time stamp: 0x6186a6bb
Exception code: 0xc0000005
Fault offset: 0x00000000000da90c
Faulting process id: 0x1ba4
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (12/28/2021 10:40:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 990×80041003

Error: (12/28/2021 10:40:16 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (12/28/2021 10:40:16 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (12/28/2021 10:40:16 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (12/26/2021 02:39:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program qbittorrent.exe version 4.3.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1f0

Start Time: 01d7fa7c613582c8

Termination Time: 351

Application Path: D:InternetQTorrentqbittorrent.exe

Report Id: d78fd3c2-668b-11ec-8254-f81654843045

System errors:
=============
Error: (12/31/2021 12:56:22 PM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \advintdc4.advantagefireprotection.local, a Windows domain controller
for domain AFP, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (12/31/2021 12:26:45 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (12/31/2021 09:55:56 AM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \advintdc3.advantagefireprotection.local, a Windows domain controller
for domain AFP, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (12/31/2021 08:55:51 AM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \advintdc4.advantagefireprotection.local, a Windows domain controller
for domain AFP, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (12/31/2021 05:39:28 AM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \advintdc3.advantagefireprotection.local, a Windows domain controller
for domain AFP, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (12/31/2021 04:54:19 AM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \advintdc4.advantagefireprotection.local, a Windows domain controller
for domain AFP, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (12/31/2021 01:38:02 AM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \advintdc3.advantagefireprotection.local, a Windows domain controller
for domain AFP, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (12/31/2021 12:52:54 AM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \advintdc4.advantagefireprotection.local, a Windows domain controller
for domain AFP, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (12/30/2021 09:37:37 PM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \advintdc3.advantagefireprotection.local, a Windows domain controller
for domain AFP, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (12/30/2021 08:52:29 PM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \advintdc4.advantagefireprotection.local, a Windows domain controller
for domain AFP, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

CodeIntegrity:
===================================
  Date: 2021-11-04 07:16:29.128
  Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume5Ut1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2021-11-04 07:16:29.097
  Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume5Ut1MrxfTEGEZioK7qjcDd48KVC5BMk7ccH8B.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2020-01-16 19:16:17.189
  Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume5UtilitiesSysInternalsPORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2020-01-16 19:16:17.179
  Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume5UtilitiesSysInternalsPORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2020-01-16 19:16:01.458
  Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume5UtilitiesSysInternalsPORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2020-01-16 19:16:01.448
  Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume5UtilitiesSysInternalsPORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2020-01-16 19:08:30.454
  Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume5UtilitiesSysInternalsPORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2020-01-16 19:08:30.444
  Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume5UtilitiesSysInternalsPORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2020-01-16 19:06:36.489
  Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume5UtilitiesSysInternalsPORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2020-01-16 19:06:36.448
  Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume5UtilitiesSysInternalsPORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7-4940MX CPU @ 3.10GHz
Percentage of memory in use: 25%
Total physical RAM: 31971.07 MB
Available physical RAM: 23823.22 MB
Total Virtual: 64240.27 MB
Available Virtual: 55081.36 MB

==================== Drives ================================

Drive c: (Primary SSD) (Fixed) (Total:465.54 GB) (Free:60.99 GB) NTFS
Drive d: (Secondary) (Fixed) (Total:1862.89 GB) (Free:432.01 GB) NTFS
Drive g: (Piat’s TV) (Fixed) (Total:4657.49 GB) (Free:3946.37 GB) NTFS
Drive h: (Engineering) (Fixed) (Total:1862.98 GB) (Free:1254.8 GB) NTFS
Drive t: () (Network) (Total:1599.66 GB) (Free:369.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 1005F107)
Partition 1: (Not Active) – (Size=1863 GB) – (Type=07 NTFS)

========================================================
Disk: 3 (Size: 4657.5 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt ============================




Original Source by [author_name]

Leave a Reply

Your email address will not be published.

forty seven − = 38