Jump to content

Freetemplatefinder.com "new page" pua


Recommended Posts

So I got an item on my monthly security log of a potential hijack for freetemplatefinder.com. There's no additional items about quarantine, removal or any other instances of the freetemplatefinder.com incident. I can't find any  trace of the folders in appdata that the pua would set-up, there's no program in the control panel list that looks suspicious and scanning with both Malwarebytes and webroot bring up no issues. Is this a phantom alert from malwarebytes? or do I need to do more to investigate?

Link to post
Share on other sites
Hello creedular and welcome to Malwarebytes,

Continue with the following:

Open Malwarebytes, select > "settings" > "protection tab"

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Go back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Click on the Report tab > from main interface.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"

     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those logs in your reply...

Thank you,

Kevin....

 

Link to post
Share on other sites

I ran a scan then did the adwcleaner and after the cleaner the computer restarted so I don't have that scan, can I get the historical log for the scan through the dashboard?

 

This is the adw cleaner report:

 

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-08-2020
# Duration: 00:00:09
# OS:       Windows 10 Home
# Cleaned:  20
# Failed:   0


***** [ Services ] *****

Deleted       WCAssistantService

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Lavasoft\Web Companion
Deleted       C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted       C:\ProgramData\Lavasoft\Web Companion
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted       C:\Users\raich\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted       C:\Users\raich\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fa1a5c26-4c09-492d-82be-60a3e761272d}|DisplayIcon
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fa1a5c26-4c09-492d-82be-60a3e761272d}|DisplayName
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fa1a5c26-4c09-492d-82be-60a3e761272d}|UninstallString
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3724 octets] - [08/09/2020 20:12:59]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

 

 

Link to post
Share on other sites

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-09-2020
Ran by raich (administrator) on MSI (Micro-Star International Co., Ltd. GE63VR 7RF) (08-09-2020 20:23:26)
Running from C:\Users\raich\Downloads
Loaded Profiles: raich
Platform: Windows 10 Home Version 1909 18363.1016 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(A-Volute -> A-Volute) C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe
(A-Volute -> A-Volute) C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe
(A-Volute -> Nahimic) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) D:\program files x86\Corsair\Corsair Icue software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) D:\program files x86\Corsair\Corsair Icue software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) D:\program files x86\Corsair\Corsair Icue software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) D:\program files x86\Corsair\Corsair Icue software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) D:\program files x86\Corsair\Corsair Icue software\iCUE.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <41>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxEM.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\raich\Downloads\adwcleaner_8.0.7.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\MSI Remind Manager\40\MSI Reminder.exe
(Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\SCM\SCM.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorHelper.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPS.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPSService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(Rivet Networks LLC) C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3259.0_x64__rh07ty8m5nkag\KillerControlCenter_v2\KillerControlCenter.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(Webroot Inc. -> Webroot) C:\Program Files\Webroot\WRSA.exe <2>
(Webroot Inc. -> Webroot, Inc.) C:\Program Files\Webroot\Core\WRCoreService.x64.exe
(Webroot Inc. -> Webroot, Inc.) C:\Program Files\Webroot\Core\WRSkyClient.x64.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-06-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734904 2017-07-05] (A-Volute -> Nahimic)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [301848 2017-06-09] (Micro-Star International CO., LTD. -> ) [File not signed]
HKLM\...\Run: [NahimicVRSvc32] => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [990392 2017-06-30] (A-Volute -> A-Volute)
HKLM\...\Run: [NahimicVRSvc64] => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142456 2017-06-30] (A-Volute -> A-Volute)
HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [5843752 2017-07-07] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9240512 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe -show
HKLM-x32\...\Run: [VodafoneMobileWiFi] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Wi-Fi\Launcher.exe [145920 2014-03-11] (Vodafone) [File not signed]
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [4875776 2020-05-27] (Webroot Inc. -> Webroot)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => %localappdata%\Programs\Autodesk\Genuine Service\GenuineService.exe
HKLM-x32\...\Run: [CORSAIR iCUE Software] => D:\program files x86\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-07-13] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7592008 2019-04-17] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\Run: [btweb] => "C:\Users\raich\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED
HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\Run: [MicrosoftEdgeAutoLaunch_3A8AB3A68E62F943B44C23E5D6947688] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32407952 2020-09-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\Policies\Explorer: [] 
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CutePDF Writer Monitor v4.0: C:\Windows\system32\cpwmon64_v40.dll [89584 2019-10-20] (Acro Software Inc -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.83\Installer\chrmstp.exe [2020-09-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2020-07-27]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-09-03]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2020-06-19]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Startup: C:\Users\raich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-12-26]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A78C159-041A-420D-85B3-F2462D717587} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D4D9FC7-57F9-44F5-97F3-103C460262E1} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1BD03231-942E-4E3A-8EC3-0DCDB40B3480} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-26] (Google Inc -> Google Inc.)
Task: {1E4E5461-8B23-47DC-90C0-78C310BFEA06} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734904 2017-07-05] (A-Volute -> Nahimic)
Task: {28159E85-7419-4E5F-8DBE-03F043F8E4D6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1312664 2020-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {282785A0-315D-4533-8D91-C7960671959B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32517ED5-36E1-41C5-8112-B7A1A8B1F87F} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5540632 2017-08-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {32DBC819-DE52-478E-9656-437DB8706420} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {386B0154-DFA0-44E1-9B22-86CF07956B90} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {39749523-7795-43BE-8716-053058B43AFF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118616 2020-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CDA3BB7-5A91-44E2-9452-75D1C8F6BEAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-26] (Google Inc -> Google Inc.)
Task: {483A4AA0-70F8-4F19-A364-2DF6E0347C46} - System32\Tasks\NahimicVRSvc32Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [990392 2017-06-30] (A-Volute -> A-Volute)
Task: {4B9C1858-A9CD-4C1E-8A86-B01A6F99D4E5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4D98F640-9CEC-4E29-BE9D-BBBD94156710} - System32\Tasks\MSISCMTsk => C:\Program Files (x86)\MSI\MSI Remind Manager\MSISCMTsk.exe [285464 2017-07-20] (Micro-Star International CO., LTD. -> Application) [File not signed]
Task: {618A8475-2964-4A4C-94A0-52680476BF8F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {661B7B94-E5CA-4FCF-8E51-67C4876FCCC0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {68C70A53-1080-457D-A8FF-B285CD83D3C8} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {70E7522C-4327-432A-A444-FB89813671E5} - System32\Tasks\Nahimic2svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe [4412088 2017-07-05] (A-Volute -> )
Task: {7B8A90B5-2A55-4692-A47A-44A7E55E9745} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81319C47-52D8-4D2F-AB0E-2333731BE2F4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83BF2269-420A-49BC-BD6A-22BF5A73C226} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7981396-5852-4A8B-B0F3-50EA4E13A42B} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Task: {C774A8B6-E20A-4BC9-A62B-BCFDF9FCB254} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DC3ED17C-455B-477D-A823-1219DFF74F85} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-25] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {ECE870A2-45D1-4ABF-9711-B94A4CDDAD31} - System32\Tasks\NahimicVRSvc64Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142456 2017-06-30] (A-Volute -> A-Volute)
Task: {F8127904-D410-494E-A207-629D10A98012} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118616 2020-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE3A675E-469B-48B9-8EB8-C15D90C86C9B} - System32\Tasks\Nahimic2svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe [520376 2017-07-05] (A-Volute -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2010-05-18] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{01c232c2-e9be-4f35-8637-46bf5352dee2}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{59a17c70-78a1-4445-9025-10f5d86638af}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{c47e26ba-f276-4a9d-b607-8a7cf5498ce8}: [DhcpNameServer] 192.168.0.1 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2185637009-271594393-402355952-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2185637009-271594393-402355952-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-2185637009-271594393-402355952-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-au
SearchScopes: HKU\.DEFAULT -> DefaultScope {39F8866F-2C59-425C-B50F-D587A178383D} URL = 
SearchScopes: HKU\S-1-5-21-2185637009-271594393-402355952-1001 -> DefaultScope {39F8866F-2C59-425C-B50F-D587A178383D} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2020-07-23] (Webroot Inc. -> Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2020-07-23] (Webroot Inc. -> Webroot)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-06] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
Edge Notifications: HKU\S-1-5-21-2185637009-271594393-402355952-1001 -> hxxps://www.flightcentre.com.au
Edge Profile: C:\Users\raich\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-08]
Edge Extension: (Web Threat Shield) - C:\Users\raich\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmkaflbamgddpjacdmjlkhbnpnlemaea [2020-07-20]
Edge Extension: (360 Viewer) - C:\Users\raich\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmglcbnpblebkmcllnfcgamdelbbekge [2020-07-20]

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\raich\AppData\Local\Google\Chrome\User Data\Default [2020-09-08]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://admin.nearmap.com/api/identityserver/v1/login?signin=bcded3c112787a69060becff93d0701c","hxxps://services.land.vic.gov.au/SpatialDatamart/","hxxps://auspost.com.au/postcode","hxxp://www.google.com/"
CHR Extension: (Slides) - C:\Users\raich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-26]
CHR Extension: (Docs) - C:\Users\raich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-26]
CHR Extension: (Google Drive) - C:\Users\raich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23]
CHR Extension: (YouTube) - C:\Users\raich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-26]
CHR Extension: (Sheets) - C:\Users\raich\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-26]
CHR Extension: (Google Docs Offline) - C:\Users\raich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-20]
CHR Extension: (Webroot Filtering Extension) - C:\Users\raich\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2020-06-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\raich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-10]
CHR Extension: (Gmail) - C:\Users\raich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\raich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-08]
CHR Profile: C:\Users\raich\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-25]
CHR HKLM-x32\...\Chrome\Extension: [cmllgdnjnkbapbchnebiedipojhmnjej]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2017-04-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10566536 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [11839392 2020-04-23] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [605080 2020-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; D:\program files x86\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-07-13] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; D:\program files x86\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-07-13] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-04-17] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-04-17] (GOG Sp. z o.o. -> GOG.com)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413720 2017-06-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73720 2020-03-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1775624 2020-03-13] (Rivet Networks LLC -> Rivet Networks)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2665992 2020-03-13] (Rivet Networks LLC -> Rivet Networks)
R2 KillerSmartphoneSleepService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KSPSService.exe [73720 2020-03-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73720 2020-03-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-09-08] (Malwarebytes Inc -> Malwarebytes)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2017-06-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [192296 2017-07-07] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [62392 2017-04-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-09-02] (SteelSeries ApS -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.6-0\NisSrv.exe [2169576 2020-07-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.6-0\MsMpEng.exe [128376 2020-07-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WRCoreService; C:\Program Files\Webroot\Core\WRCoreService.x64.exe [2035888 2020-07-16] (Webroot Inc. -> Webroot, Inc.)
R3 WRSkyClient; C:\Program Files\Webroot\Core\WRSkyClient.x64.exe [3000648 2020-07-16] (Webroot Inc. -> Webroot, Inc.)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [4875776 2020-05-27] (Webroot Inc. -> Webroot)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73728 2020-03-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73736 2020-03-13] (Rivet Networks LLC -> Rivet Networks, LLC.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0406000.00C\ccSetx64.sys [173808 2015-06-25] (Symantec Corporation -> Symantec Corporation)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess63FC7C36FAD8A45CBD3D336B89AB209331466DB9; D:\program files x86\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2020-09-08] (CPUID S.A.R.L.U. -> CPUID)
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164616 2020-05-19] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-09-08] (Malwarebytes Corporation -> Malwarebytes)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [178824 2020-03-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217608 2020-09-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197280 2020-09-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73880 2020-09-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131232 2020-09-08] (Malwarebytes Inc -> Malwarebytes)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-12-24] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47824 2019-12-24] (SteelSeries ApS -> SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [41104 2019-08-27] (SteelSeries ApS -> )
S3 TriDefSmartCam; C:\WINDOWS\system32\DRIVERS\TriDefSmartCam.sys [48304 2017-02-21] (Dynamic Digital Depth Australia Pty Ltd -> DDD Group Plc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [78232 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [430312 2020-07-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98544 2020-07-21] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-12] (Micro-Star Int'l Co. Ltd. -> )
S0 WRBoot; C:\WINDOWS\System32\drivers\WRBoot.sys [15792 2020-04-07] (Microsoft Windows Early Launch Anti-malware Publisher -> )
R1 WRCore; C:\Program Files\Webroot\Core\WRCore.x64.sys [268720 2020-06-15] (Webroot Inc. -> Webroot, Inc.)
R0 WRkrn; C:\WINDOWS\System32\drivers\WRkrn.sys [149224 2019-11-12] (Webroot Inc. -> Webroot)
R3 wrUrlFlt; C:\WINDOWS\system32\DRIVERS\wrUrlFlt.sys [58304 2020-05-28] (Webroot, Inc -> Webroot)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-08 20:23 - 2020-09-08 20:24 - 000033242 ____C C:\Users\raich\Downloads\FRST.txt
2020-09-08 20:23 - 2020-09-08 20:23 - 000000000 ____D C:\FRST
2020-09-08 20:22 - 2020-09-08 20:22 - 002297344 ____C (Farbar) C:\Users\raich\Downloads\FRST64.exe
2020-09-08 20:16 - 2020-09-08 20:16 - 002040904 ____C (Malwarebytes) C:\Users\raich\Downloads\MBSetup (2).exe
2020-09-08 20:14 - 2020-09-08 20:14 - 000217608 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-09-08 20:14 - 2020-09-08 20:14 - 000197280 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-09-08 20:14 - 2020-09-08 20:14 - 000131232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-09-08 20:14 - 2020-09-08 20:14 - 000073880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-09-08 20:14 - 2020-09-08 20:14 - 000000004 ____H C:\ProgramData\cm-lock
2020-09-08 20:12 - 2020-09-08 20:13 - 000000000 ____D C:\AdwCleaner
2020-09-08 20:11 - 2020-09-08 20:11 - 008414384 ____C (Malwarebytes) C:\Users\raich\Downloads\adwcleaner_8.0.7.exe
2020-09-08 20:11 - 2020-09-08 20:11 - 002040904 ____C (Malwarebytes) C:\Users\raich\Downloads\MBSetup (1).exe
2020-09-08 10:50 - 2020-09-08 10:50 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-09-08 10:50 - 2020-09-08 10:49 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-09-01 21:10 - 2020-09-01 21:10 - 000000000 ___DC C:\Users\raich\AppData\LocalLow\Wizards Of The Coast
2020-09-01 21:00 - 2020-09-01 21:00 - 000000270 ____C C:\Users\raich\Desktop\Magic The Gathering Arena.url
2020-09-01 20:10 - 2020-09-01 20:14 - 000000000 ____D C:\ProgramData\Epic
2020-09-01 20:10 - 2020-09-01 20:10 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2020-09-01 20:10 - 2020-09-01 20:10 - 000001258 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2020-09-01 20:10 - 2020-09-01 20:10 - 000001258 _____ C:\ProgramData\Desktop\Epic Games Launcher.lnk
2020-09-01 20:10 - 2020-09-01 20:10 - 000000000 ____D C:\Program Files (x86)\Epic Games
2020-09-01 20:09 - 2020-09-01 20:09 - 044257280 ____C C:\Users\raich\Downloads\EpicInstaller-10.17.0-6e71d970c52d4f66910081e9de36a401.msi
2020-09-01 16:34 - 2020-09-01 16:34 - 000388428 ____C C:\Users\raich\Downloads\PD022_-_Crop_Work_Team_Member.pdf
2020-08-24 12:19 - 2020-08-24 12:20 - 000000000 ___DC C:\Users\raich\Desktop\old cv's
2020-08-22 17:39 - 2020-09-01 20:10 - 000000000 ____D C:\Users\raich\AppData\Local\EpicGamesLauncher
2020-08-22 17:04 - 2020-08-22 17:04 - 000000000 ____D C:\Program Files\Bonjour
2020-08-22 17:04 - 2020-08-22 17:04 - 000000000 ____D C:\Program Files (x86)\Bonjour
2020-08-22 17:02 - 2020-08-22 17:02 - 006195808 ____C (Frank Friemel) C:\Users\raich\Downloads\SP4W_Setup.exe
2020-08-22 16:55 - 2020-08-22 16:55 - 000002849 ____C C:\Users\raich\Downloads\Readme.txt
2020-08-22 16:42 - 2020-08-22 16:43 - 000000000 ___DC C:\Users\raich\Desktop\shairport
2020-08-22 16:14 - 2020-08-22 16:14 - 001667682 ____C C:\Users\raich\Documents\22-08-2020_16-14-02_v20-2-04-76608.dmp
2020-08-20 22:18 - 2020-08-20 22:18 - 001669611 ____C C:\Users\raich\Documents\20-08-2020_22-18-14_v20-2-04-76608.dmp
2020-08-20 21:31 - 2020-08-20 21:31 - 001674769 ____C C:\Users\raich\Documents\20-08-2020_21-31-12_v20-2-04-76608.dmp
2020-08-17 14:58 - 2020-08-17 14:58 - 001685035 ____C C:\Users\raich\Documents\17-08-2020_14-58-53_v20-2-04-76608.dmp
2020-08-17 14:54 - 2020-08-17 14:54 - 001694326 ____C C:\Users\raich\Documents\17-08-2020_14-54-34_v20-2-04-76608.dmp
2020-08-17 09:48 - 2020-08-17 09:48 - 001684962 ____C C:\Users\raich\Documents\17-08-2020_09-48-50_v20-2-04-76608.dmp
2020-08-17 09:26 - 2020-08-17 09:26 - 003358690 ____C C:\Users\raich\Downloads\EPSG28355_Date20200604_Lat-37.846008_Lon144.993122_Mpp0.075.zip
2020-08-13 23:55 - 2020-08-13 23:55 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-13 23:55 - 2020-08-13 23:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-13 23:55 - 2020-08-13 23:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-13 23:55 - 2020-08-13 23:55 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-08-13 23:55 - 2020-08-13 23:55 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-13 23:55 - 2020-08-13 23:55 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-08-13 23:55 - 2020-08-13 23:55 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-13 23:55 - 2020-08-13 23:55 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-13 23:55 - 2020-08-13 23:55 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-13 23:55 - 2020-08-13 23:55 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-13 23:55 - 2020-08-13 23:55 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-13 23:55 - 2020-08-13 23:55 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-13 23:55 - 2020-08-13 23:55 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-13 23:55 - 2020-08-13 23:55 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-13 23:55 - 2020-08-13 23:55 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-08-13 23:55 - 2020-08-13 23:55 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-13 23:55 - 2020-08-13 23:55 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-13 23:55 - 2020-08-13 23:55 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-08-13 23:55 - 2020-08-13 23:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-08-13 23:48 - 2020-07-18 13:07 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-13 23:48 - 2020-07-18 12:53 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-08-12 22:32 - 2020-09-08 10:50 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-12 22:32 - 2020-09-08 10:50 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-12 22:32 - 2020-09-08 10:50 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-08-12 22:31 - 2020-09-08 10:49 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-08-12 22:30 - 2020-08-12 22:30 - 002040904 ____C (Malwarebytes) C:\Users\raich\Downloads\MBSetup.exe
2020-08-12 21:27 - 2020-08-12 21:27 - 001676179 ____C C:\Users\raich\Documents\12-08-2020_21-27-47_v20-2-04-76608.dmp
2020-08-12 18:25 - 2020-08-12 18:25 - 001716726 ____C C:\Users\raich\Documents\12-08-2020_18-25-24_v20-2-04-76608.dmp
2020-08-12 17:52 - 2020-08-12 17:52 - 000000172 ____C C:\Users\raich\Documents\1001 301 GSI.kml
2020-08-12 16:17 - 2020-08-12 18:30 - 000083768 ____C C:\Users\raich\Documents\OPA GIS CAD IMPORT STYLE.qml
2020-08-12 16:05 - 2020-08-12 16:05 - 001684669 ____C C:\Users\raich\Documents\12-08-2020_16-05-44_v20-2-04-76608.dmp
2020-08-12 15:26 - 2020-08-12 15:26 - 001599048 ____C C:\Users\raich\Documents\12-08-2020_15-26-08_v20-2-04-76608.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-08 20:20 - 2020-03-24 21:09 - 000842708 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-08 20:20 - 2019-03-19 14:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-08 20:17 - 2017-09-08 09:06 - 000000000 ___DC C:\ProgramData\NVIDIA
2020-09-08 20:15 - 2019-03-19 14:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-08 20:15 - 2019-02-08 19:08 - 000275080 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll
2020-09-08 20:15 - 2019-02-08 19:08 - 000231472 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll
2020-09-08 20:15 - 2019-02-08 19:08 - 000000000 ___DC C:\ProgramData\WRData
2020-09-08 20:15 - 2017-12-17 11:44 - 000000000 _SHDC C:\Users\raich\IntelGraphicsProfiles
2020-09-08 20:14 - 2020-03-24 21:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-08 20:14 - 2019-03-19 14:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-09-08 20:13 - 2020-06-19 22:37 - 000000000 ____D C:\Users\raich\AppData\Roaming\Lavasoft
2020-09-08 20:13 - 2020-06-19 22:37 - 000000000 ____D C:\Users\raich\AppData\Local\Lavasoft
2020-09-08 20:13 - 2020-06-19 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-09-08 20:13 - 2020-06-19 22:37 - 000000000 ____D C:\ProgramData\Lavasoft
2020-09-08 20:13 - 2020-06-19 22:37 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-09-08 20:08 - 2020-03-24 20:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-08 17:26 - 2020-03-24 21:07 - 000004140 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{56E7672C-C264-4A3F-B15E-083EF47D8DC1}
2020-09-08 10:50 - 2019-03-19 14:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-05 01:09 - 2019-03-19 14:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-05 01:09 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-04 04:57 - 2018-06-26 05:48 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-04 04:57 - 2018-06-26 05:48 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-04 04:57 - 2018-06-26 05:48 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-01 20:14 - 2018-06-05 23:03 - 000000000 ___DC C:\Users\raich\AppData\Local\D3DSCache
2020-09-01 20:13 - 2017-09-08 09:01 - 000000000 ____D C:\ProgramData\Package Cache
2020-09-01 17:15 - 2020-07-11 12:18 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-01 17:15 - 2020-07-11 12:18 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-01 17:15 - 2020-07-11 12:18 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-08-31 11:55 - 2017-12-17 12:21 - 000000000 ___DC C:\Users\raich\AppData\Local\CrashDumps
2020-08-26 14:24 - 2018-10-11 16:03 - 000000000 ____D C:\Program Files\Webroot
2020-08-22 16:14 - 2020-08-05 20:45 - 000399662 ____C C:\Users\raich\Documents\crash_report.txt
2020-08-20 21:12 - 2017-05-17 08:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-08-20 21:10 - 2017-12-17 11:46 - 000000000 __RDC C:\Users\raich\OneDrive
2020-08-20 21:09 - 2020-07-11 12:18 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-20 21:09 - 2020-07-11 12:18 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-20 21:09 - 2020-03-24 21:07 - 000003352 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2185637009-271594393-402355952-1001
2020-08-20 21:09 - 2020-03-24 21:01 - 000002404 ____C C:\Users\raich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-14 00:27 - 2020-03-24 20:58 - 000577184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-14 00:27 - 2018-01-19 18:20 - 000000000 __RDC C:\Users\raich\3D Objects
2020-08-14 00:27 - 2017-05-17 08:12 - 000000000 _RHDC C:\Users\Public\AccountPictures
2020-08-14 00:26 - 2020-03-25 15:48 - 000000000 ____D C:\WINDOWS\HoloShell
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-14 00:26 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-14 00:26 - 2019-03-19 14:37 - 000000000 ____D C:\WINDOWS\servicing
2020-08-13 23:58 - 2019-03-19 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-12 22:31 - 2017-12-26 08:41 - 000000000 ____D C:\ProgramData\Malwarebytes

==================== Files in the root of some directories ========

2020-07-27 14:01 - 2020-07-28 09:58 - 000000012 _____ () C:\Users\raich\AppData\Roaming\env_settings_12.4d
2020-07-27 14:01 - 2020-07-28 09:58 - 000000094 _____ () C:\Users\raich\AppData\Roaming\Recent Projects.4d
2020-08-06 13:14 - 2020-08-06 13:14 - 000000771 _____ () C:\Users\raich\AppData\Local\recently-used.xbel
2018-09-07 17:41 - 2018-09-07 17:41 - 000007600 ____C () C:\Users\raich\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Link to post
Share on other sites

Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-09-2020
Ran by raich (08-09-2020 20:24:28)
Running from C:\Users\raich\Downloads
Windows 10 Home Version 1909 18363.1016 (X64) (2020-03-24 11:07:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2185637009-271594393-402355952-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2185637009-271594393-402355952-503 - Limited - Disabled)
Guest (S-1-5-21-2185637009-271594393-402355952-501 - Limited - Disabled)
raich (S-1-5-21-2185637009-271594393-402355952-1001 - Administrator - Enabled) => C:\Users\raich
WDAGUtilityAccount (S-1-5-21-2185637009-271594393-402355952-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Enabled - Up to date) {EA22F846-E33A-0128-9418-185509C86920}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Webroot SecureAnywhere (Enabled - Up to date) {A16A5B28-D1C0-417E-771B-123558EECC69}
AS: Webroot SecureAnywhere (Enabled - Up to date) {514319A2-C500-0EA6-AEA8-2327724F239D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

12d Model 12 - 64 bit (HKLM\...\12d Model 12 - 64 bit) (Version: 12.0C1t - 12d Solutions Pty Ltd)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
ApoDispatch Install Configurator (HKLM\...\{86DFBD13-F1EA-43EA-8BF7-05B4A7F40571}) (Version: 2.5.1701 - Nahimic) Hidden
APOInstallerMSISetup (HKLM\...\{4EF58CF2-20BB-493A-B057-34F17919E11B}) (Version: 1.0.12 - Nahimic) Hidden
AudioDeviceFXPluginSampleUIMSISetup (HKLM\...\{BA834116-5E00-40C6-84CE-C4FB58F3DAB7}) (Version: 1.0.1201 - Nahimic) Hidden
AudioLaunchpad Install Configurator (HKLM\...\{6876FCDB-9B83-4AAF-B5BD-B84C500C378F}) (Version: 2.5.1701 - Nahimic) Hidden
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
BricsCAD V20.2.04 (x64) en_US (HKLM\...\{F3A09A38-BD2B-48D5-BF49-C7768E530966}) (Version: 20.2.04 - Bricsys)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1707.2401 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1707.2401 - Application)
CheckDevices Install Configurator (HKLM\...\{FBF14B3C-60CF-43F8-8E83-0DBF072138A3}) (Version: 2.5.1701 - Nahimic) Hidden
CodeMeter Runtime Kit v7.00b (HKLM\...\{DC0922A5-8E08-4378-90F9-2D2C3D90F38D}) (Version: 7.00.3933.502 - WIBU-SYSTEMS AG)
Core (HKLM\...\{1633C7DB-2099-425C-8B76-63C5B295F410}) (Version: 1.1.226 - Webroot) Hidden
CORSAIR iCUE Software (HKLM-x32\...\{5D7A7903-21D9-4925-A628-8F5F217E32A8}) (Version: 3.31.81 - Corsair)
CutePDF Writer (HKLM\...\CutePDF Writer Installation) (Version:  4.0 - Acro Software Inc.)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1708.2201 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1708.2201 - Micro-Star International Co., Ltd.)
Dynamo for Autodesk Civil 3D 2021 (HKLM\...\{185E2078-4100-4429-0854-C980F3C4BCFB}) (Version: 1.1.854.0 - Autodesk) Hidden
Dynamo for Autodesk Civil 3D 2021 (HKLM-x32\...\{81c67b4a-4100-4639-0854-2f2ff3923688}) (Version: 1.1.854.0 - Autodesk)
EndpointMonitoring Install MSISetup (HKLM\...\{385367C8-6997-41BF-A26B-42D0A82D0223}) (Version: 1.0.1201 - Nahimic) Hidden
Epic Games Launcher (HKLM-x32\...\{0EE6DDEF-E36B-45EB-9E03-5A266EC8A8F8}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FXAA Post Process Injector (HKLM-x32\...\FXAA Post Process Injector) (Version:  - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.83 - Google LLC)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.0.0- - Inkscape)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
KB9X Radio Switch Driver (HKLM\...\97FE6BFA6A40EE4967381F4313B334031A3B6E03) (Version: 1.1.4.0 - ENE TECHNOLOGY INC.)
Killer Performance Driver Suite UWD (HKLM\...\{3CDA97F4-59EC-4D3D-AC1A-BCC7995F46DE}) (Version: 1.7.1089 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LauncherSetup Install (HKLM\...\{20B69660-B995-43F8-A14A-8DC1DDAF3E8B}) (Version: 2.5.1701 - Nahimic) Hidden
LOOT version 0.12.5 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.12.5 - LOOT Team)
Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes)
Median XL Launcher (HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\AD755AF1-2FD3-4FAF-B0C2-5F4800F53143) (Version: 1.2.1 - Median XL Team)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13029.20344 - Microsoft Corporation)
Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.44 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft OneDrive (HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
MSI Feature Navigator (HKLM-x32\...\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1703.1601 - Micro-Star International Co., Ltd.) Hidden
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1703.1601 - Micro-Star International Co., Ltd.)
MSI Remind Manager Service (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1707.1901 - Micro-Star International Co., Ltd.) Hidden
MSI Remind Manager Service (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1707.1901 - Micro-Star International Co., Ltd.)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 2.0.0.034 - Portrait Displays, Inc.)
Nahimic 2+ Audio Driver (HKLM\...\{59040F9E-4715-4819-8618-D8C2591FC0B6}) (Version: 2.5.1701 - Nahimic) Hidden
Nahimic 2+ Audio Driver (HKLM-x32\...\{6396d25e-ecfb-4e2d-b88c-0cd08cd78159}) (Version: 2.5.17 - Nahimic)
Nahimic VR (HKLM-x32\...\{d6102f25-bb0e-4444-bda7-cc349c8d95a5}) (Version: 1.0.12 - Nahimic)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
NineEarsSettings Install Configurator (HKLM\...\{AD43AAA1-3A59-47CD-A419-69F843BAA4EA}) (Version: 1.0.1201 - Nahimic) Hidden
Norton Online Backup (HKLM-x32\...\NARA) (Version: 4.6.0.12 - Symantec Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Graphics Driver 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Path of Diablo Launcher (HKLM-x32\...\{DE70C6E8-1803-4AF4-8F94-B39062688E21}) (Version: 1.0.0 - Path of Diablo)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.6.3.56888 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{c07fe85b-ad7c-4852-b9be-3e05358d71f5}) (Version: 3.6.3.56888 - Grinding Gear Games)
ProductDaemon Install Setup (HKLM\...\{3BD2C025-206F-4899-8457-582A7DE1E8F7}) (Version: 1.0.1201 - Nahimic) Hidden
ProductDaemonSetup Install (HKLM\...\{6CC0818B-98D2-4880-AC95-A0C1A4139D72}) (Version: 2.5.1701 - Nahimic) Hidden
ProductNS Install Configurator (HKLM\...\{D03BE6D9-F956-4674-83A6-E7AFA6CC29E7}) (Version: 2.5.1701 - Nahimic) Hidden
QGIS 3.10.7 'A Coruña' (HKLM\...\QGIS 3.10) (Version: 3.10.7 - QGIS Development Team)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.309 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8328 - Realtek Semiconductor Corp.)
SCM (HKLM\...\{F6E94387-38E9-4D98-9FE1-038F575768BA}) (Version: 13.017.06089 - Application)
SonicMapper Install Configurator (HKLM\...\{8EA5FF84-DD94-4A6D-B167-0594879BA480}) (Version: 2.5.1701 - Nahimic) Hidden
Spatial Manager™ for BricsCAD (64-bit) (HKLM\...\{7BE423D3-EA28-412C-8A4C-96102D72D6BA}) (Version: 6.1.1.9309 - Opencartis) Hidden
Spatial Manager™ for BricsCAD (HKLM-x32\...\{4e00f105-0c19-4d44-93d6-5c1c6b853348}) (Version: 6.1.1.9309 - Opencartis)
SSAudioDaemon Install MSISetup (HKLM\...\{D0E3BAA2-2583-4876-A6E7-6BC4DA32DD40}) (Version: 1.0.12 - Nahimic) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.18.4 (HKLM\...\SteelSeries Engine 3) (Version: 3.18.4 - SteelSeries ApS)
UIInstallUpgrade (HKLM\...\{0B3DB68B-84DB-4F26-9971-59AAE0279E09}) (Version: 2.5.1701 - Nahimic) Hidden
Vodafone Wi-Fi (HKLM-x32\...\{F08DBC61-FBFC-4D26-997F-74B42C51DC56}) (Version: 2.0.9.48121 - Vodafone)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.28.48 - Webroot)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24121}) (Version: 24.0.13618 - Corel Corporation)
XSplit Gamecaster (HKLM-x32\...\{A782B961-2DFA-4919-81DB-74C5DB03B409}) (Version: 3.0.1705.3130 - SplitmediaLabs)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.12.4.0_x86__kgqvnymyfvs32 [2020-08-13] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.176.200.0_x86__kgqvnymyfvs32 [2020-09-05] (king.com)
Dell Visor -> C:\Program Files\WindowsApps\DellInc.DellVisor_1.0.2.0_x64__htrsf667h5kn2 [2018-04-15] (Dell Inc)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.3.0.0_x86__h6adky7gbf63m [2020-08-26] (Gameloft SE)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.25.9091.0_x86__q4d96b2w5wcc2 [2020-07-01] (Evernote)
FORM Demo Experience -> C:\Program Files\WindowsApps\CharmGames.FORMDemoExperience_1.1.19.0_x64__aq3h8pmnx2vx2 [2018-09-16] (Charm Games)
Galaxy Explorer -> C:\Program Files\WindowsApps\Microsoft.MicrosoftGalaxyExplorer_2.0.10.0_x64__8wekyb3d8bbwe [2018-08-31] (Microsoft Corporation)
Holograms -> C:\Program Files\WindowsApps\Microsoft.HologramsApp_100.1809.6005.0_x86__8wekyb3d8bbwe [2018-09-19] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa [2020-08-03] (Apple Inc.) [Startup Task]
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-08-03] (Keeper Security Inc)
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3259.0_x64__rh07ty8m5nkag [2020-07-11] (Rivet Networks LLC) [Startup Task]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.0.1.1_x86__h6adky7gbf63m [2020-08-17] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.1.7200.0_x86__8wekyb3d8bbwe [2020-08-07] (Microsoft Studios) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.11.6020.0_x64__8wekyb3d8bbwe [2020-06-18] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_3.0.8191.0_x86__8wekyb3d8bbwe [2020-09-01] (Microsoft Studios) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1215.0_x86__8wekyb3d8bbwe [2020-04-22] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.2.7240.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.4002.0_x64__8wekyb3d8bbwe [2020-09-05] (Microsoft Studios)
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-02-03] (MAGIX)
Norton Studio -> C:\Program Files\WindowsApps\SymantecCorporation.NortonStudio_2.2.0.0_x86__v68kp9n051hdp [2018-05-05] (Symantec Corporation)
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2018-05-17] (CyberLink)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation)
PowerDirector14 for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector14forMSI_14.0.5226.0_x64__jtmmp2jxy9gb6 [2018-06-01] (CyberLink)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0 [2020-09-05] (Spotify AB) [Startup Task]
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-01-11] (Synaptics Incorporated)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-03] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{01437FCC-40FC-4B9D-94C4-B5D5A017AA01}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{0332CC78-B534-44FD-92A2-FFAFB9F063AD}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{04D3D047-FD83-4945-A4E9-DDDE197BC1EE}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{057937BA-F9B7-4177-BDAB-4EFBB8CEA353}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{076821C2-9343-4429-BFAB-6F242C4830AE}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{0A05E9D7-031B-45DE-B655-409B0972B86E}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{0D131010-19EF-442C-B637-1602F4E10056}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{0F575826-B700-4EB7-BE3F-A03E528984B5}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{0F664C13-D6C3-476C-B99B-5203EAB50D30}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{0FFA9872-2D55-4D4F-BE73-F013F288675D}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{1087103D-4E33-4BA0-8251-518489469F38}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{120B0A27-F86C-4ECD-A76E-D71F4D95D39A}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{12439A1B-59BF-438D-9663-C6DC6C23DBD2}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{13D9C49F-EA1A-4326-BF8D-9B82E5BE0D57}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{15A6719C-8647-4AF9-B7B5-4B5B14E37FCD}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{168585A4-61FD-4513-B855-4FBEC618F20D}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{16D66462-4846-4563-9B65-58A6D8028554}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{17B41D35-AB0D-4497-B397-9F42BE90F70A}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{17E9118D-C252-496B-9696-0B729CAE7E7B}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{180CD891-9A97-441E-876D-5252FDF53D06}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{1C2D6372-F482-4175-85DB-AAB95080ECB2}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{2039AA72-AD62-4BC4-87ED-627A7714256E}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{279976B1-C6F1-4C70-B904-D66842F08014}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{28A509E7-926D-4D76-A26F-46FE3C83BF70}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{2C96A871-48DB-4300-B09C-0247B69A68C8}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{2fd1ff13-05b7-3324-a570-d84fb3d81c5e1}\InprocServer32 -> 0x520D8859F66AD601F6338859F66AD601010000000100000000000000 => No File
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{30278AC7-C3FB-4FCD-942A-CEEC0850FE1B}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{30B0C51B-535D-40EA-8805-A5ABDA364817}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> D:\program files\AUTODESK\AutoCAD 2021\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{347EB504-726E-4E6C-A99C-7C2FE16CBFCA}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{35AED114-C522-447F-B2F8-103B8D640AF1}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{3BC263DA-D79D-48D9-94C3-05810826DCA8}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{3CF20B6F-842C-4D77-B088-5E1AC8ED77C2}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{3D4DDB10-7A0E-4640-9C66-AA75AA1F2382}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{3E11CCC4-2F5C-42E4-893D-0E840E971AE6}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{4233072C-CEBA-45C9-AC06-D5A8BD2E67B3}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{45c8e2e6-f7d3-786d-3d92-30f2181c8bde5}\InprocServer32 -> 0xC0828359F66AD60103F78359F66AD601010000000100000000000000 => No File
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{47585B67-A80C-4215-8726-66A038B713D9}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{47E5F36E-53A7-49CE-8103-5FF2EC316DD2}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{49648244-8F88-45AB-A9E1-603CF85D1B67}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{4B3F2E16-C79D-43B5-ACD3-51FD1767E395}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{4CFC7039-6AED-4E99-AE73-41B423101E37}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{4D063E55-AE32-4CED-85A0-FC499D08592C}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{4DDE0369-BB1E-40FF-922C-D5BCDDACAE78}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{51072506-3102-4523-8D1D-CBA0E8244543}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{51734B9F-ABED-4526-8D3D-A8D27525477E}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{5298B44F-9B5E-4033-BCDF-1D822E716A71}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{52A5B183-9D0B-4652-A28A-94E2D4CA6DC8}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{530D9DD6-A228-40CF-B128-F4CED3CD6A48}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{53E7B88B-7EC9-4F55-9237-BCD1AE9B58A0}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{57216226-B1B8-4FCA-9B1A-63FE0DFDB724}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{583ABD24-2B0A-4E4C-979B-9BBF4775FAEB}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{5A579D1B-BAA0-45E8-AEBB-8D86206DC693}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{5A5D6255-D1FF-4377-9FDB-3CFC0DFFF93E}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{5AE51E9F-2BB6-4AEC-92DA-ED7EE3CA1CDE}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{5DA23FF6-CDDB-46B3-9FAF-337AA4C4CFC2}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{5EDEA0A2-99BD-4C25-88C4-557F0B1EDA32}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{61E2F760-F786-4637-8604-E02754ED223A}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{637AE8B8-AD4C-47CA-9F73-01720D9B5736}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{640652d9-52da-1699-21c8-fe59b019b7481}\InprocServer32 -> 0x67E28859F66AD601A6A24935BD79D601060000001602000000000000 => No File
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{6491EE6C-C18E-4218-BBF0-8BD2E734A9A0}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{653EBA9A-4A12-4287-AFDA-CE391C1BB145}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{65D79F6C-B26F-4AFE-A5B6-CD2E93AD3425}\localserver32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\bricscad.exe (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{6740DCDB-2A9D-4C92-A423-A9A90211501B}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{6AFB9ED5-5571-4491-A20B-C6210784DBD7}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{6D52DE76-93FB-428A-BA37-675902D2608F}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{6D6B5180-7038-48DB-9DA2-4DAF4EFD129A}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{6D85FCD6-01D2-4923-B570-6C64559407F0}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{6E1EC3B4-A303-47F3-9850-DBC8493411AB}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{7008D380-718D-4527-8152-5CE31B3D513E}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{719DD6E3-BCDA-4B3D-A9BB-BEF96FDFA582}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{71F7A98A-4FD1-4035-8B51-0F1D85764D99}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{736EBD8B-CD75-4C05-8111-2C4B31602E3B}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{75187D9C-A52B-4771-A81C-9728F553E84D}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{75E7CBE4-A85D-4BB3-BA91-9C943AF99740}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{75F32C05-FA9D-461F-9310-49A5E35F46A1}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{7768E4B2-1922-46F8-BD11-71C814BF3D50}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{77C7FF1D-EBCF-47BB-BC3F-7174ABAF4AAE}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{7CADD721-19E8-4ECD-BFE6-532B282CC80D}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{7D20A67E-6298-42DB-997D-86FF373BCE3A}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{7D68F6C1-8363-44DA-A910-04467578DFDE}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{7D8DA0F7-6144-4083-BDE6-2278784BBF56}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{7EB77135-A6AB-4BF3-985C-D32B59C268A0}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{810007C3-331C-4B07-80E5-4BFD4A08E0C5}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{81A04ED9-EAE7-484E-B1A8-5D44951F1575}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{84611AF6-CB66-48BB-909D-82622D2CE8F7}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{846D9D05-AA82-407C-87E3-CB0DDCEFE764}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{85C567C1-98D3-4965-961F-AB1DD3D5DBF7}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{88A97506-312B-4D39-BDCE-5D59A3A2FC63}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> D:\program files\AUTODESK\AutoCAD 2021\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{8C78DED9-EF6F-45A4-B734-FC2A83DF4895}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{8CC6BC63-90C4-4901-9B31-85F8D99AF676}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{8E0B41E9-944C-4C7F-9634-EB05A23883EF}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{8FEFC60C-41AF-4AAF-B49A-BA20335D123B}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{8FFE5318-B328-4691-9FB3-BE3BC3C9626A}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{913A7B20-8D6D-4621-AE5A-FA064D003566}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{924DCF80-3CFD-4E18-A229-50AB132F2C15}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{92FFB533-8F1A-4E10-B4D9-B39D120D4EDC}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{97969412-C368-43FB-AFB8-8CF30B28D48C}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{987C7CFC-DDF8-42DB-8A58-0389FC3E8BA5}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{991B475F-8517-4002-9BF6-02EFD2BA26A3}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{99393451-672E-4817-8A38-29428B3B11DE}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{9C91139D-E6EF-4012-A71B-E8BA1798799B}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{9D018E93-261C-42D1-A5AB-35692C7C4568}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{9FA4644B-D68D-4ABB-8677-92EBE4A12609}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{A250076E-0A24-48EF-8F05-8ED62CF42757}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{A386ACE3-EAAD-437E-896B-6D2CEF730312}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{A4E8C953-364E-4330-965B-B844990215E7}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{A9A4BC50-B5D9-4419-8485-14EA691F3D2E}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{AA4CCAA4-BF67-4C7B-AEE6-219E9F5075CF}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{AD429E90-7EDB-4784-BDC6-815CC909A499}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{B1FEF0A1-94BA-48D1-AE75-ECD341622389}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{B40295DB-E799-444C-A2D6-925D7CE9139A}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{B7779432-1590-4823-9D12-76C167549CEE}\localserver32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\bricscad.exe (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{BB827943-BC3F-4157-BB3A-E3861E450EDD}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{BC9A8B61-A614-41C5-9BF2-CEF57D09F128}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{BE834C56-F5F0-4D58-93F7-D03AB470C924}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{C49DA967-1AB6-42FD-8829-39326E091A40}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{C4DDB1AB-3E47-4F5C-B9DF-D4FB05839E1E}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{C4E2F3E1-A392-4630-A681-F6E5693CE097}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{C62CB782-ACB9-4927-BB23-6854957D1E0C}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{C6E04183-402D-4430-897F-91C81734BBA4}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{C7BF1D35-AFE4-4BC0-BB39-0F8D9516B65A}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{C82268D1-9912-4728-AB8C-A757186204E4}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{C956BD67-CA45-4F98-8393-CCC1D63CC48E}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{CC0F1DB2-D3F2-4962-A6A9-823DE33DD446}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{CEA1E4FD-CBFB-41F5-9538-DA1ADF3AA4E4}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{D0928FD5-41F7-4AFE-95F8-0B89423A4AA2}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{D1769F47-0413-4F36-815F-C78B7B721A6D}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{D3ACB7C1-B0A7-48EB-9678-7F78FEA169E4}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{D6772D15-E026-4E76-B685-0F9A2A4E4FC3}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{D795F587-716C-4A15-961E-9B8327892789}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{D7D58108-C73D-43B1-9EA7-6865D427EDA4}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{D8A35252-3D9C-4B67-BAC2-B4BBE8B1F414}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{D8A894E9-5531-412E-8553-EBAF021E2826}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{D967CF71-1A12-42C8-9B23-528D33A0EDA4}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{DB6E33B9-73A5-40AC-86FD-89EB0DEEFCF7}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{DE00A025-93B0-4BEC-8A96-89AE240E62F1}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{E1856CFE-0FC2-41D4-A720-3B805DF9B72F}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{E21732A6-FF3E-4E07-81D9-E8B9179118D8}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\program files\AUTODESK\AutoCAD 2021\en-US\acadficn.dll => No File
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{E3155307-0E29-4EFB-AFA0-B24193A50CFF}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{E31C6893-B2EB-491E-8F92-AF8940807D46}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{E5B4EB56-3C1F-4385-849B-25337E7CC6A1}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{E5C5095E-FDFE-496B-9FD2-8DF9172376ED}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{E79DDA4A-A561-4AEC-A99F-1D6890F49570}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{E7DD8627-9EB0-424E-BA15-50E77590F143}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{E8BA1A52-5251-4324-A392-C4DE7EFFAC9A}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{E9C5A9D6-AB1C-4BF6-8344-140A61158EC6}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{EACDB15C-33BF-4533-A74C-4610676B646A}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{EBC97347-7D15-40B4-A2A2-91F3C0D91F71}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{F263508B-2253-4BDC-A85C-C3DC50D21F57}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{F3106977-89D0-4675-9225-CA38A3BC117B}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{F4CB19EE-DEF2-4F4B-85F6-C768B648B607}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{F53D346D-79C8-415D-B968-3F81EEFEB3ED}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{F5B50AE8-959F-47BB-8C1B-017FB334E1D8}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscadapp1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{F6628E9E-0B84-40CA-BD0D-20C8B6802ADF}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{F6847807-EB2B-46DA-8FB7-21D6277D73A9}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{F95DA8E5-B917-47D1-A203-F82DD5388CE7}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{FAF2CD59-5BA8-466B-982F-A0C825F95424}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{FB228BF3-331F-4954-9B26-116C7FCE2940}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
CustomCLSID: HKU\S-1-5-21-2185637009-271594393-402355952-1001_Classes\CLSID\{FC480DD6-F4B2-455C-B48B-1759A28F2619}\InprocServer32 -> C:\Program Files\Bricsys\BricsCAD V20 en_US\axbricscaddb1.dll (Bricsys) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers1: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\WINDOWS\system32\WRusr.dll [2020-09-08] (Webroot Inc. -> Webroot)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxDTCM.dll [2017-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers6: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\WINDOWS\system32\WRusr.dll [2020-09-08] (Webroot Inc. -> Webroot)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\raich\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2017-06-30 04:09 - 2017-06-30 04:09 - 000172544 _____ () [File not signed] C:\Program Files\Nahimic\Nahimic VR\AnalogDriver\EndpointMonitoring.dll
2020-07-13 15:16 - 2020-07-13 15:16 - 000209408 _____ () [File not signed] D:\program files x86\Corsair\Corsair Icue software\quazip.dll
2020-07-13 15:16 - 2020-07-13 15:16 - 000101376 _____ () [File not signed] D:\program files x86\Corsair\Corsair Icue software\zlib.dll
2020-06-11 06:44 - 2020-06-11 06:44 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2020-06-11 06:44 - 2020-06-11 06:44 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2015-06-12 12:35 - 2015-06-12 12:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2017-06-09 02:37 - 2017-06-09 02:37 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll
2020-07-11 18:35 - 2020-07-11 18:39 - 001774080 _____ (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3259.0_x64__rh07ty8m5nkag\KillerControlCenter_v2\System.Data.SQLite.dll
2020-06-02 09:51 - 2020-06-02 09:51 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] D:\program files x86\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-06-09 16:15 - 2020-06-09 16:15 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] D:\program files x86\Corsair\Corsair Icue software\libcrypto-1_1.dll
2020-06-09 16:15 - 2020-06-09 16:15 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] D:\program files x86\Corsair\Corsair Icue software\libssl-1_1.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\raich\Downloads\GoogleEarthProSetup.exe:SmartScreen [7]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2185637009-271594393-402355952-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-19 07:03 - 2017-03-19 07:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2185637009-271594393-402355952-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\raich\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "VodafoneMobileWiFi"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-2185637009-271594393-402355952-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{96E3F9CA-82DB-4D30-985E-D9268B96B826}] => (Allow) D:\program files x86\Steam\steamapps\common\Jotun\Jotun.exe () [File not signed]
FirewallRules: [{E321140C-C22F-4582-A42C-36352C35A9DF}] => (Allow) D:\program files x86\Steam\steamapps\common\Jotun\Jotun.exe () [File not signed]
FirewallRules: [{B9CBEC40-3F45-4C06-A0C3-802DE037EA0E}] => (Allow) D:\program files x86\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe () [File not signed]
FirewallRules: [{55FDD8D2-7DA9-4633-95D2-DDADF15D67A2}] => (Allow) D:\program files x86\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe () [File not signed]
FirewallRules: [{C473BDF1-C513-4B94-88C8-9755CA08F537}] => (Allow) D:\program files x86\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{15AD920C-D95B-431A-8D94-DB44F2EE1A2D}] => (Allow) D:\program files x86\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{CB7A0212-EE29-4784-B5C0-4F4E3A92AE10}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [{1440B11C-FE2E-47E7-9E24-A624D267CAAD}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{C7A29CF5-4A11-4246-BD32-918DC577C7B7}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{FA49C7C3-CC5E-413F-A27F-A14B857B1EA8}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [{10CE0DC2-98BD-4772-AA31-3FB4AEAB965D}] => (Allow) D:\program files x86\Steam\steamapps\common\MixedRealityVRDriver\bin\win64\Launch.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6CDC6B4-BC10-470A-A84D-8AA0CF57A1CA}] => (Allow) D:\program files x86\Steam\steamapps\common\MixedRealityVRDriver\bin\win64\Launch.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B821FF6-AAF0-4CD7-88B9-A64DA11A375E}] => (Allow) D:\program files x86\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{4EBCDD03-4C81-47CF-9423-5524C1DB8A08}] => (Allow) D:\program files x86\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{2BC52C84-D0C5-4C8F-9B4B-8AC22A10CEBB}] => (Allow) D:\program files x86\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{9B07D38D-AB83-4058-BDE7-A9C88ABBEB74}] => (Allow) D:\program files x86\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{4CC12A81-1EB6-4D01-9145-A24775973A7C}] => (Allow) D:\program files x86\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{21D35F0B-CD80-482B-8408-792596E52C56}] => (Allow) D:\program files x86\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8A2268BC-9B00-4B68-853B-3039CED10B60}] => (Allow) D:\program files x86\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DEE24979-9192-47DE-9E60-E52AE6959ADB}] => (Allow) D:\program files x86\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{DB9ECF14-6BF2-4701-B6F1-9F36CC26EA21}C:\users\raich\downloads\downloader_diablo2_lord_of_destruction_engb.exe] => (Allow) C:\users\raich\downloads\downloader_diablo2_lord_of_destruction_engb.exe => No File
FirewallRules: [TCP Query User{E7F43F5C-F403-4C41-9031-AC632C0276E9}C:\users\raich\downloads\downloader_diablo2_lord_of_destruction_engb.exe] => (Allow) C:\users\raich\downloads\downloader_diablo2_lord_of_destruction_engb.exe => No File
FirewallRules: [UDP Query User{5B7517FE-0C6E-42E5-B90D-FABA84B292FE}C:\users\raich\downloads\downloader_diablo2_engb.exe] => (Allow) C:\users\raich\downloads\downloader_diablo2_engb.exe => No File
FirewallRules: [TCP Query User{403CDCEC-75A0-4BD3-8064-75198850AF70}C:\users\raich\downloads\downloader_diablo2_engb.exe] => (Allow) C:\users\raich\downloads\downloader_diablo2_engb.exe => No File
FirewallRules: [{FF441FFA-7F14-442F-B8F9-C020860E5667}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jotun\Jotun.exe => No File
FirewallRules: [{4A96DB16-040F-4ADB-9106-0F315E7424BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jotun\Jotun.exe => No File
FirewallRules: [UDP Query User{34175D92-1DAE-47DA-91AD-B62B54D497DD}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{2055A48A-AFE7-4117-B0B3-E5AF2A03CA90}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{0BEA73AE-2258-4DAD-8BA2-BE2EDBA6DF8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe => No File
FirewallRules: [{D46A4E73-5675-4345-B185-2C930D33A155}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe => No File
FirewallRules: [{E5C660C4-CEAD-42AC-B917-5E3EDAA9892B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe => No File
FirewallRules: [{D1FDF2BB-8FFB-400D-9B93-66C8967E0605}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe => No File
FirewallRules: [{8C18C6C6-D9F3-4B0C-8BBD-A7F3901961FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MixedRealityVRDriver\bin\win64\Launch.exe => No File
FirewallRules: [{A2FD3707-9D7F-414D-95AE-58C14AD8400E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MixedRealityVRDriver\bin\win64\Launch.exe => No File
FirewallRules: [{8D586DA6-4A04-4F69-B1D2-890085C567E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe => No File
FirewallRules: [{C92ECEF3-86E0-4505-9E42-8BEEB7C3FF7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe => No File
FirewallRules: [{ADEE90CF-5409-4C9B-BE55-30EA71CA85A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe => No File
FirewallRules: [{92F6A654-D924-4144-A6DA-813CAB693DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe => No File
FirewallRules: [{7B87B4CF-2106-411F-83A7-D0BB07947588}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D1C2A5AC-47E3-469C-855F-800E4F2656A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7C708092-4F9C-445B-A679-A7D4F78ED003}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{D661FE5C-C3E3-474F-8CFA-D481F4F5D1B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C36AC652-C81F-4395-BA7F-2BCD9D754C5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DA3D785F-0CD3-45A5-97E0-3BAB80FFB046}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{8B5F27A0-B7AE-483F-A4ED-7F9E514021DD}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{0E2B46D1-87DA-4365-9568-4AC55FE90668}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{E48876F1-79B0-409A-957C-ABA1E68E2307}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{3B47059D-A822-4197-9A0B-0E32640A3ED1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{1F43CC86-9C82-4E2B-99A1-E2D447A52B66}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{0BCE6FAE-C5CE-4512-B6DA-4F755CEA60A1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{48DDD0E4-C8D8-4A14-9573-2365380EBAD8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{C3204B11-C664-44D8-BD96-CA15C600BF5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [{34A91CA1-F1F9-4C4E-A2D3-A9800F439A07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [{43FD2903-FDBC-49E1-B5E9-2C1FFEAF41E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{44063EE9-4A2F-40F6-8966-622B8F259949}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{CDB0229A-1A84-45E6-9D75-DC11B5549B88}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0CC92716-B503-491A-A8FB-02F5654D2683}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6BBFCD07-B34F-4AC1-A3DB-15010B59FD0C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{3F84707D-C50A-4FFA-BA21-5189475051CC}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{2424B33C-0CCF-4D01-BF58-12E2A16E4894}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{8A1126EE-003C-4A1A-AF6F-6720C6902F98}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{8F324006-7EC8-4F97-A053-820604535364}] => (Allow) D:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{4EF2DEF0-B046-464E-89E0-B419C194B826}] => (Allow) D:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{0EB804CA-E3E4-45CD-8E37-38F91C0135E4}] => (Allow) D:\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{6A11FAB6-D34D-4D17-B939-60B909ADB5E3}] => (Allow) D:\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B9C97626-8A7B-4308-9FEC-60A275946116}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Cthulhu\CallOfCthulhu.exe (Focus Home Interactive -> )
FirewallRules: [{3FF5AFAD-8F39-471D-95DA-EE969115BC64}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Cthulhu\CallOfCthulhu.exe (Focus Home Interactive -> )
FirewallRules: [TCP Query User{87714B31-116D-4052-AA34-FDBA7B2DDFE7}D:\steamlibrary\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe] => (Allow) D:\steamlibrary\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe (Focus Home Interactive) [File not signed]
FirewallRules: [UDP Query User{67CDE7CF-C9E3-4F0A-82E5-66EA6CE4C9BD}D:\steamlibrary\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe] => (Allow) D:\steamlibrary\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe (Focus Home Interactive) [File not signed]
FirewallRules: [{C8F81CA6-0BCC-4153-9FE5-D9F661409351}] => (Allow) D:\SteamLibrary\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe (Obsidian Entertainment) [File not signed]
FirewallRules: [{5C49154C-5DAE-43A2-85F7-3877D8787696}] => (Allow) D:\SteamLibrary\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe (Obsidian Entertainment) [File not signed]
FirewallRules: [{806CBFAD-230F-490F-9836-AC4352D9656D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9DFD90A0-5E53-47B2-942D-BB3EF15D3272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DBF5D524-772C-4998-BA18-57F106B1B43B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{530EDB12-7847-48DA-9733-57EE2A787C1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{60887412-0A0A-4B2C-8503-D9FFC2A4392D}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Cthulhu\CallOfCthulhu.exe (Focus Home Interactive -> )
FirewallRules: [{A237CEC7-8CD7-4267-B33C-5E49C4DFC45C}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Cthulhu\CallOfCthulhu.exe (Focus Home Interactive -> )
FirewallRules: [{1E700662-54CB-4FE0-A807-183480DA5A57}] => (Allow) D:\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{8D6C4867-1452-4191-9C34-524E7AF043D2}] => (Allow) D:\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{F57D9806-3C32-4908-A1E7-D9C234B2F715}] => (Allow) D:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{2339E436-B894-4CE7-B737-059FD34687F6}] => (Allow) D:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{58925D7C-69AD-4C2B-9DD9-6C42992CB888}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [{BD3186E8-A26D-44FD-880D-50F7152F7719}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [{588FF809-6C86-4B86-8FC2-CCA935B9ED8D}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{32E984D3-864C-46E2-9E9E-34729415EF31}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{FC7E714B-751D-4CAF-9481-8683A0999A67}] => (Allow) D:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{D702964B-B678-49C2-90F5-3B7A82B533A5}] => (Allow) D:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{57C6AE33-BE1E-44E6-B95C-86B47B4AC89C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkwood\Darkwood.exe => No File
FirewallRules: [{B5DF0B60-1A96-4618-A42D-74AB5EE90178}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkwood\Darkwood.exe => No File
FirewallRules: [{E0A4DCF9-CC68-466F-BD22-A60ED0841945}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Cthulhu\CallOfCthulhu.exe (Focus Home Interactive -> )
FirewallRules: [{C7557721-E22D-43A8-9A52-C42268D4ECC8}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Cthulhu\CallOfCthulhu.exe (Focus Home Interactive -> )
FirewallRules: [{42143374-9F6D-4A6C-8A92-A3D68B276DFA}] => (Allow) D:\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{3E12BF02-7CA2-420E-ABD3-B7915C9A6A00}] => (Allow) D:\SteamLibrary\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B1A0EB57-8794-4FBC-AC0F-E2E8D2471FB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ziggurat\Ziggurat.exe => No File
FirewallRules: [{E9F8D8C5-41DD-48C2-B39B-6A050DDC406A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ziggurat\Ziggurat.exe => No File
FirewallRules: [{FC769B84-6131-4B35-9FAD-271AB3F23D8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX11.exe => No File
FirewallRules: [{6D8FEA82-DFC0-4DE1-ADAF-3FBD709905BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX11.exe => No File
FirewallRules: [{3011BE14-382E-48CC-BBD6-2F302607BFFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX12.exe => No File
FirewallRules: [{15241D97-6561-4C8C-B71F-DE5E4FE1A778}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX12.exe => No File
FirewallRules: [{A9965FAA-AADA-4474-802C-BC586B6EBEB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [{946EB98A-B2D0-4F79-BBF2-D4979EE44902}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [{EC1CEB80-6A28-4C74-89EA-75FEE7F75E43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{6C285E17-4042-4A71-8F11-E7AD606F6B93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{9354099C-DE11-4C75-94DF-6F0AE43B235E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CAE72F84-4976-4B55-933E-CA25DBD9FC3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0186541A-A580-4C3C-B5A9-5486AA7B36FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B69D4AAB-8BE7-4C14-9269-D77414C7C852}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2D57B9F6-ED4A-45D0-B207-57EBF6C24A4B}] => (Allow) D:\program files x86\Steam\steamapps\common\Last Epoch\Last Epoch.exe () [File not signed]
FirewallRules: [{04DA7D6D-9DE8-49F3-85B2-97D8D2BDD00D}] => (Allow) D:\program files x86\Steam\steamapps\common\Last Epoch\Last Epoch.exe () [File not signed]
FirewallRules: [{D61772A0-3EC5-4F52-A5A0-EBB81FDE1346}] => (Allow) D:\program files x86\Steam\steamapps\common\Ziggurat\Ziggurat.exe () [File not signed]
FirewallRules: [{8CB82B99-DCD9-4B3F-A912-C6C14A114958}] => (Allow) D:\program files x86\Steam\steamapps\common\Ziggurat\Ziggurat.exe () [File not signed]
FirewallRules: [TCP Query User{3BE60EFF-6A1C-4EFC-B845-9CCE348F0FD2}C:\users\raich\appdata\roaming\bittorrent web\btweb.exe] => (Block) C:\users\raich\appdata\roaming\bittorrent web\btweb.exe => No File
FirewallRules: [UDP Query User{5717FCB0-F56B-4D50-B9E1-1A970F285CE0}C:\users\raich\appdata\roaming\bittorrent web\btweb.exe] => (Block) C:\users\raich\appdata\roaming\bittorrent web\btweb.exe => No File
FirewallRules: [{A7301102-E169-4680-B527-4B3F7F893D26}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{7B5B0822-097A-43F8-B906-1A9ED592A215}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B59BAD8D-25AD-4590-8CCD-81B4A2C73C63}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{286E4E36-1AE0-461A-A578-F05C861A43D9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D210A6E2-82A4-4C97-A197-22BB3D06DFD7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{18D5229E-4A45-4871-893A-56FCBE25AD4F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AC72F9F4-DEF6-4964-A636-5A5523CC7AAA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3675258D-5028-4FAC-A60F-D8D6EFF7F3DB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0E6348B9-9B7E-4227-A2B1-80D168F48BDF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4DB88538-D354-4993-B352-B48B3EA97EA1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0071B4FB-97E9-438D-835E-8C599EBBE111}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D12C95D-4DF0-4870-A80C-FA58B24BB49D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F6D0D6E0-FAB9-43FC-916F-B9C3E4389FBF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B550B4F-9C2D-41D7-84CB-8F2662EDBBD3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4C87C80-9A87-437D-80BA-7A31DBBE6BE5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FC549F2C-1DA3-4005-B081-E7DC74660EE7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9C58F28D-87EB-4385-BFE5-AC37F9026F46}] => (Allow) C:\Program Files (x86)\Shairport4w\Shairport4w.exe => No File
FirewallRules: [{8FECDC86-FA81-4B9A-B1CE-D6256BADED26}] => (Allow) C:\Program Files (x86)\Shairport4w\Shairport4w.exe => No File
FirewallRules: [TCP Query User{0DDF06FA-9303-4619-A212-13DECE8F165C}D:\epic games\magicthegathering\mtga.exe] => (Allow) D:\epic games\magicthegathering\mtga.exe () [File not signed]
FirewallRules: [UDP Query User{48D397BD-EDF5-468B-A374-898815E91609}D:\epic games\magicthegathering\mtga.exe] => (Allow) D:\epic games\magicthegathering\mtga.exe () [File not signed]
FirewallRules: [{AD86C583-4242-4A36-8755-CDE370FBE78F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A5935FAB-10ED-463F-BF62-4CCAB9DA3120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{16601E45-A017-4802-83E8-ECA5E525A45E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CE8CBF50-079A-48A1-84FD-3DCEB9FF3370}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0D7CAA14-5A88-486D-9F15-DFDC2FD9C2BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AC5E5113-59C2-482B-B603-D78E72DF3AA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3AF589F2-DEEE-49E4-A4A2-9669DCE63252}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D062386E-70CE-4E73-8D57-7A6A664A9E83}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F1C27A0B-61EE-44DC-92DF-D3126FE698CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

01-09-2020 17:35:57 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/08/2020 08:21:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9192,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/08/2020 08:16:48 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: The Windows Security Center Service was unable to load instances of AntiVirusProduct from datastore.

Error: (09/08/2020 04:50:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14576,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/08/2020 02:52:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19240,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/08/2020 02:42:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16580,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/08/2020 11:52:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6580,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/08/2020 11:20:20 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21528,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/08/2020 11:05:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8560,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (09/08/2020 08:13:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MSI_ActiveX_Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/08/2020 08:13:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Killer Network Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/08/2020 08:13:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 6000 milliseconds: Restart the service.

Error: (09/08/2020 08:13:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/08/2020 08:13:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The xTendUtilityService service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/08/2020 08:13:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 6000 milliseconds: Restart the service.

Error: (09/08/2020 08:13:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The KillerSmartphoneSleepService service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/08/2020 08:13:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The خدمة "التشغيل الفوري" من Microsoft Office service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.


Windows Defender:
===================================
Date: 2020-09-02 03:20:22.467
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.319.1950.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17200.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

Date: 2020-09-02 03:20:22.466
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.319.1950.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17200.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

Date: 2020-09-02 03:20:22.466
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.319.1950.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17200.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

Date: 2020-09-02 03:20:22.445
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.319.1950.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17200.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

Date: 2020-09-02 03:20:22.444
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.319.1950.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17200.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 

CodeIntegrity:
===================================

Date: 2020-09-08 20:24:55.646
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-08 20:24:55.643
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-08 20:24:54.934
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-08 20:24:54.932
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-08 20:24:54.800
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-08 20:24:54.798
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-08 20:24:54.633
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-08 20:24:54.629
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. E16P1IMS.10A 03/13/2018
Motherboard: Micro-Star International Co., Ltd. MS-16P1
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 36%
Total physical RAM: 16269.26 MB
Available physical RAM: 10399.73 MB
Total Virtual: 27198.26 MB
Available Virtual: 19162.55 MB

==================== Drives ================================

Drive 😄 (Windows) (Fixed) (Total:237.18 GB) (Free:64.23 GB) NTFS
Drive d: (Data) (Fixed) (Total:909.07 GB) (Free:407.99 GB) NTFS

\\?\Volume{aae0bedc-77a4-43ad-9b00-3e3b7fdd5bf3}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.4 GB) NTFS
\\?\Volume{344202ec-b221-4b9f-a71c-5ab91340e927}\ (BIOS_RVY) (Fixed) (Total:22.44 GB) (Free:0.68 GB) NTFS
\\?\Volume{f0144732-230d-4756-b644-a49e0ebd57bf}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 1620E41B)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1620E4D5)

Partition: GPT.

==================== End of Addition.txt =======================

Link to post
Share on other sites

Hello creedular,

FRST logs look ok, nothing sinister.. One more scan please just to be sure:

Download Kaspersky Virus Removal Tool (KVRT) from here: https://www.kaspersky.com/downloads/thank-you/free-virus-removal-tool and save to your Desktop.

Select the Windows Key and R Key together, the "Run" box should open.

user posted image

Drag and Drop KVRT.exe into the Run Box.

user posted image

C:\Users\{your user name}\DESKTOP\KVRT.exe will now show in the run box.

user posted image

add -dontcryptsupportinfo Note the space between KVRT.exe and -dontcryptsupportinfo

C:\Users\{your user name}\DESKTOP\KVRT.exe -dontcryptsupportinfo should now show in the Run box.

user posted image

That addendum to the run command is very important, when the scan does eventually complete the resultant report is normally encrypted, with the extra command it is saved as a readable file.

Reports are saved here C:\KVRT_data\Reports and look similar to this report_20200727_103821.klr Right click direct onto that report, select > open with > Notepad. Save that file and attach to your reply.

To start the scan select OK in the "Run" box.

user posted image

The Windows Protected your PC window will open, select "More Info"

user posted image

A new Window will open, select "Run anyway"

user posted image

A EULA window will open, tick both confirmation boxes then select "Accept"

user posted image

In the new window select "Change Parameters"

user posted image

In the new window ensure all selection boxes are ticked, then select "OK" The scan should now start...

user posted image

When complete if entries are found there will be options, if "Cure" is offered leave as is. For any other options change to "Delete" then select "Continue"

user posted image

When complete, or if nothing was found select "Close"

user posted image

Attach the report information as previously instructed....
 
Thank you,
 
Kevin..
Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.