Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old September 28th, 2021, 10:28 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
 
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
ebay, comcast email, wifi disconnect

Someone got into my ebay account, fathers comcast email doesn't work (but that's a coincidence?), my wifi keeps disconnecting.
Reply With Quote
  #2  
Old September 29th, 2021, 04:25 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Hi Shirley Jester,


Sounds like you need online fixed, but let's take a look.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Reply With Quote
  #3  
Old October 1st, 2021, 07:10 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
 
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
I have 2 ebay accounts, the hacked account, I use my fathers email address.
Comcast is supposedly working to fix fathers email.
My WiFi disconnecting is because I unchecked "Connect automatically" ?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by glass (administrator) on HAL9000 (Dell Inc. Precision 7730) (01-10-2021 10:54:42)
Running from C:\Users\glass\Desktop
Loaded Profiles: glass
Platform: Windows 10 Pro for Workstations Version 21H1 19043.1237 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

("STMicroelectronics Srl" -> ) C:\Windows\System32\drivers\DellFFDPWmiService.exe
() [File not signed] C:\Program Files (x86)\Common Files\Materialise\LicenseFiles6\LicSrv60.exe
(3Dconnexion SAM -> 3Dconnexion) C:\Program Files (x86)\3Dconnexion\3DxWare\3DxNLServer\bin\3dxnlser ver.exe
(3Dconnexion SAM -> 3Dconnexion, INC) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService. exe
(3Dconnexion) [File not signed] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3dxpiemenus .exe
(3Dconnexion) [File not signed] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxProfileS erver.exe
(3Dconnexion) [File not signed] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxVirtualL CD.exe
(3Dconnexion) [File not signed] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\Mgl3DCtlrRP CService.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApMsgFwd.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApntEx.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\hidfind.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\HidMonitorSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dassault Systemes SolidWorks Corp. -> ) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\DellPoaEvents\DellPoaEvents.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\dpoMonitorSvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaSmSrv.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaTaServ.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\Telemetry\dpoTelemetrySvc.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(GOM GmbH -> GOM GmbH) C:\Program Files\GOM\2019\bin\start_gom_free.exe
(GOM GmbH -> GOM GmbH) C:\Program Files\GOM\2019\bin\systray.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler. exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler6 4.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal .inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms .inf_amd64_dc8575dca42caa2c\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_28efa2cb508b2ae9\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_28efa2cb508b2ae9\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igc c_dch.inf_amd64_70e7e4392a76adb3\OneApp.IGCC.WinSe rvice.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_e6610765cda2bce8\IntelCpHDCPSvc.ex e
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_e6610765cda2bce8\IntelCpHeciSvc.ex e
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ias torac.inf_amd64_f881c4be237ce854\RstMwService.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
(Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.ex e
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlse rvr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2 103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\UshUpgradeService.exe
(Microsoft Windows Hardware Compatibility Publisher -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\Apoint.exe
(Microsoft Windows Hardware Compatibility Publisher -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\ApRemote.exe
(Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostControlService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostStorageService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Numecent, Inc. -> Numecent, Inc.) C:\Program Files\Numecent\Application Jukebox Player\CoreHelper.exe
(Numecent, Inc. -> Numecent, Inc.) C:\Program Files\Numecent\Application Jukebox Player\StreamingCore.exe
(Numecent, Inc. -> Numecent, Inc.) C:\Program Files\PTC\PTC Creo Player\PTC Creo Player.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvd m.inf_amd64_9576e19559bd6524\Display.NvContainer\N VDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvd m.inf_amd64_9576e19559bd6524\NVWMI\nvWmi64.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\rea ltekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUServ ice64.exe <3>
(SafeNet Canada, Inc. -> SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe
(SafeNet, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\glass\AppData\Local\slack\app-4.20.0\slack.exe <5>
(The Imaging Source Europe GmbH) [File not signed] C:\Program Files (x86)\The Imaging Source Europe GmbH\Cam33U Driver\service_bin\Cam33UService.exe
(The Imaging Source Europe GmbH) [File not signed] C:\Program Files (x86)\The Imaging Source Europe GmbH\Cam33U Driver\service_bin\Cam33UService_SessionProxy.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wav esapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.ex e
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wav esapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSysSvc64 .exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\rea ltekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUServ ice64.exe [1223224 2021-01-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [3DxWare Service] => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService. exe [2044936 2017-03-17] (3Dconnexion SAM -> 3Dconnexion, INC)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wav esapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.ex e [1237920 2019-09-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [DellPoaEvents] => C:\Program Files\Dell\PPO\DellPoaEvents\DellPoaEventsLauncher .exe [178384 2020-07-09] (Dell Inc -> )
HKLM\...\Run: [Endeavors Technologies PTC Creo Player] => C:\Program Files\PTC\PTC Creo Player\PTC Creo Player.exe [9511328 2019-05-03] (Numecent, Inc. -> Numecent, Inc.)
HKU\S-1-5-21-971104189-752081202-1987908589-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-971104189-752081202-1987908589-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\glass\AppData\Local\slack\slack.exe [309568 2021-09-24] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG5500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBU.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.61\Insta ller\chrmstp.exe [2021-09-24] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2020-09-13]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GOM Maintenance Tool.lnk [2021-09-11]
ShortcutTarget: GOM Maintenance Tool.lnk -> C:\Program Files\GOM\2019\bin\start_gom_free.exe (GOM GmbH -> GOM GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2020 Fast Start.lnk [2020-09-21]
ShortcutTarget: SOLIDWORKS 2020 Fast Start.lnk -> C:\Windows\Installer\{3F4681F3-B30B-4531-ADB2-3661B531F926}\NewShortcut2_87EDF6C81D0A4B7B84F42FE 0C6A9D608.exe (Flexera) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A7EA3A3-259D-4374-848F-2F8104F1C432} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0C45425C-BC66-4611-A4F7-43959658E509} - System32\Tasks\G2MUpdateTask-S-1-5-21-971104189-752081202-1987908589-1001 => C:\Users\glass\AppData\Local\GoToMeeting\19796\g2m update.exe [31176 2021-06-28] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {11880F0D-B8E8-4EA0-A1AC-EAA5A342953E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {1501B0A2-6FB7-4808-8450-6544B2A9123F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {36A97C7D-CBF3-4E19-A79F-6463678C5E49} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {3A90BBB2-4364-4EF4-8003-5572F474B68B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {4796B0A2-1019-4EA0-96BF-B4AD44A1EB83} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {587F571F-1398-4240-A6D5-F8ADC73CD3A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {75CF2026-9FD2-40BA-AFB5-9075D61FB806} - System32\Tasks\G2MUploadTask-S-1-5-21-971104189-752081202-1987908589-1001 => C:\Users\glass\AppData\Local\GoToMeeting\19796\g2m upload.exe [31176 2021-06-28] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {7835FEE4-4FF8-46A7-A7CE-E4D499A655D8} - System32\Tasks\CCleanerSkipUAC - glass => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7B58B999-954F-4986-B3C1-BFAAB65BEB79} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9517D92D-D9F0-42BA-9804-09FF80EA5F29} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1553328 2021-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {98DE7A84-D2AE-4688-B393-81589DB00F08} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-20] (Google Inc -> Google Inc.)
Task: {A68992A9-8675-4BBE-BF52-168CF59E781F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B2BE4001-B1B9-4146-812B-FC76B0FFD739} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {BFE28785-F125-46A8-BEA3-383EA7B642FD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4EE45EA-9A1C-4E84-BA32-DC5A58571B33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-20] (Google Inc -> Google Inc.)
Task: {CE1203E3-2E40-42D1-AA27-018B037A42D9} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {D4310E6B-F390-47C9-B701-70ABF28C4568} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB0324DD-F0F6-4C93-9D91-D37099BE8714} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC7FF54A-669A-4FF8-98FF-9B9F3189ECAE} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-971104189-752081202-1987908589-1001 => C:\Users\glass\AppData\Local\Microsoft\OneDrive\On eDriveStandaloneUpdater.exe [2734952 2020-04-24] () [File not signed]
Task: {FBE351A1-AC0D-47E6-9913-0D78E9F78F06} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {FEE71E5C-56C3-48DC-BA2F-0EA377103E72} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-971104189-752081202-1987908589-1001.job => C:\Users\glass\AppData\Local\GoToMeeting\19796\g2m update.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-971104189-752081202-1987908589-1001.job => C:\Users\glass\AppData\Local\GoToMeeting\19796\g2m upload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9c9f5910-a0c8-4bca-90a9-3745143c3687}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a4808e97-653e-45a0-9574-c682aa6746ea}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\glass\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\glass\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-27]

FireFox:
========
FF DefaultProfile: cl44evmp.default
FF ProfilePath: C:\Users\glass\AppData\Roaming\Mozilla\Firefox\Pro files\cl44evmp.default [2019-11-22]
FF ProfilePath: C:\Users\glass\AppData\Roaming\Mozilla\Firefox\Pro files\8n0nbm6p.default-release-1585658969566 [2021-10-01]
FF Notifications: Mozilla\Firefox\Profiles\8n0nbm6p.default-release-1585658969566 -> hxxps://mail.google.com
FF Extension: (Cisco Webex Extension) - C:\Users\glass\AppData\Roaming\Mozilla\Firefox\Pro files\8n0nbm6p.default-release-1585658969566\Extensions\ciscowebexstart1@cisco.co m.xpi [2021-07-26]
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Composer\bin\npcomposerplayerwebplugin.dll [2020-05-08] (DASSAULT SYSTEMES SE -> Dassault Systemes)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Composer\bin\x86\npcomposerplayerwebplugin.dll [2020-05-08] (DASSAULT SYSTEMES SE -> Dassault Systemes)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\glass\AppData\Roaming\mozilla\plugins\npa tgpc.dll [2020-07-29]

Chrome:
=======
CHR Profile: C:\Users\glass\AppData\Local\Google\Chrome\User Data\Default [2021-09-27]
CHR Extension: (Slides) - C:\Users\glass\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2018-12-20]
CHR Extension: (Docs) - C:\Users\glass\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2018-12-20]
CHR Extension: (Google Drive) - C:\Users\glass\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2021-06-25]
CHR Extension: (YouTube) - C:\Users\glass\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2018-12-20]
CHR Extension: (Sheets) - C:\Users\glass\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2018-12-20]
CHR Extension: (Google Docs Offline) - C:\Users\glass\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2021-06-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\glass\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-06-25]
CHR Extension: (Gmail) - C:\Users\glass\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2021-06-25]
CHR Extension: (Chrome Media Router) - C:\Users\glass\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2021-06-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe [894880 2021-05-24] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 Cam33UService; C:\Program Files (x86)\The Imaging Source Europe GmbH\Cam33U Driver\service_bin\Cam33UService.exe [1387520 2018-11-27] (The Imaging Source Europe GmbH) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9824672 2019-07-30] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2021-05-13] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3455536 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [294448 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{3E3A49EE-1E56-40B4-A387-EF8F6255C2C4} [21312 2020-10-18] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-05-27] (Dell Inc -> )
R2 DellFFDPWmiService; C:\WINDOWS\System32\drivers\DellFFDPWmiService.exe [32528 2020-02-17] ("STMicroelectronics Srl" -> )
R2 DpoMonitorSvc; C:\Program Files\Dell\PPO\dpoMonitorSvc.exe [1382096 2020-07-09] (Dell Inc -> Dell Inc.)
R2 dpoTelemetrySvc; C:\Program Files\Dell\PPO\Telemetry\dpoTelemetrySvc.exe [241360 2020-07-09] (Dell Inc -> Dell Inc.)
R2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [181384 2020-05-08] (Dassault Systemes SolidWorks Corp. -> )
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4502024 2018-03-29] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 hostcontrolsvc; C:\WINDOWS\System32\HostControlService.exe [815616 2019-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 hoststoragesvc; C:\WINDOWS\System32\HostStorageService.exe [161280 2019-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [924472 2020-05-08] (Intel(R) Software Development Products -> Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 MatLocalLicenceServer60; C:\Program Files (x86)\Common Files\Materialise\LicenseFiles6\LicSrv60.exe [7332352 2018-10-08] () [File not signed]
R2 Mgl3DCtlrRPCService; C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\Mgl3DCtlrRP CService.exe [154112 2017-03-17] (3Dconnexion) [File not signed]
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlse rvr.exe [372512 2018-09-07] (Microsoft Corporation -> Microsoft Corporation)
R2 NVWMI; C:\WINDOWS\System32\DriverStore\FileRepository\nvd m.inf_amd64_9576e19559bd6524\NVWMI\nvWmi64.exe [4440856 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PACSPTISVR-Sound_Organizer; C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe [174176 2012-11-08] (Sony Corporation -> Sony Corporation)
R2 poaService; C:\Program Files\Dell\PPO\poaService.exe [1771728 2020-07-09] (Dell Inc -> Dell Inc.)
R2 PoaSMSrv; C:\Program Files\Dell\PPO\poaSmSrv.exe [424656 2020-07-09] (Dell Inc -> Dell Inc.)
R2 poaTaServ; C:\Program Files\Dell\PPO\poaTaServ.exe [1507528 2020-07-09] (Dell Inc -> Dell Inc.)
R2 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.ex e [251416 2020-05-08] (Mentor Graphics Corporation -> Mentor Graphics Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [405136 2016-12-16] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1261200 2016-12-14] (SafeNet Canada, Inc. -> SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc. -> SafeNet, Inc.)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2020-09-21] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAG ENT.EXE [613152 2018-09-07] (Microsoft Corporation -> Microsoft Corporation)
R2 StreamingCore; C:\Program Files\Numecent\Application Jukebox Player\StreamingCore.exe [7251840 2019-05-03] (Numecent, Inc. -> Numecent, Inc.)
R2 SWVisualize2020.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [30208 2020-05-08] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
R2 ushupgradesvc; C:\WINDOWS\System32\UshUpgradeService.exe [265728 2019-12-20] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvd m.inf_amd64_9576e19559bd6524\Display.NvContainer\N VDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSyste m.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvd m.inf_amd64_9576e19559bd6524\Display.NvContainer\p lugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 3dxhid; C:\WINDOWS\System32\drivers\3dxhid.sys [48560 2017-01-27] (3Dconnexion SAM -> 3Dconnexion SAM)
S3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [87832 2018-03-29] (SafeNet, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [86296 2018-03-29] (SafeNet, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [323600 2018-03-29] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidfiltrSW.sys [362512 2021-05-24] (WDKTestCert CHT1HTSH3180,132475688214743128 -> ALPSALPINE Co., Ltd.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35208 2020-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1304816 2018-03-29] (SafeNet, Inc. -> SafeNet, Inc.)
R3 KMJHidMini; C:\WINDOWS\System32\drivers\3dxkmj.sys [18944 2017-01-27] (Microsoft Windows Hardware Compatibility Publisher -> 3Dconnextion Inc.)
R3 KMJShim; C:\WINDOWS\System32\drivers\3dxshim.sys [7168 2017-01-27] (Microsoft Windows Hardware Compatibility Publisher -> 3Dconnextion Inc.)
R3 POADrvr; C:\WINDOWS\system32\drivers\POADrvr.sys [40872 2019-09-08] (DellDPO(driver) -> Dell Computer Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2020-05-01] (Corel Corporation -> Corel Corporation)
S4 RsFx0321; C:\WINDOWS\System32\DRIVERS\RsFx0321.sys [258720 2018-07-25] (Microsoft Corporation -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 StreamingFSD; C:\WINDOWS\System32\DRIVERS\StreamingFSD.sys [840376 2019-05-03] (Numecent, Inc. -> Numecent, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wim an.inf_amd64_420e5de7a8744212\WiMan\WiMan.sys [166480 2021-04-19] (Intel Corporation -> )
R3 WinDriver6; C:\WINDOWS\system32\drivers\NE_UsbDriver_Win64.sys [254976 2014-12-08] (NextEngine, Inc. -> Jungo)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-01 10:54 - 2021-10-01 10:55 - 000034460 _____ C:\Users\glass\Desktop\FRST.txt
2021-10-01 10:52 - 2021-10-01 10:55 - 000000000 ____D C:\FRST
2021-10-01 10:36 - 2021-10-01 10:36 - 002304512 _____ (Farbar) C:\Users\glass\Desktop\FRST64.exe
2021-09-28 19:43 - 2021-09-28 19:43 - 000000000 _____ C:\WINDOWS\invcol.tmp
2021-09-27 23:46 - 2021-09-27 23:46 - 000456610 _____ C:\Users\glass\Downloads\stab back better Cjones09262021.webp
2021-09-27 23:39 - 2021-09-27 23:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-09-25 18:41 - 2021-09-27 23:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-09-24 10:07 - 2021-09-24 10:07 - 000002201 _____ C:\Users\glass\Desktop\Slack.lnk
2021-09-22 05:08 - 2021-05-24 03:41 - 000138376 _____ (ALPS ALPINE CO., LTD.) C:\WINDOWS\system32\Vxdif.dll
2021-09-22 05:08 - 2021-05-24 03:40 - 000362512 _____ (ALPSALPINE Co., Ltd.) C:\WINDOWS\system32\Drivers\ApHidfiltrSW.sys
2021-09-21 22:19 - 2021-09-21 22:19 - 000152788 _____ C:\Users\glass\Downloads\20210915ednac-a.webp
2021-09-21 22:18 - 2021-09-21 22:18 - 000282622 _____ C:\Users\glass\Downloads\FOXmuse Cjones09202021.webp
2021-09-21 22:18 - 2021-09-21 22:18 - 000129786 _____ C:\Users\glass\Downloads\255497_768_rgb.webp
2021-09-21 22:18 - 2021-09-21 22:18 - 000070478 _____ C:\Users\glass\Downloads\255493_768_rgb.webp
2021-09-21 22:07 - 2021-09-21 22:07 - 000102282 _____ C:\Users\glass\Downloads\zombie...brains 255559_768_rgb.webp
2021-09-18 18:51 - 2021-09-18 18:51 - 000000004 ____H C:\ProgramData\cm-lock
2021-09-15 10:25 - 2021-09-15 10:25 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-15 10:25 - 2021-09-15 10:25 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-15 10:25 - 2021-09-15 10:25 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-15 10:25 - 2021-09-15 10:25 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-15 10:25 - 2021-09-15 10:25 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-15 10:25 - 2021-09-15 10:25 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-15 10:24 - 2021-09-15 10:24 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-15 10:24 - 2021-09-15 10:24 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-15 10:24 - 2021-09-15 10:24 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-15 10:24 - 2021-09-15 10:24 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-15 10:24 - 2021-09-15 10:24 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-15 10:24 - 2021-09-15 10:24 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 10:24 - 2021-09-15 10:24 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-15 10:24 - 2021-09-15 10:24 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-15 10:24 - 2021-09-15 10:24 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-15 10:24 - 2021-09-15 10:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-15 10:24 - 2021-09-15 10:24 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-15 10:24 - 2021-09-15 10:24 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-15 10:24 - 2021-09-15 10:24 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-15 10:24 - 2021-09-15 10:24 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-15 10:24 - 2021-09-15 10:24 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-15 10:20 - 2021-09-15 10:20 - 000000000 ___HD C:\$WinREAgent
2021-09-14 17:03 - 2021-09-29 17:42 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-11 18:48 - 2021-09-11 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM
2021-09-11 18:47 - 2021-09-11 18:47 - 000000000 ____D C:\Program Files\GOM
2021-09-10 13:32 - 2021-09-10 13:32 - 000132468 _____ C:\Users\glass\Downloads\reel all sbr090921dAPR.webp
2021-09-09 03:26 - 2021-09-09 03:26 - 000477472 _____ C:\Users\glass\Downloads\GOPStampedeCjones09052021 .webp
2021-09-07 18:17 - 2021-09-07 18:17 - 000525498 _____ C:\Users\glass\Downloads\HowYaDoin Cjones09062021.webp
2021-09-01 09:45 - 2021-09-01 09:45 - 000171764 _____ C:\Users\glass\Downloads\Horse Date no dewormer Screen Shot 2021-08-31 at 7.38.26 AM.webp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-01 10:52 - 2020-07-17 18:44 - 000000000 ____D C:\Users\glass\AppData\Roaming\Slack
2021-10-01 10:51 - 2019-11-22 20:16 - 000000000 ____D C:\Users\glass\AppData\LocalLow\Mozilla
2021-10-01 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-01 10:27 - 2020-10-18 23:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-01 10:12 - 2018-12-20 01:57 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-01 10:11 - 2019-01-15 02:47 - 000000000 ____D C:\Program Files\CCleaner
2021-10-01 10:10 - 2019-11-22 20:16 - 000000000 ____D C:\ProgramData\Mozilla
2021-09-30 16:07 - 2021-04-16 13:54 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-30 16:07 - 2021-04-16 13:54 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-30 16:07 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-30 16:07 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-30 12:07 - 2020-10-18 23:50 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A
2021-09-30 12:07 - 2020-10-18 23:50 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore
2021-09-29 17:44 - 2018-12-22 13:28 - 000000000 ____D C:\Users\glass\AppData\Local\D3DSCache
2021-09-29 17:41 - 2018-12-20 01:53 - 000000000 __SHD C:\Users\glass\IntelGraphicsProfiles
2021-09-29 11:15 - 2018-10-31 10:33 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-28 19:43 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-27 23:39 - 2020-03-31 05:49 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-09-27 23:39 - 2019-11-22 20:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-27 23:32 - 2020-01-24 01:34 - 000000000 ____D C:\Users\glass\CCleaner
2021-09-24 15:09 - 2018-12-20 01:53 - 000000000 ____D C:\Users\glass\AppData\Local\Packages
2021-09-24 10:07 - 2020-07-17 18:44 - 000000000 ____D C:\Users\glass\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Slack Technologies Inc
2021-09-24 10:07 - 2020-07-17 18:44 - 000000000 ____D C:\Users\glass\AppData\Local\SquirrelTemp
2021-09-24 10:07 - 2020-07-17 18:44 - 000000000 ____D C:\Users\glass\AppData\Local\slack
2021-09-24 07:40 - 2018-12-20 01:57 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-22 05:28 - 2020-10-18 23:47 - 000989112 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-22 05:08 - 2018-10-31 10:31 - 000000000 ____D C:\WINDOWS\system32\DellTPad
2021-09-18 20:47 - 2020-11-01 15:08 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-18 18:51 - 2021-05-01 10:20 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-18 18:51 - 2020-10-18 23:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-18 18:51 - 2020-10-18 23:44 - 000573496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-18 18:51 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-09-18 18:51 - 2018-10-31 10:32 - 000291715 _____ C:\WINDOWS\system32\CVFirmwareUpgradeLog.txt
2021-09-18 18:51 - 2018-10-31 10:29 - 000000000 ____D C:\Intel
2021-09-18 18:50 - 2019-12-07 02:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-18 18:50 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-18 18:50 - 2019-12-07 02:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-09-18 18:50 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-15 10:26 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-15 09:09 - 2018-12-21 12:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 09:07 - 2018-12-21 12:28 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-11 18:49 - 2020-03-10 04:40 - 000000000 ____D C:\ProgramData\gom
2021-09-11 18:48 - 2020-03-10 04:39 - 000001792 _____ C:\Users\Public\Desktop\GOM Inspect 2019.lnk
2021-09-09 09:14 - 2020-08-20 23:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-08 18:16 - 2018-10-31 10:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ========

2019-08-22 23:09 - 2019-08-22 23:09 - 000000218 _____ () C:\Users\glass\AppData\Local\recently-used.xbel
2018-12-28 00:00 - 2018-12-28 00:00 - 000007619 _____ () C:\Users\glass\AppData\Local\Resmon.ResmonCfg
2020-09-21 14:12 - 2020-09-21 14:12 - 000001341 _____ () C:\Users\glass\AppData\Local\TempInformationFile.h tml
2020-10-06 22:28 - 2020-10-06 22:28 - 000001870 _____ () C:\Users\glass\AppData\Local\TreehouseSettings.set tings

==================== FLock ==============================

2020-10-18 23:44 C:\Recovery

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Reply With Quote
  #4  
Old October 1st, 2021, 07:12 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
 
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by glass (01-10-2021 10:55:56)
Running from C:\Users\glass\Desktop
Windows 10 Pro for Workstations Version 21H1 19043.1237 (X64) (2020-10-19 06:50:16)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-971104189-752081202-1987908589-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-971104189-752081202-1987908589-503 - Limited - Disabled)
glass (S-1-5-21-971104189-752081202-1987908589-1001 - Administrator - Enabled) => C:\Users\glass
Guest (S-1-5-21-971104189-752081202-1987908589-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-971104189-752081202-1987908589-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3Dconnexion 3DxWare 10 (64-bit) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: 10.4.10 - 3Dconnexion)
3Dconnexion 3DxWinCore (HKLM\...\{CD92B476-BF4C-4DC2-887C-D39FF4EE0BD9}) (Version: 17.4.10.13926 - 3Dconnexion) Hidden
3Dconnexion Add-In for AutoCAD (HKLM\...\{EB569342-E404-4DB9-816C-466FF92D53A1}) (Version: 5.4.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Inventor 11 - 2017 (HKLM\...\{DBF61724-22AA-4A9A-8A4D-F4FDADC92626}) (Version: 2.2.3 - 3Dconnexion) Hidden
3Dconnexion Add-In for Microsoft Office (HKLM\...\{683FCB0B-5C77-46F9-829C-3AD9335BACDD}) (Version: 1.0.1.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Solid Edge V18 - ST9 (HKLM\...\{D128D0E9-8D9E-4D31-9DBA-FAFD987C24A5}) (Version: 3.6.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for SOLIDWORKS 2005 - 2017 (HKLM\...\{1BB04322-291E-4C6C-B306-549715853C77}) (Version: 3.5.0 - 3Dconnexion) Hidden
3Dconnexion Add-On for XSI v5.0 - 2015 (HKLM\...\{9E5FDC2C-276F-4250-880F-81C25FEE214B}) (Version: 3.0.3 - 3Dconnexion) Hidden
3Dconnexion Collage (HKLM-x32\...\{6D236956-B79D-4748-BEA3-A039334A66AB}) (Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Extension for SketchUp (HKLM\...\{F730CFFE-458D-4D18-971C-F54157965701}) (Version: 4.4.3 - 3Dconnexion) Hidden
3Dconnexion LCD Applets for SpacePilot Pro (HKLM\...\{99FE3AF1-F974-47EC-BFA4-02BBE44DFDA0}) (Version: 1.5.0 - 3Dconnexion) Hidden
3Dconnexion Navigation Library Server (HKLM-x32\...\{BE7F54CF-5F72-4828-8122-F72E6F311903}) (Version: 1.2.1.13943 - 3Dconnexion) Hidden
3Dconnexion Plug-In for 3ds Max 2008 - 2017 (HKLM\...\{CB9FE40F-C67F-42C6-8A9F-F99DD6A3D917}) (Version: 6.2.1 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Acrobat 3D (HKLM-x32\...\{B3637B48-A6EA-41DD-B8A6-8382D0E4A62F}) (Version: 1.4.1 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Maya v8.5 - 2016 Extension 2 (HKLM\...\{C56A555B-3BB8-4AB3-9931-77B807E25C79}) (Version: 5.2.2 - 3Dconnexion) Hidden
3Dconnexion Plug-In for NX v4.0 - v11.0 (HKLM\...\{200F03BC-57F8-4CC9-8D1A-24B8B1A05685}) (Version: 3.4.7 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop CS3 - CS6, CC and CC 2014 - 2017 (HKLM\...\{227524A3-FA07-46E8-B5AC-63367A806A85}) (Version: 2.8.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 4.0 (HKLM\...\{EAA1D6A8-9783-406B-A650-D264BE8AAC8D}) (Version: 2.3.5 - 3Dconnexion) Hidden
3Dconnexion Trainer (HKLM-x32\...\{E29B381E-7F12-4701-AB4B-DF58B5650C1E}) (Version: 3.2.4 - 3Dconnexion) Hidden
3Dconnexion Viewer and Assembly Demo (HKLM-x32\...\{4C612291-7F70-4478-B2B5-3700578EE250}) (Version: 0.9.4.0 - 3Dconnexion) Hidden
3DEXPERIENCE Marketplace for SOLIDWORKS (HKLM\...\{0060450C-5B44-424B-BD42-559F2A5D820A}) (Version: 6.29.188 - Dassault Systemes SolidWorks Corp)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{685A56F8-75B6-44AD-B3DA-FB0A3266B47C}) (Version: 9.0.28.0 - Adobe Systems, Inc.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.61.1 - Asmedia Technology)
Autodesk Fusion 360 (HKU\S-1-5-21-971104189-752081202-1987908589-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.8950 - Autodesk, Inc.)
Blender (HKLM\...\{8147BEDC-AA13-4C38-A632-585FCB30C445}) (Version: 2.83.5 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BRL-CAD (HKU\S-1-5-21-971104189-752081202-1987908589-1001\...\BRLCAD) (Version: 7.26.0 - BRL-CAD Development Team)
Cam33UService Driver & Tools version 4.5.0.1354 (HKLM-x32\...\Cam33UService_is1) (Version: 4.5.0.1354 - The Imaging Source Europe GmbH)
Camtasia 2018 (HKLM\...\{B709B962-53AA-446A-A733-95D1A6C5DE50}) (Version: 18.0.7.4045 - TechSmith Corporation) Hidden
Camtasia 2018 (HKLM-x32\...\{5fd4f6d8-26d6-43b6-9b95-116b69ee0a69}) (Version: 18.0.7.4045 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-971104189-752081202-1987908589-1001\...\ActiveTouchMeetingClient) (Version: 40.7.0 - Cisco Webex LLC)
CodeMeter Runtime Kit v6.90 (HKLM\...\{7BBBA7C2-4A89-4DCC-833C-232373CD003E}) (Version: 6.90.3691.500 - WIBU-SYSTEMS AG)
Creo Sketch 2.0 (HKLM-x32\...\{B805E42C-1702-454E-9798-E6AD28C3358D}) (Version: 2.0.0.0 - PTC)
Dell Command | Update for Windows 10 (HKLM\...\{4CCADC13-F3AE-454F-B724-33F6D4E52022}) (Version: 4.2.1 - Dell Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{0C642DDD-65AD-4408-BE4A-5ED6CB441893}) (Version: 4.12.5.8 - Broadcom Limited)
Dell Data Vault (64 bit) (HKLM\...\{4F2BFA60-E4F6-4BC4-9DAC-19E5A5E01ACA}) (Version: 5.5.1.906 - Dell) Hidden
Dell Digital Delivery Service (HKLM-x32\...\{66E2407E-9001-483E-B2AA-7AEF97567143}) (Version: 3.6.1005.0 - Dell Products, LP)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.9.0 - Dell Inc.)
Dell Precision Optimizer Application (HKLM-x32\...\{D66A3355-FEA4-4F60-8BAF-D6CBEDB396D8}) (Version: 6.4.5 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.216 - ALPSALPINE CO., LTD.)
Dynamic Application Loader Host Interface Service (HKLM\...\{79DD0F5D-7B7F-40D2-AB07-230DA018224E}) (Version: 1.0.0.0 - Intel Corporation) Hidden
FreeCAD 0.19.2 (HKLM\...\FreeCAD0192) (Version: 0.19.2 - FreeCAD Team)
GOM Software 2019 (HKLM\...\GOM 2019) (Version: 2019 (2019.0.8.131186) - GOM GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.61 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.17.0.19796 (HKU\S-1-5-21-971104189-752081202-1987908589-1001\...\GoToMeeting) (Version: 10.17.0.19796 - LogMeIn, Inc.)
Inkscape 0.92.3 (HKLM-x32\...\Inkscape) (Version: 0.92.3 - Inkscape Project)
InSpec for Windows (HKLM\...\{6857c2a1-7250-4638-8700-5d33cdca8408}) (Version: 2.103.1.14942 - Micro-Vu Corporation) Hidden
InSpec for Windows (HKLM-x32\...\InstallShield_{6857c2a1-7250-4638-8700-5d33cdca8408}) (Version: 2.103.1.14942 - Micro-Vu Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.377 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2117.15.0.2272 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2020.7 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c3964069-17c1-45dd-85a5-949576ceeaa3}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{EEA36044-96B5-4E2A-AC59-3FC742EEDEF4}) (Version: 17.5.9.1040 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{263d87d0-9772-40be-ab36-eabbdbff49f7}) (Version: 21.20.1 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{f4788713-080d-49b0-919d-cd035cf9bf14}) (Version: 22.30.0.11 - Intel Corporation) Hidden
KeyShot 8 (HKLM\...\KeyShot 8) (Version: 8.2 - Luxion ApS)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Mastercam 2020 Demo-HLE (HKLM\...\{BB37FC3B-A6AF-4F9C-A0A5-8112E0560F6F}) (Version: 22.0.18285.20 - CNC Software, Inc.) Hidden
Mastercam 2020 Demo-HLE (HKLM-x32\...\Mastercam 2020 Demo-HLE) (Version: 22.0.18285.20 - CNC Software, Inc.)
Mastercam X7 (HKLM\...\{ADB4592E-FEFB-40B3-9536-70308925096C}) (Version: 16.0.8.0 - CNC Software, Inc.)
Mastercam X7 Art 64 Bit (HKLM\...\{08F30179-33BC-400E-8892-E85C69106DE9}) (Version: 16.0.5.5 - CNC Software, Inc.)
MatConvert 8.8.0.12 (x64) (HKLM\...\{B2DB1E36-55B0-42E3-9C39-0617CC63BDF1}) (Version: 8.8.0.12 - Materialise)
Materialise Local License Server 7 (HKLM\...\{CDA3BBF8-99FD-459A-A3F1-9CD13F3BB816}) (Version: 7.0.1.20 - Materialise)
Materialise MiniMagics 23.5 (HKLM\...\{E2FE8376-4272-45D7-8A4E-9CA27CCB1F78}) (Version: 23.5.0.18 - Materialise) Hidden
Materialise MiniMagics 23.5 (HKLM-x32\...\{8380a43a-a3d5-470a-9fab-b3979533db5b}) (Version: 23.5.0.18 - Materialise)
MeshLab 2020.07 (HKLM-x32\...\MeshLab) (Version: 2020.07 - Paolo Cignoni - VCG - ISTI - CNR)
Meshmixer (HKLM\...\Meshmixer_x64) (Version: 3.5 - Autodesk, Inc.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.37 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.37 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{50D6B005-B0D6-425F-953B-01331E2C7FCB}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-971104189-752081202-1987908589-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{EBB05812-AB75-4928-8903-E0EC1570BFCB}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{6CC673B9-F743-47AD-8962-C00CA5300016}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1096.130 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.3.6024.0 - Microsoft Corporation)
Minitab 20 (HKLM\...\{55100CDC-052E-4040-BD91-1565DABA5807}) (Version: 20.2.0.0 - Minitab, LLC) Hidden
Minitab Statistical Software (x64) - 20.2.0.0 (HKLM\...\Minitab 20 20.2.0.0) (Version: 20.2.0.0 - Minitab, LLC)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 92.0.1 (x64 en-US)) (Version: 92.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
MUS (HKLM-x32\...\MUS) (Version: 7.0 - Revware)
NCPlot v2.26 (HKLM-x32\...\NCPlot_is1) (Version: - NCPlot Software LLC)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.7 - Notepad++ Team)
NVIDIA Graphics Driver 462.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.55 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenOffice 4.1.10 (HKLM-x32\...\{D909483F-780E-4232-9313-4C24A1B09BE8}) (Version: 4.110.9807 - Apache Software Foundation)
Pathio 0.6.3-beta4 (only current user) (HKU\S-1-5-21-971104189-752081202-1987908589-1001\...\6e0ee89c-64b5-502c-9628-c3df9c38e7eb) (Version: 0.6.3-beta4 - E3D Skunkworks Ltd)
PC-DMIS 2021.1 64-bit English Help (release)-English Language Pack (HKLM\...\{EAA8A2D9-A7C3-4500-862F-E41CF033BFEC}) (Version: 16.1.89.0 - Hexagon) Hidden
PC-DMIS 2021.1 English Help (HKLM-x32\...\{1dd77fc7-1376-4df3-8cdc-938831e02d74}) (Version: 16.1.89.0 - Hexagon)
PolyWorks|Reviewer(TM) 2019 IR6 (HKLM\...\{2286E222-9928-4E88-BFBD-0B62D9735C96}) (Version: 19.6.4198 - InnovMetric Software Inc.)
PreForm 3.11.1 (HKLM-x32\...\PreForm-3.11.1) (Version: 3.11.1 - Formlabs)
ProtoTRAK RX Offline version 2.0.0 (HKLM-x32\...\ProtoTRAK RX Offline_is1) (Version: 2.0.0 - Southwestern Industries, Inc)
PTC Creo Elements/Direct Modeling Express 6.0 ( x64 ) (HKLM\...\{6F60E51A-EA36-4E70-B21A-2A262C622BBE}) (Version: 60.0.00392 - Parametric Technology GmbH)
PTC Creo Player (HKLM\...\{23F6FB7C-C1E2-491B-91A1-0441D5191BC8}) (Version: 9.1.7.25871 - Numecent, Inc.)
RapidWorks64 2.3 (HKLM\...\{1BF22BFA-293A-4431-9CF2-0DB8FF28B4E7}) (Version: 3.25.0100 - INUS Technology, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8838.1 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2277 - Realtek Semiconductor Corp.)
SA CAD Validation Installer (HKLM-x32\...\{5FF98699-57CE-4756-9B83-954492FD9EFC}) (Version: 17.06.13 - New River Kinematics)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Sentinel Protection Installer 7.6.9 (HKLM-x32\...\{FF9C78D7-858D-4B49-A4B6-847638353AFE}) (Version: 7.6.9 - SafeNet, Inc.)
Service Pack 3 for SQL Server 2014 (KB4022619) (64-bit) (HKLM\...\KB4022619) (Version: 12.3.6024.0 - Microsoft Corporation)
Slack (HKU\S-1-5-21-971104189-752081202-1987908589-1001\...\slack) (Version: 4.20.0 - Slack Technologies Inc.)
SOLIDWORKS 2020 SP03 (HKLM\...\{3F4681F3-B30B-4531-ADB2-3661B531F926}) (Version: 28.130.0086 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2020 SP03 (HKLM-x32\...\SolidWorks Installation Manager 20200-40300-1100-100) (Version: 28.3.0.86 - SolidWorks Corporation)
SOLIDWORKS CAM 2020 SP03 (HKLM\...\{4DFF26A7-85C6-4495-ADE0-54FDF9AB6F31}) (Version: 28.30.0086 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Composer 2020 SP03 (HKLM\...\{85C65312-5967-431C-817F-6A5DF2B5FCAB}) (Version: 28.30.0086 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2020 SP03 (HKLM\...\{B21DE16A-42B5-46A8-A905-59579C7E70C4}) (Version: 28.30.0025 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Electrical 2020 SP03 (HKLM\...\{E7D5B3A8-396F-4073-86B0-9899879888D0}) (Version: 28.30.0086 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Flow Simulation 2020 SP03 (HKLM\...\{5C774D0E-6ED5-41E6-BF46-5E97C5D3EBF2}) (Version: 28.30.0087 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS PCB 2020 SP03 (HKLM\...\{3B9DEFE8-0E9D-4203-947B-C15C18FC463C}) (Version: 28.30.0086 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Plastics 2020 SP03 (HKLM\...\{DB735F3C-98A6-4F88-B7FC-F2609F18150E}) (Version: 28.30.0086 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Visualize 2020 SP03 (HKLM\...\{9963E472-2AFC-46A4-B128-D9926F267B80}) (Version: 28.30.0086 - Dassault Systemes SolidWorks Corp) Hidden
Sound Organizer (HKLM-x32\...\{53F7486D-41B5-4117-8914-A85B0DBDDC07}) (Version: 1.4.0.11260 - Sony Corporation)
SpatialAnalyzer 2020.07.20_67800 (remove only) (HKLM-x32\...\SpatialAnalyzer 2020.07.20_67800) (Version: 2020.07.20_67800 - New River Kinematics)
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.3.6024.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0092 - ST Microelectronics)
ST Microelectronics 3 Axis Digital Accelerometer Solution version 4.10.0104 (HKLM\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}_is1) (Version: 4.10.0104 - ST Microelectronics)
TeighaX 3.09 (HKLM-x32\...\{3D63579F-2398-418B-9227-A852FB201D2D}) (Version: 3.9.0 - Open Design Alliance)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Tracker Utilities (HKLM-x32\...\{6B266EDB-086B-4A52-82FB-8B3FE93DB397}) (Version: 3.1.0 - )
TurboTax 2019 (HKLM-x32\...\TurboTax 2019) (Version: 2019.0 - Intuit, Inc)
Unity (HKLM-x32\...\Unity) (Version: 2020.1.6f1 - Unity Technologies ApS)
Unity Hub 2.4.1 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.4.1 - Unity Technologies Inc.)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
VERICUT Reviewer 9.0 (HKLM\...\VERICUT Reviewer 9.0) (Version: 9.0.0.0 - CGTech)
Verisurf 2020 LE (HKLM\...\{C9C72D8E-B08F-456E-913B-5E0CC9D6983B}) (Version: 20.0.40 - Verisurf Software, Inc.)
Verisurf Device Interface (HKLM-x32\...\Verisurf Device Interface) (Version: 3.44.07 - Verisurf Software Inc.)
Visual Studio Community 2017 (HKLM-x32\...\3a7ecb76) (Version: 15.9.28307.481 - Microsoft Corporation)
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1) (Version: 1.1.70.1 - LunarG, Inc.) Hidden
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Driver Package - Micro-Vu (WinUSB) MicrovuBulkDeviceClass (12/15/2017 1.4.10638) (HKLM\...\802DF85C83A0268323BFB13DAC9FBB4AE69C7F78 ) (Version: 12/15/2017 1.4.10638 - Micro-Vu)
Windows Driver Package - Micro-Vu Corporation (mvusbak) MICROVU (04/29/2014 1.9.6.34) (HKLM\...\DA36A4F288EF967CA3AB3C99CC7518D6809F8100 ) (Version: 04/29/2014 1.9.6.34 - Micro-Vu Corporation)
Windows Driver Package - The Imaging Source Europe GmbH (USBCONV_CONEXANT_TIS) Image (10/16/2017 1.1.8.185) (HKLM\...\7CF092CD0B64D0E927C3008990455415B1B848B3 ) (Version: 10/16/2017 1.1.8.185 - The Imaging Source Europe GmbH)
Windows Driver Package - The Imaging Source Europe GmbH (UVC) Image (08/19/2019 2.9.8.2001) (HKLM\...\0952892502E10A76FFD70EDD41447E4DC15AFD62 ) (Version: 08/19/2019 2.9.8.2001 - The Imaging Source Europe GmbH)
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
Wings 3D 2.2.5 (HKLM-x32\...\Wings 3D 2.2.5) (Version: - )
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
Zoom (HKU\S-1-5-21-971104189-752081202-1987908589-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

Packages:
=========
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_4.2.2. 0_x86__htrsf667h5kn2 [2021-06-11] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0. 92.0_x64__htrsf667h5kn2 [2021-08-10] (Dell Inc)
Dell Free Fall Data Protection -> C:\Program Files\WindowsApps\STMicroelectronicsMEMS.DellFreeF allDataProtection_1.0.26.0_x64__rp6h1c31mfy1y [2021-06-20] (STMICROELECTRONICS S.R.L.)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.9.11. 0_x64__htrsf667h5kn2 [2021-06-06] (Dell Inc)
Dell Precision Optimizer -> C:\Program Files\WindowsApps\DellInc.DellPrecisionOptimizer_6 .4.5.0_x64__htrsf667h5kn2 [2020-10-20] (Dell Inc)
Dell PremierColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellPremierColo r_6.0.152.0_x64__2dgmkzkw4h30c [2021-08-23] (Portrait Displays) [Startup Task]
Dell Touchpad Assistant -> C:\Program Files\WindowsApps\C1E561A0.DellTouchpadAssistant_1 .1.9.0_x64__ay1pycd334gd6 [2019-06-28] (ALPS Comm. Devices Tech. (SH) Co., Ltd)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.3370.0_x64__8j3eq9eme6ctt [2021-07-22] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_ 3.3.0.0_x64__8j3eq9eme6ctt [2020-02-18] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.181 0.0_x64__8wekyb3d8bbwe [2021-03-05] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.53.42632.0_x64 __8wekyb3d8bbwe [2021-09-23] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10913.57 85.0_x64__8wekyb3d8bbwe [2021-09-23] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1. 0.42152.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation)
Network Speed Test -> C:\Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0 .23_x64__8wekyb3d8bbwe [2018-12-20] (Microsoft Research)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8. 1.961.0_x64__56jybvy8sckqj [2021-05-27] (NVIDIA Corp.)
Office Lens -> C:\Program Files\WindowsApps\Microsoft.OfficeLens_16.0.32001. 0_x86__8wekyb3d8bbwe [2020-10-01] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_ 1.0.0.0_x64__8wekyb3d8bbwe [2021-02-14] (Microsoft Corporation)
VitalSource Bookshelf -> C:\Program Files\WindowsApps\VitalSourceTechnologiesIn.VitalS ourceBookshelf_10.0.36.0_x64__wasrd15zsyawm [2021-08-06] (VitalSource Technologies Inc)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforD ell_1.1.131.0_x64__fh4rh281wavaa [2021-06-20] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-971104189-752081202-1987908589-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wav esapo75de.inf_amd64_9e45e2d5613ef7ef\MaxxAudioPro. exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-971104189-752081202-1987908589-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\glass\AppData\Local\Autodesk\webdeploy\pr oduction\4143a7d9c7cd58a0f86968fd3809be3e34945ca1\ NPreview10.dll (Autodesk, Inc. -> )
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.d ll [2019-12-10] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.d ll [2019-12-10] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvd m.inf_amd64_9576e19559bd6524\nvshext.dll [2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\glass\Desktop\MGED.lnk -> C:\Users\glass\Documents\BRLCAD 7.26.0\bin\mged.bat ()
Shortcut: C:\Users\glass\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\CGTech VERICUT Reviewer 9.0\VERICUT Reviewer 9.0.lnk -> C:\Program Files\CGTech\Reviewer 9.0\windows64\commands\reviewer.bat ()
Shortcut: C:\Users\glass\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\BRL-CAD\MGED.lnk -> C:\Users\glass\Documents\BRLCAD 7.26.0\bin\mged.bat ()
Shortcut: C:\Users\Public\Desktop\Creo Sketch 2.0.lnk -> C:\Program Files (x86)\PTC\Creo 2.0\Sketch\sketch.bat ()
Shortcut: C:\Users\Public\Desktop\VERICUT Reviewer 9.0.lnk -> C:\Program Files\CGTech\Reviewer 9.0\windows64\commands\reviewer.bat ()

==================== Loaded Modules (Whitelisted) =============

2017-03-17 17:33 - 2017-03-17 17:33 - 000009728 _____ () [File not signed] [File is in use] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\TDx.Profile Server.dll
2021-05-15 01:17 - 2018-11-27 13:30 - 000508416 _____ () [File not signed] C:\Program Files (x86)\The Imaging Source Europe GmbH\Cam33U Driver\service_bin\dutils_img_pipe.dll
2021-09-11 18:48 - 2020-09-10 04:06 - 000090112 _____ () [File not signed] C:\Program Files\GOM\2019\bin\zip.dll
2021-09-11 18:48 - 2020-09-10 04:06 - 000942080 _____ () [File not signed] C:\Program Files\GOM\2019\bin\zlib.dll
2017-03-17 17:39 - 2017-03-17 17:39 - 000182272 _____ () [File not signed] C:\WINDOWS\SYSTEM32\SPWINI.dll
2017-03-17 17:39 - 2017-03-17 17:39 - 000536576 _____ (3Dconnexion, Inc) [File not signed] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\en-US\3DxService.dll
2017-03-17 17:41 - 2017-03-17 17:41 - 000424960 _____ (3Dconnexion, Inc) [File not signed] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\UdDev\HIDDe v.dll
2017-03-17 17:39 - 2017-03-17 17:39 - 000115712 _____ (3Dconnexion, Inc) [File not signed] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\UdTrans\3Dx NLServerTrans.dll
2017-03-17 17:38 - 2017-03-17 17:38 - 000166912 _____ (3Dconnexion, INC) [File not signed] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\UdTrans\kmj trans.dll
2017-03-17 17:39 - 2017-03-17 17:39 - 000265728 _____ (3Dconnexion, INC) [File not signed] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\UdTrans\mwm trans.dll
2017-03-17 17:38 - 2017-03-17 17:38 - 000229376 _____ (3Dconnexion, Inc) [File not signed] C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\UdTrans\s80 trans.dll
2018-10-08 17:12 - 2018-10-08 17:12 - 002172416 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Common Files\Materialise\LicenseFiles6\log4cxx.dll
2020-05-08 21:57 - 2020-05-08 21:57 - 000205312 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swccu.dll
2020-05-08 19:53 - 2020-05-08 19:53 - 000210432 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SWLoginClientCLR.dll
2020-05-08 19:52 - 2020-05-08 19:52 - 000019968 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\win7helperbaseu.dll
2021-09-11 18:48 - 2020-09-10 04:06 - 000252416 _____ (Intel Corporation) [File not signed] C:\Program Files\GOM\2019\bin\tbb.dll
2017-09-28 18:41 - 2017-09-28 18:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2021-05-15 01:17 - 2018-11-27 13:31 - 000100864 _____ (The Imaging Source Europe GmbH) [File not signed] C:\Program Files (x86)\The Imaging Source Europe GmbH\Cam33U Driver\amd64\Cam33UServicePS.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMPA934DDA [354]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========
Reply With Quote
  #5  
Old October 1st, 2021, 07:13 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
 
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMPA934DDA [354]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-971104189-752081202-1987908589-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-971104189-752081202-1987908589-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-971104189-752081202-1987908589-1001 -> DefaultScope {0C834182-E273-44A4-9309-389CF930528F} URL =
SearchScopes: HKU\S-1-5-21-971104189-752081202-1987908589-1001 -> {0C834182-E273-44A4-9309-389CF930528F} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 16:38 - 2018-04-11 16:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-971104189-752081202-1987908589-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\facets.120.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{047E69A8-58CA-42A0-B712-236703B25F1E}] => (Allow) LPort=8028
FirewallRules: [{868DC439-4DDF-4A1A-A411-13EB8015EDE8}] => (Block) C:\program files (x86)\prototrak\rx-offline\simui\simui.exe (SWI) [File not signed]
FirewallRules: [{13D26A4D-E592-4872-8711-C89283ECE5FC}] => (Block) C:\program files (x86)\prototrak\rx-offline\simui\simui.exe (SWI) [File not signed]
FirewallRules: [UDP Query User{63393A9C-FB6F-4893-ADF1-7AEC2053F618}C:\program files (x86)\prototrak\rx-offline\simui\simui.exe] => (Allow) C:\program files (x86)\prototrak\rx-offline\simui\simui.exe (SWI) [File not signed]
FirewallRules: [TCP Query User{5A4FB355-6128-49C4-B110-B85FB4B67C01}C:\program files (x86)\prototrak\rx-offline\simui\simui.exe] => (Allow) C:\program files (x86)\prototrak\rx-offline\simui\simui.exe (SWI) [File not signed]
FirewallRules: [{CF833B2F-E111-4D86-A6B1-6C0B5B04A374}] => (Allow) LPort=8028
FirewallRules: [{FA7A3DC7-F662-47DD-8C20-4FB0A5E35C4C}] => (Block) C:\Program Files\Unity\Hub\Editor\2020.1.6f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{6744EA6B-90B3-4EAD-861A-3EA919EE3E0E}] => (Allow) C:\Program Files\Unity\Hub\Editor\2020.1.6f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{3DF1E260-E05D-485C-8ADF-095C41FA7305}] => (Block) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{23977200-E9EE-4857-98F9-F434C696A677}] => (Block) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{F0EDEC4A-86E7-4447-9154-5C2A0359C71A}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{C499C916-DBDB-4582-9B1D-B798F5273F10}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{1799404A-C3E1-4967-90D5-04C1D1E897D1}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{5CF70018-E7AB-488C-BB96-EEF038930FA0}] => (Allow) C:\Program Files (x86)\New River Kinematics\SpatialAnalyzer 2020.07.20_67800\SA Laser Trackers.exe (NRK) [File not signed]
FirewallRules: [{B03618FA-4A4A-431F-B016-D06A9A9FFE66}] => (Allow) C:\Program Files (x86)\New River Kinematics\SpatialAnalyzer 2020.07.20_67800\SA Laser Trackers.exe (NRK) [File not signed]
FirewallRules: [{39F3B348-EDDD-4E0B-8E7F-8CA514FF193F}] => (Allow) C:\Program Files (x86)\New River Kinematics\SpatialAnalyzer 2020.07.20_67800\SA Laser Trackers.exe (NRK) [File not signed]
FirewallRules: [{8509FD45-A07C-4857-9DE1-3CE733DBA196}] => (Allow) C:\Program Files (x86)\New River Kinematics\SpatialAnalyzer 2020.07.20_67800\SA Laser Trackers.exe (NRK) [File not signed]
FirewallRules: [{31493697-3B02-47FC-B4B7-BDAFC30AFC0C}] => (Allow) C:\Program Files (x86)\New River Kinematics\SpatialAnalyzer 2020.07.20_67800\x64\Spatial Analyzer64.exe (New River Kinematics) [File not signed]
FirewallRules: [{14FFF9FC-B9DF-44C0-AFDC-53B2F8133B10}] => (Allow) C:\Program Files (x86)\New River Kinematics\SpatialAnalyzer 2020.07.20_67800\x64\Spatial Analyzer64.exe (New River Kinematics) [File not signed]
FirewallRules: [{1B4D51DC-E65A-4C14-8929-9168294B62F8}] => (Allow) C:\Program Files (x86)\New River Kinematics\SpatialAnalyzer 2020.07.20_67800\x64\Spatial Analyzer64.exe (New River Kinematics) [File not signed]
FirewallRules: [{5691BA08-C622-4555-8370-6ABB4EC6993F}] => (Allow) C:\Program Files (x86)\New River Kinematics\SpatialAnalyzer 2020.07.20_67800\x64\Spatial Analyzer64.exe (New River Kinematics) [File not signed]
FirewallRules: [UDP Query User{F13AC977-2C68-4758-8968-64BA590BF772}C:\program files (x86)\new river kinematics\spatialanalyzer 2020.07.20_67800\systemanalyzer.exe] => (Allow) C:\program files (x86)\new river kinematics\spatialanalyzer 2020.07.20_67800\systemanalyzer.exe (New River Kinematics) [File not signed]
FirewallRules: [TCP Query User{151D1619-65EC-4E85-A2E4-10BE880D593D}C:\program files (x86)\new river kinematics\spatialanalyzer 2020.07.20_67800\systemanalyzer.exe] => (Allow) C:\program files (x86)\new river kinematics\spatialanalyzer 2020.07.20_67800\systemanalyzer.exe (New River Kinematics) [File not signed]
FirewallRules: [{8720EF7D-089C-4F29-B4C5-6F9491BD6D6E}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet Canada, Inc. -> SafeNet, Inc.)
FirewallRules: [{6C640F26-80D1-4E6C-85F7-432CB173CDDA}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet Canada, Inc. -> SafeNet, Inc.)
FirewallRules: [{288B7CEC-DD47-408D-B5C5-9E85569BBEBF}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet Canada, Inc. -> SafeNet, Inc)
FirewallRules: [{58121059-8E01-4FD0-9AD4-05FD6C5992A5}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet Canada, Inc. -> SafeNet, Inc)
FirewallRules: [{0413E60C-B297-445C-8C35-ECD02AFCE382}] => (Block) C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{DC4F0999-66BB-4284-9B6B-7ED86596F8A5}] => (Block) C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [UDP Query User{525A5289-FA9B-480B-9594-5D3DA6A383C3}C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe] => (Allow) C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [TCP Query User{16526254-7A59-4BC0-BFD6-747D2005C8FA}C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe] => (Allow) C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{29901930-5896-4C1E-A278-8E2348ACE346}] => (Allow) LPort=8028
FirewallRules: [{2B80F6F1-6031-4479-ADEF-C48D10A0A4A9}] => (Allow) LPort=8028
FirewallRules: [{F32CC4CC-0607-48E4-B1DE-B7B38993EB33}] => (Allow) LPort=8028
FirewallRules: [{DD411FE0-8E0E-4456-8AAF-E43CDE02C095}] => (Allow) LPort=8028
FirewallRules: [{568B5778-6937-4A18-80E9-C2E297595090}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FBA282F8-7EA7-4917-ACAA-E84F04E0F072}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8927D28C-6E69-48C2-90F6-E242AFC3781A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7CFAFAE9-95BF-4EC6-B9D9-F0BD85815AAF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F2FB948D-915A-4409-BC7C-A6FDC5978ACC}] => (Allow) LPort=33666
FirewallRules: [{8A2C700E-308A-4A16-886F-291EA843A67D}] => (Allow) C:\Program Files (x86)\FARO\Tracker Utilities\Tracker Utilities.exe (FARO Technologies) [File not signed]
FirewallRules: [{9AF95930-D37B-4A0B-831D-F9C706B48FF6}] => (Allow) C:\Program Files (x86)\Verisurf Device Interface\ScanWorksApi.exe (Verisurf Software Inc.) [File not signed]
FirewallRules: [{C8C11CB5-21E7-4D42-B4FF-BFE80972EDC6}] => (Allow) C:\Program Files (x86)\Verisurf Device Interface\LeicaAT_LMF.exe (Verisurf Software Inc.) [File not signed]
FirewallRules: [{06617726-2B72-4236-A6B5-218F644ABC6C}] => (Allow) C:\Program Files (x86)\Verisurf Device Interface\Faro\FaroTrackerApp.exe (Verisurf Software Inc) [File not signed]
FirewallRules: [{4BA1D869-7D63-4AB1-B2FA-D0F7B493C14D}] => (Allow) C:\Program Files (x86)\FARO\Tracker Utilities\jre\bin\javaw.exe
FirewallRules: [{1A384B50-7688-4A08-87ED-FAA6014FF7E6}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{9A15C55E-955C-4B02-9410-65B64D6B77D1}] => (Allow) C:\Program Files\KeyShot8\bin\keyshot_daemon.exe (Luxion, Inc. -> )
FirewallRules: [{9F7B7AA4-4E9D-42EF-BEBE-4BE0ED5A49F5}] => (Allow) C:\Program Files\KeyShot8\bin\keyshot.exe (Luxion, Inc. -> Luxion)
FirewallRules: [{E2B6C1C4-7669-4E3A-9912-E8FA3ED7FA9B}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{9BFF462B-74A9-41BA-9CAF-1CADC6DAAB96}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{301D06B3-6EC3-49E4-B89C-1106E632FA91}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{EE1388D4-0691-4924-AE4C-E2D22301D065}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{110BFE0E-0562-4563-B0C7-0CC2A01FCE28}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{CED82C18-4F75-4E64-A1A9-0E581E8BFBAA}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{13501BA1-B255-4887-AFD6-71BAB20C3E3A}] => (Allow) C:\Users\glass\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{1E2C44B6-C0ED-4037-8C1A-496786E99FEE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{89CAD614-6533-48F5-9AA2-72E80922DF29}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{012C2FE1-6E01-44A4-A25E-A31890B002BE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A6961E24-1BAE-4A36-BE2F-66EFAAB62C59}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{03680137-12E3-4DA7-A1CA-CDF03C1F16B5}] => (Allow) C:\Users\glass\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BD31E1E9-B696-4DE8-A050-E1E3CE2403AD}] => (Allow) LPort=8319
FirewallRules: [{545C6460-C53C-47E5-A7A9-49336712D18E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{C3C28659-0081-4A3E-A496-E3108364C055}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{493D0A92-BBF9-44F2-80F3-458F4B51EE7F}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{F546361B-511F-4726-B562-9A7B3E081C17}] => (Block) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{D3343947-C0F1-4BFB-BB6B-F2AA483CF218}] => (Allow) C:\Windows\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.)
FirewallRules: [{13BF190B-7E46-45B0-BECB-F4B96D2CE685}] => (Allow) LPort=8028
FirewallRules: [{3499F4F9-36B3-45D6-97F7-29F2781EC550}] => (Allow) LPort=8028
FirewallRules: [{C6376B5F-A650-4ACF-9605-A268A2A4CB2A}] => (Allow) LPort=8028
FirewallRules: [{02BEC508-CE62-486B-B165-A8C535FC8CB7}] => (Allow) LPort=8028
FirewallRules: [{F741AA75-C738-4A01-A2D8-E8D88F3E8DE6}] => (Allow) LPort=8028
FirewallRules: [{9069CB08-34F6-4FA0-8A8F-A637A23BE628}] => (Allow) LPort=8028
FirewallRules: [{53168F71-7653-413A-BE93-537B06D836D1}] => (Allow) LPort=8028
FirewallRules: [{7D7B2845-01FC-4C99-A80F-D472B5864055}] => (Allow) LPort=8028
FirewallRules: [{9705CCAE-3FF2-4B42-8489-6F8ADE9486F8}] => (Allow) LPort=8028
FirewallRules: [{63983403-F413-4F3D-9C2A-79F856954D0B}] => (Allow) LPort=8028
FirewallRules: [{F7F8D5EA-CD22-4002-B5F6-0958F90E7796}] => (Allow) LPort=8028
FirewallRules: [{605B5D01-32C2-452D-9E89-7122CA88A3EE}] => (Allow) LPort=8028
FirewallRules: [{BD892F02-76B8-4C6A-8967-FDFFDDD26224}] => (Allow) LPort=8028
FirewallRules: [{F4FFF38D-360B-4CD2-963B-D03D3F01285E}] => (Allow) LPort=8028
FirewallRules: [{9F1BFB5A-29C2-482B-B94B-B83508AB49DD}] => (Allow) LPort=8028
FirewallRules: [{83CC9A93-E365-46AB-AC07-CDB99A70FDA2}] => (Allow) LPort=8028
FirewallRules: [{73A11D0C-220D-41D8-9BFA-C8E3E04EC243}] => (Allow) LPort=8028
FirewallRules: [{1E21736E-0962-4017-B8D5-E2B8807B9F8F}] => (Allow) LPort=8028
FirewallRules: [{76B44919-48CC-4F69-8495-E34E266C6D09}] => (Allow) LPort=8028
FirewallRules: [{E963D829-472C-42BC-8295-496C720EA38B}] => (Allow) LPort=8028
FirewallRules: [{B71D9DBF-9347-45B9-B29D-5069962A2B99}] => (Allow) LPort=8028
FirewallRules: [{FA22F126-382E-48EB-A4C3-71BD397A001D}] => (Allow) LPort=8028
FirewallRules: [{1F686903-C18B-45AD-A685-E39152FC77E7}] => (Allow) LPort=8028
FirewallRules: [{7FB3ADF1-E5B4-4459-A075-B4CFF5B1CE28}] => (Allow) LPort=8028
FirewallRules: [{60A32A36-50EA-4A2D-BEFB-AB4A646B6881}] => (Allow) LPort=8028
FirewallRules: [{ABF40AEE-ED6D-4DFD-8D8C-D3B2B41A5FB2}] => (Allow) LPort=8028
FirewallRules: [{B12B8820-7752-4C1C-8D09-428B04828869}] => (Allow) LPort=8028
FirewallRules: [{49457531-BB35-4535-BB99-8FF1CBA80DA8}] => (Allow) LPort=8028
FirewallRules: [{45B88370-8837-488B-95F7-B30AE984929B}] => (Allow) LPort=8028
FirewallRules: [{5B86806F-0329-4FE5-B4E2-75239CECDD7F}] => (Allow) LPort=8028
FirewallRules: [{53D87EB5-0B41-4F91-850C-6CD851F7D45D}] => (Allow) LPort=8028
FirewallRules: [{021C48B5-DD67-4A94-A696-90D5E0A65FB1}] => (Allow) LPort=8028
FirewallRules: [{D8D41CCC-DE79-4DCE-9D41-523F83C2A024}] => (Allow) LPort=8028
FirewallRules: [{CF39CD2A-EEAD-4CB7-82CB-EE338A52CCAA}] => (Allow) LPort=8028
FirewallRules: [{F001CAA4-FAFD-4571-BA45-1FFA650D8814}] => (Allow) LPort=8028
FirewallRules: [{99EB09B7-85E9-46F4-AF8B-4315AE61D692}] => (Allow) LPort=8028
FirewallRules: [{EC198804-9D94-4948-92D1-50376CE50199}] => (Allow) LPort=8028
FirewallRules: [{C1A5337C-BFBB-425D-B9B1-3468773CD62B}] => (Allow) LPort=8028
FirewallRules: [{BC6C1548-4B5F-45CE-9C96-3C9EEB62FE29}] => (Allow) LPort=8028
FirewallRules: [{13B3CAF3-F1D0-4F4D-9D2C-CA0D1752B127}] => (Allow) LPort=8028
FirewallRules: [{091DACED-EF99-411A-8E09-5319F93B2523}] => (Allow) LPort=8028
FirewallRules: [{61E8944C-BBD3-407C-AC96-9D491D71ED1E}] => (Allow) LPort=8028
FirewallRules: [{B6255885-0F5E-41B3-9A42-9A0245AF7157}] => (Allow) LPort=8028
FirewallRules: [{EB10F628-8275-4766-A1EC-E379FD422CD2}] => (Allow) LPort=8028
FirewallRules: [{BB0A7A9A-BBA7-43B8-BD30-DDA5012281D4}] => (Allow) LPort=8028
FirewallRules: [{CE62F3BB-A8B9-44A3-A456-E8ED584C6E4D}] => (Allow) LPort=8028
FirewallRules: [{9734D7A8-2A4A-41DF-8F31-E5ED33A9BEA8}] => (Allow) LPort=8028
FirewallRules: [{FFFD4527-1A4F-4A29-87ED-ED1DF7B45FDA}] => (Allow) LPort=8028
FirewallRules: [{3FEC5345-6B31-40FF-AB4F-E673574D3650}] => (Allow) LPort=8028
FirewallRules: [{EC4E2DFA-A04D-490C-BA28-7435DA1329F5}] => (Allow) LPort=8028
FirewallRules: [{0E830802-0FFD-455C-90D0-1BE2A5F9F88E}] => (Allow) LPort=8028
FirewallRules: [{4B04C72B-3168-434D-AE3E-1813170A5C37}] => (Allow) LPort=8028
FirewallRules: [{478B2CFC-BEA1-4E1C-A247-B3BA6F6F9543}] => (Allow) LPort=8028
FirewallRules: [{EDBE0B2E-F315-4C83-8333-1E4E90BFB41B}] => (Allow) LPort=8028
FirewallRules: [{05236486-FCE2-4B24-AA15-7011C2E57C71}] => (Allow) LPort=8028
FirewallRules: [{65BEE739-404D-4861-AADE-098B44B0616F}] => (Allow) LPort=8028
FirewallRules: [{F386DD76-582F-4715-BE10-9FBFD637F669}] => (Allow) LPort=8028
FirewallRules: [{2D10C7B8-B453-44B5-BCEA-1E8EC9BBD56E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x 86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A35A1A7F-7186-44AF-B911-BDC2DACCA358}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x 86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C39BEAE-5225-4ADB-BE75-7EC8F0177FE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x 86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{200B6075-02D2-42D8-BD86-E4273B1BBE88}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x 86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0331A8D7-EBE2-4167-9294-D7A0D769C3E3}] => (Allow) LPort=8028
FirewallRules: [{92422DC7-C0A4-4053-BF8B-C700FB0B7B1E}] => (Allow) LPort=8028
FirewallRules: [{20E6D94E-75F0-44D0-B638-E1F2B5F399A6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35C10404-51E1-47EF-A963-CC97AF09BB4F}] => (Allow) LPort=8028
FirewallRules: [{88C53AA4-71F9-4F32-9CFA-A3BDCF603CE9}] => (Allow) LPort=8028
FirewallRules: [{DAA123F9-B9FA-4D53-BBDC-603471471256}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C9B4F17E-C4BB-4169-B173-4C4ABB130CED}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.3 7\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

15-09-2021 10:20:09 Windows Modules Installer
25-09-2021 07:01:56 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/30/2021 07:39:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname HAL9000.local already in use; will try HAL9000-2.local instead

Error: (09/30/2021 07:39:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 HAL9000.local. Addr 10.0.0.140

Error: (09/30/2021 07:39:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.140:5353 16 HAL9000.local. AAAA 2601:0600:9C80:E970:0000:0000:0000:0B5B

Error: (09/30/2021 07:39:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 HAL9000.local. AAAA FE80:0000:0000:0000:FD65:A8F3:C781:82FD

Error: (09/30/2021 07:39:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.140:5353 16 HAL9000.local. AAAA 2601:0600:9C80:E970:0000:0000:0000:0B5B

Error: (09/30/2021 07:39:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 HAL9000.local. Addr 10.0.0.140

Error: (09/30/2021 07:39:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.140:5353 16 HAL9000.local. AAAA 2601:0600:9C80:E970:0000:0000:0000:0B5B

Error: (09/30/2021 06:58:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname HAL9000.local already in use; will try HAL9000-2.local instead


System errors:
=============
Error: (10/01/2021 10:08:16 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Intel - Extension - 2116.61.54.0.

Error: (09/29/2021 08:44:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Intel - Extension - 2116.61.54.0.

Error: (09/28/2021 08:47:42 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR4.

Error: (09/27/2021 11:25:23 PM) (Source: DCOM) (EventID: 10000) (User: HAL9000)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/27/2021 12:13:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Intel - Extension - 2116.61.54.0.

Error: (09/24/2021 05:07:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Intel - Extension - 2116.61.54.0.

Error: (09/23/2021 11:06:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Intel - Extension - 2116.61.54.0.

Error: (09/22/2021 05:04:45 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Intel - Extension - 2116.61.54.0.


Windows Defender:
================
Date: 2021-09-30 19:12:46
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-29 18:32:12
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-28 19:14:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-27 18:45:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-27 12:46:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2020-10-20 05:41:16
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Installer\MSIBBD1. tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-20 05:41:12
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Installer\MSIAB0B. tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: Dell Inc. 1.16.1 05/25/2021
Motherboard: Dell Inc. 0MG0JR
Processor: Intel(R) Xeon(R) E-2186M CPU @ 2.90GHz
Percentage of memory in use: 25%
Total physical RAM: 32529.1 MB
Available physical RAM: 24196.54 MB
Total Virtual: 50961.1 MB
Available Virtual: 40167.61 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:236.73 GB) (Free:49.33 GB) NTFS
Drive d: (PDF+) (Fixed) (Total:931.5 GB) (Free:518.42 GB) NTFS

\\?\Volume{059ace50-e98c-4947-a8b3-edafb2eaa15e}\ () (Fixed) (Total:0.97 GB) (Free:0.47 GB) NTFS
\\?\Volume{2e5cdce6-a400-4cea-a8e5-94460562a485}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.57 GB) FAT32

==================== MBR & Partition Table ====================

================================================== ========
Disk: 0 (Size: 238.5 GB) (Disk ID: 040E082F)

Partition: GPT.

================================================== ========
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Reply With Quote
  #6  
Old October 2nd, 2021, 05:55 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Look on your computer and provide me with the service tag number. You have a wifi update that keeps failing..
Reply With Quote
  #7  
Old October 2nd, 2021, 10:31 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
 
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
G1LCZQ2 Dell outlet refurbished 2018
Reply With Quote
  #8  
Old October 3rd, 2021, 03:36 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Run FRST fixlist
  • Please open notepad (Start > All Programs > Accessories > Notepad)
  • Copy the entire contents of the code box below (Do not copy the word 'Quote') to Notepad.
  • Save it to the Desktop, and name it: fixlist.txt
Quote:
Start:
CloseProcesses:
CreateRestorePoint:
AlternateDataStreams: C:\ProgramData\TEMPA934DDA [354]
SearchScopes: HKU\S-1-5-21-971104189-752081202-1987908589-1001 -> DefaultScope {0C834182-E273-44A4-9309-389CF930528F} URL =
SearchScopes: HKU\S-1-5-21-971104189-752081202-1987908589-1001 -> {0C834182-E273-44A4-9309-389CF930528F} URL =
finish
  • Running this on another computer may cause damage to the Operating System.
  • Now, please run FRST, and press theFix button, just once, and wait.
  • When done, the tool creates a report on the Desktop called: Fixlog.txt
>> Please post the Fixlog.txt in your reply.

----------------------------------------

Download [img=http://www.imgdumper.nl/uploads6/51a46ae43005e/51a46ae42d560-malwarebytes_anti_malware.png] MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
  • If no threats were found, click View detailed log.
    • Click Export and save the log as a .txt file on your Desktop or another location.
  • If the scan detected any threats, click Apply Actions.
    • To complete any actions taken you will be prompted to restart your computer...click on Yes.
    • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
    • Check the box next to Scan Log. Choose the most current scan and click View.
    • Click Export and save the log as a .txt file on your Desktop or another location.

Providing the MalwareBytes' Anti-Malware log file
  • Attach the log file you just saved to your next reply for further review.
Reply With Quote
  #9  
Old October 3rd, 2021, 03:38 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Usually an email account problem is a corrupt cookie, and logging out of the account clears that.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Why is Comcast blocking this email? garybeck Internet / Browsers 0 May 19th, 2008 10:20 PM
Comcast Email DigitalRage The Anything Else Board 2 June 26th, 2006 04:15 PM
I just got some email from EBay..but it wasn't EBay! Spider Open Discussion 29 August 22nd, 2005 06:19 PM
mulitple email accounts w/ comcast pilgrimpb The Anything Else Board 5 July 13th, 2004 02:20 AM
Phony eBay Email? tomstonsils59 Windows XP 5 December 13th, 2003 01:15 PM


All times are GMT +1. The time now is 05:38 AM.