Proxy script address “http://127.0.0.1:86/” is on and can’t access google sites – Virus, Trojan, Spyware, and Malware Removal Help – BleepingComputer

meta image ProxyEgg Proxy script address "http://127.0.0.1:86/" is on and can't access google sites - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Hi! I am new to this forum and I hope that my problem would be fix.

This week, I notice that everytime I try to access google.com, it only shows “Your connection is not private” with error message NET::ERR_CERT_AUTHORITY_INVALID or sometimes NET::ERR_CERT_COMMON_NAME_INVALID and when I try to search for a fix like adjusting date and time, nothing works. Even in other browsers and incognito mode, I can access other sites except googe related sites. When I click on the certificates, it shows invalid certificate with DigiCert Global Root G1A and I found an article stating that their proxy settings have been changed same with mine. I tried to turn it off but it will turn back on whenever I go to different setting. Restarting my laptop also didn’t help. It’s been like this for the last few days. I don’t know if it is related but there is an Install Shield update pop up on my laptop and I installed it since I thought that it is normal and later on that day, I restarted my laptop due to some Windows update. That time, I started to notice the problem and by the way, after the restart, my keyboard stopped working if I try to input into the Cortana search bar but normally works on Office Word so I added CTF Loader on the startup. Below is the result of FRST.
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by Junel D. Alviola (administrator) on MSI (Micro-Star International Co., Ltd. GF75 Thin 9SC) (25-09-2021 18:00:49)
Running from C:\Users\Junel D. Alviola\Desktop
Loaded Profiles: Junel D. Alviola
Platform: Windows 10 Home Single Language Version 20H2 19042.1237 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Wondershare\drfone\Addins\Repair\ElevationService.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Autodesk) [File not signed] C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(A-Volute SAS -> A-Volute) C:\Users\Junel D. Alviola\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(Bentley Systems Inc.) [File not signed] C:\Program Files (x86)\Bentley\Engineering\SPC Server v8i SS4\Bentley.Structural.PropertyCatalog.Server.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9b67516eb3c8ed0a\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9b67516eb3c8ed0a\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_11001eacf352e253\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_11001eacf352e253\IntelCpHeciSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Trust Services -> Intel® Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
(KMSpico ByELDI LTD -> @ByELDI) C:\Program Files\KMSpico\KMSUPD.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Junel D. Alviola\AppData\Local\Microsoft\OneDrive\21.170.0822.0002\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Junel D. Alviola\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Sendevsvc\Sendevsvc.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\MSIAPService.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_84aacc51d349bef7\Display.NvContainer\NVDisplay.Container.exe <2>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.180.0.5\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.180.0.5\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe <4>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(QUAD CODE SOFTWARE LTD -> ) C:\Program Files (x86)\IQ Option\IQOptionUpdater.exe
(QUAD CODE SOFTWARE LTD -> ) C:\Program Files (x86)\IQ Option\iqtray.exe
(Realtek Semiconductor Corp) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj\RtkUWP.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12da6ad5ef67a6ed\RtkAudUService64.exe <2>
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe
(Smadsoft) [File not signed] C:\Program Files (x86)\SMADAV\SMΔRTP.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Addins\Repair\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\…\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12da6ad5ef67a6ed\RtkAudUService64.exe [1262168 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\…\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [219136 2020-01-09] (Autodesk) [File not signed]
HKLM\…\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-08-31] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\…\Run: [Autodesk Sync] => [X]
HKLM\…\Run: [ctfmon] => C:\Windows\System32\ctfmon.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\…\Run: [SMΔRT-Protection] => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1931608 2021-01-16] (Smadsoft) [File not signed]
HKLM-x32\…\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-04-06] (Adobe Inc. -> )
HKLM-x32\…\Run: [] => [X]
HKLM-x32\…\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\Run: [com.squirrel.Teams.Teams] => C:\Users\Junel D. Alviola\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-03-24] (Valve -> Valve Corporation)
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\Run: [Facebook.MessengerDesktop] => C:\Users\Junel D. Alviola\AppData\Local\Programs\Messenger\Messenger.exe [110793432 2021-02-17] (Facebook, Inc. -> Facebook, Inc.)
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-09-09] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\Run: [MicrosoftEdgeAutoLaunch_82F2D5BB9D592EE1E254B79EDA4F7CC3] => “C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe” –no-startup-window –win-session-start /prefetch:5
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\Policies\Explorer: [DisallowRun] 0
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\Policies\Explorer: [] 
HKLM\…\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [51032 2008-04-07] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\…\Print\Monitors\HP DF11 Status Monitor: C:\Windows\system32\hpinkstsDF11LM.dll [393352 2017-04-14] (Hewlett Packard -> HP Inc.)
HKLM\…\Print\Monitors\novaPDF   6 Monitor: C:\Windows\system32\novamnk6.dll [26824 2009-09-24] (Softland -> Softland)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.61\Installer\chrmstp.exe [2021-09-25] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> “C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.54\Installer\chrmstp.exe” –configure-user-settings –verbose-logging –system-level –channel=stable
Startup: C:\Users\Junel D. Alviola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IQTray.lnk [2020-12-09]
ShortcutTarget: IQTray.lnk -> C:\Program Files (x86)\IQ Option\iqtray.exe (QUAD CODE SOFTWARE LTD -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {007645f9-8839-4810-b8b4-a5aa39ec264f} – no filepath
Task: {00b31d2f-cad0-41ca-a889-f3547a0b1dda} – no filepath
Task: {00c12a43-d7ab-41db-ad6b-c010cf488f9d} – no filepath
Task: {00d09d01-4d4c-42ef-a8f5-df5ec9438207} – no filepath
Task: {01358a79-051f-4e19-9e19-6f925ae37ee6} – no filepath
Task: {0140062e-e16e-44e9-a62b-3e38f20245fb} – no filepath
Task: {01df4632-3d46-4cdb-8e40-4465f2b6609f} – no filepath
Task: {02b8913a-2a97-4e98-a2b2-ddf8936ddf5e} – no filepath
Task: {02bbb931-9b85-4c68-83b2-1e5a6f709091} – no filepath
Task: {034be469-bd17-4b6e-982c-0ce6b46aa2ef} – no filepath
Task: {03de29bd-1d9a-4894-8412-9298d07f9915} – no filepath
Task: {0448d0fd-b80d-4d23-8fa6-530caca254a3} – no filepath
Task: {0482db6e-7a82-4c56-bd9b-0ae04780574f} – no filepath
Task: {04a071eb-6bf7-4858-b23b-7800e3910f27} – no filepath
Task: {04dcd185-c5c4-4bcd-95f2-95bff4f6a71a} – no filepath
Task: {051ede73-f96b-41af-9e37-5a66b3ccdf4e} – no filepath
Task: {052710a4-8c1c-46d5-9711-2d6d39786405} – no filepath
Task: {052a3444-c11c-4472-b954-810f93f04c67} – no filepath
Task: {05362206-8607-4eb6-87fa-91d862956e31} – no filepath
Task: {05524486-d98d-4a67-9d1a-9125494f47c1} – no filepath
Task: {057a4ea6-16cb-46c6-a0c5-f17b747e415a} – no filepath
Task: {059e64fa-eab8-4d9e-a231-bccb81cc1d36} – no filepath
Task: {064c25ef-d986-455d-976c-13d5e97b5d8c} – no filepath
Task: {066a9fb5-6be6-4e7d-9360-4898c294203f} – no filepath
Task: {06fd1320-8a31-41bd-85e1-49257545c30c} – no filepath
Task: {0718a126-d3b1-48e1-a47f-598f1a6624a1} – no filepath
Task: {073d4a05-322f-4278-b98f-a2ebedf119e7} – no filepath
Task: {07638d76-09fc-4c3d-9bb9-5c2730dc08df} – no filepath
Task: {07967e73-0386-4e30-a698-4f41b1a9bc68} – no filepath
Task: {07fce72e-e7c2-486c-aee7-b301bb3cc9d4} – no filepath
Task: {081d91ad-2d82-49d0-9f55-da50265890c0} – no filepath
Task: {088a3261-9aef-4806-bb25-5a946168516c} – no filepath
Task: {09199b17-327a-4491-819d-547d9bee51fb} – no filepath
Task: {099fefe6-b050-4f83-9f66-f33d56496c72} – no filepath
Task: {09b068d3-1b4b-4652-9426-daf3e5e8def4} – no filepath
Task: {0a875f36-c806-4db4-a091-4cbf68a0e809} – no filepath
Task: {0a87eed0-f5ed-431d-862b-524191fc70b7} – no filepath
Task: {0a93c7bd-9fa3-41d8-b2b7-bfa9eb5a1fbe} – no filepath
Task: {0b7cb906-9c18-43da-81a9-1dfa32cbdad0} – no filepath
Task: {0baf8420-afd6-4ab6-b00d-7966470e4df7} – no filepath
Task: {0c35528d-01e5-4fc4-89d8-64656e2fe468} – no filepath
Task: {0c8f50fe-9fd7-49b4-9250-c8fc83cc1df7} – no filepath
Task: {0cfaf4eb-2a2e-45b9-adc2-3228d0855f23} – no filepath
Task: {0d916bb4-043d-4385-927b-05b0dc131511} – no filepath
Task: {0dcabfdd-dd51-4740-b979-3a8ae9455ad7} – no filepath
Task: {0e3d30a0-8601-40ac-bc5b-61d99c1b62f2} – no filepath
Task: {0e6019f0-fc41-4ee0-ac3b-e0698e84f6b3} – no filepath
Task: {0e948e58-3454-4fb8-aa96-087f291df19c} – no filepath
Task: {0f1206f2-3e72-4c0f-ac3a-28f7b4fc6cef} – no filepath
Task: {0f1923dd-336f-47f3-b777-fd898d4bcb3f} – no filepath
Task: {0f26dec6-647f-4b49-9a9f-710c94465dbe} – no filepath
Task: {0f52fb0c-d42c-4d97-b5e5-c3cb49fd9f14} – no filepath
Task: {0fcd5e78-6344-49c3-bfe1-052311dfafae} – no filepath
Task: {0fd67a23-0c67-4d53-a989-75c9b8e9ac05} – no filepath
Task: {0fe058eb-48ee-422f-910e-5a6b1a280664} – no filepath
Task: {0fec714d-7c9b-434a-8a0e-1e2ad68a5aab} – no filepath
Task: {101533ae-6cf2-4f6f-8c67-285e60cfc3b7} – no filepath
Task: {103b584c-e7dc-4646-ba4b-1e592038f282} – no filepath
Task: {10c6765e-791b-4a0c-ac00-02c680748f51} – no filepath
Task: {116bf5aa-13d2-4ddb-9433-9d85c28511e2} – no filepath
Task: {11a42980-6888-4af0-98d8-5f4cc64f1878} – no filepath
Task: {121c66bc-baa3-4844-b853-da006b7ae077} – no filepath
Task: {12275b46-3a66-4a10-b9c9-87bead28ee06} – no filepath
Task: {128da7b7-ea69-41c5-bd9f-75f22b4351b5} – no filepath
Task: {131d817d-a9ae-40fb-a5a3-0ec49539143e} – no filepath
Task: {13f6eaef-d02a-403d-8dd0-6124d1f77ae8} – no filepath
Task: {147c781c-ac50-4f46-ac00-449eeb311fe9} – no filepath
Task: {14a53cf7-8f1d-4bfa-b08e-32db1166761f} – no filepath
Task: {14d2f00b-8ad1-4653-a157-03fef4b0450c} – no filepath
Task: {1633d698-4e90-48c3-aa3f-b0cec1ed1a9a} – no filepath
Task: {173aecc4-fcd8-4182-8bb6-5a931100d359} – no filepath
Task: {17d81bb8-4bb9-4bdd-91f0-c6d1754fb9d1} – no filepath
Task: {183cb34f-c417-4094-8bf6-08d26e45a2eb} – no filepath
Task: {18eb56be-121d-4321-a635-ac61c83abc32} – no filepath
Task: {18fd3701-d3b7-4e91-b9f4-ae4292529111} – no filepath
Task: {1911223b-de28-4181-bf4d-f3e245e4d4e7} – no filepath
Task: {1939fb49-444b-4506-9e94-295088c79f46} – no filepath
Task: {199179bc-6116-4b1d-949c-6220f16b1dad} – no filepath
Task: {19932653-f35c-4d6e-ab87-058b31b51538} – no filepath
Task: {19f83bc7-a7a8-400b-93fb-aa5bf554854e} – no filepath
Task: {1a140662-985c-4a87-aefb-1164b04e75e9} – no filepath
Task: {1a37f4ea-9235-4bce-b9e3-49b019bc0261} – no filepath
Task: {1ac45060-623a-4921-8f94-b47693b4ea92} – no filepath
Task: {1bdc5438-0227-4f1c-9a92-99ec9f8f3482} – no filepath
Task: {1c5ca45a-bbac-40a5-a413-7cffa626ff70} – no filepath
Task: {1c8f5021-112b-42e0-9419-c471f77cd313} – no filepath
Task: {1d3e449d-065d-467a-9505-0373179543e7} – no filepath
Task: {1d55b6eb-24ce-4190-87b8-421d0397474d} – no filepath
Task: {1dfc9cc9-8778-4adf-abc3-b1ad63ba02c3} – no filepath
Task: {1dfd76ba-c3af-4072-b930-26c18dc7ee47} – no filepath
Task: {1eb74c25-01fe-41eb-bd76-b5b3ab3d8cfa} – no filepath
Task: {1ebfb38d-4170-4ce3-a811-8b3cf6b77da2} – no filepath
Task: {1ef7fcb7-0834-434d-ba1a-ee2eaae550be} – no filepath
Task: {1f000dfe-fec6-4b87-8ad6-3e2af9b3d370} – no filepath
Task: {1f6220a9-c7ef-4544-af95-dbd8017ede65} – no filepath
Task: {201bd6a1-46f4-40fb-bfb5-a73f03f33c2e} – no filepath
Task: {20629d6b-b985-4f57-8a57-63a4c5a4be69} – no filepath
Task: {2069597a-028c-4eda-a478-15127daae485} – no filepath
Task: {2110747e-e651-4274-8c84-0a0ebe783655} – no filepath
Task: {21bf5d0b-825b-49a5-bec7-f5ca87221b48} – no filepath
Task: {21e61baf-515b-4574-a7d6-212e288ae353} – no filepath
Task: {22005475-73dc-4b25-9628-c71d24e9a1e8} – no filepath
Task: {22c5dcb0-e220-4f49-a995-9ac4fe9a4c08} – no filepath
Task: {22CB3C21-02A8-49BE-B128-7BA7BB907300} – System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {22f4a5b8-d80b-4b7d-8ee4-5c62b6099160} – no filepath
Task: {22f70226-b933-40da-9ff3-022d17e8f7da} – no filepath
Task: {23d54ec4-a05c-4baa-8a38-7f4c1afc2ec7} – no filepath
Task: {23d7abd7-7dd9-4203-b64f-17efbbbf18f2} – no filepath
Task: {23e0ea08-9f2e-4de9-ac3e-f71a1926d61c} – no filepath
Task: {242b6aed-cc17-48a1-abea-6f704915f701} – no filepath
Task: {2449cf70-af1b-4169-a1e0-b091794d2dbf} – no filepath
Task: {247838c3-3cb4-4ba5-b4d7-2c483d5a1ee9} – no filepath
Task: {24c0c0e8-d52a-47ca-b38a-549f96af5ba6} – no filepath
Task: {255fb5a7-373f-41eb-9122-41663a304705} – no filepath
Task: {25615229-c366-4f50-ab06-0c9bf70da9bc} – no filepath
Task: {25e1f55a-36c1-4e9f-8649-f11d5d2f0d20} – no filepath
Task: {25f0a4af-6e77-4ec2-85b6-65c73513c1a3} – no filepath
Task: {263b8da9-83b6-4b21-89a3-ec83a227cce5} – no filepath
Task: {269403d8-e42f-42ad-8a63-986bbbd5b91f} – no filepath
Task: {26d0dae4-7abd-47b4-a661-a86b889b15d3} – no filepath
Task: {271d3946-8bbe-4f23-a014-cdf6eb03b744} – no filepath
Task: {272e3174-1081-4a96-9e8c-c157a44fdc9d} – no filepath
Task: {27592a0d-20d8-47fa-9679-88f34af5b8e0} – no filepath
Task: {276068b6-281f-4c9b-99a2-ecb8099d04fb} – no filepath
Task: {2784e0e8-41fb-4f3f-bf8d-3fd66403c6cb} – no filepath
Task: {283bdd7f-55bf-4dbc-a01f-787ba7cc5d5c} – no filepath
Task: {289b3735-dcd5-4388-a202-5c3ca717a0b9} – no filepath
Task: {292a9281-c5d4-4df1-8b58-5d1ebe2eaf50} – no filepath
Task: {295b9b4c-64c9-4ef7-b102-3a495b14e5dd} – no filepath
Task: {2970a59f-90be-4973-a2db-07f17cd193a2} – no filepath
Task: {297f2b63-6c9a-46e2-922a-6d48b2a98929} – no filepath
Task: {2993f91c-e451-4874-a044-3e7af92a5c9f} – no filepath
Task: {2A444588-3A1E-445F-BEBA-E4DCC730DCFA} – System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2ab2508d-2dd7-4906-b3ea-8b1cfd30409e} – no filepath
Task: {2abddd8a-4224-440d-be6e-1d4eea107c61} – no filepath
Task: {2ae561b7-8dcf-4deb-bfb6-afce297824d1} – no filepath
Task: {2b09ef97-6151-4aba-a88f-eadea9c82c06} – no filepath
Task: {2b118c72-d93e-40a9-9e95-bece26d4d81b} – no filepath
Task: {2ba91fa3-207d-49a7-8814-c3c15c02bed7} – no filepath
Task: {2c760d3b-9525-4604-9437-2a4aa852a8e6} – no filepath
Task: {2ce80ef6-3edb-489b-815d-8c050aa7cfd2} – no filepath
Task: {2d23ca23-3844-42fc-b9f5-4a29232aed6a} – no filepath
Task: {2d380bb9-6696-4da5-8a2e-9b69734e0fe4} – no filepath
Task: {2d5ba0f3-af47-4a0a-9bed-c2faf5e70a95} – no filepath
Task: {2d6a2541-330a-47d0-a88c-b63ba7f58337} – no filepath
Task: {2d8407d9-e9ec-4197-bae7-b8db3e8036ce} – no filepath
Task: {2dce2f70-bcce-426d-8430-b876327c8d2a} – no filepath
Task: {2f1a9253-8ef8-4282-a53b-7f8d8e1055c8} – no filepath
Task: {2f841e66-cb84-424d-b5ff-67f0977f5799} – no filepath
Task: {2f98703e-6a6d-4993-9495-e9ad6a1f51f0} – no filepath
Task: {2fa7a6ac-1a99-4739-8a8e-26d67d6dce1f} – no filepath
Task: {304824da-cf9f-45ba-82fc-9ca79b4b2abb} – no filepath
Task: {30bc4d69-7959-4a87-8fc5-83e006072f59} – no filepath
Task: {30d927be-3354-4edb-826b-ac391092477d} – no filepath
Task: {30e52506-989a-4ad3-aff1-51c973339d4e} – no filepath
Task: {30fd4c38-e6e0-4fa9-9f3c-8b5667d5d84d} – no filepath
Task: {31075a9f-3ac4-4515-9dc1-7094a4e8739b} – no filepath
Task: {31a4d958-6fba-4c68-b1a9-89b71533a136} – no filepath
Task: {322bb5a3-7c28-49d0-bc04-25b0213c3087} – no filepath
Task: {329c6cf0-5ea5-42e7-a4df-660fd8bc507e} – no filepath
Task: {34643717-d9bb-462f-82e3-e2cdddb83eca} – no filepath
Task: {34776690-57f5-4d9b-86a9-ee371052840f} – no filepath
Task: {35304e8f-a476-43e1-9bc2-40d82122b8ff} – no filepath
Task: {355431c7-e97a-4e55-8414-8efad7ad262c} – no filepath
Task: {363938ba-f9ee-4dbe-a8cc-56fcec00d67f} – no filepath
Task: {368884a3-d17c-44c8-9180-f5150db2b939} – no filepath
Task: {36a5971c-b10e-4ab7-b1bf-cb94f758c91e} – no filepath
Task: {36c23e08-cf2a-430c-ae2e-5b26bb7e1ab6} – no filepath
Task: {37a9ae25-c073-4a37-8b05-afa79281f226} – no filepath
Task: {37cb946e-3df7-49b2-9186-0ade0f571bed} – no filepath
Task: {37de240e-8c43-4b19-a266-5738442debf4} – no filepath
Task: {37e5a0c8-f1c4-4920-953e-36d47d662a12} – no filepath
Task: {380d77f2-6e72-4b43-8d23-66cb4c31c93c} – no filepath
Task: {389f4dac-56c5-457a-998d-6682202bdd9e} – no filepath
Task: {38d75c64-6649-4612-8390-dfca6b3a23a3} – no filepath
Task: {393ee40e-053f-4122-9e6f-5fc73a2357b3} – no filepath
Task: {3a0f4913-02e9-41c7-ab05-5841d92a699e} – no filepath
Task: {3a22cf4d-f7c0-465c-8918-1d4093dd69f4} – no filepath
Task: {3aab8c57-4e74-473e-831f-8a5c8925f070} – no filepath
Task: {3aad4c77-e3d0-4755-9415-fb6e70b03a8e} – no filepath
Task: {3ab5ac28-83ec-4498-a9ba-16e754ecbefa} – no filepath
Task: {3accc4e7-0c9b-44eb-8919-21365ab58561} – no filepath
Task: {3ad2f50c-2a4f-49e8-9a1a-619bad1545ff} – no filepath
Task: {3aff2a06-4e3c-4ff6-bc9e-bbd310f64401} – no filepath
Task: {3b30a386-d0fb-42c2-b6a4-8b8befb86217} – no filepath
Task: {3b478523-dbce-4af9-9743-df6b201d16ad} – no filepath
Task: {3b8950a2-4df7-4449-b9a0-c50aa8bbd3d6} – no filepath
Task: {3b8a64a6-4b01-40c9-bbf0-d58f702c5cb1} – no filepath
Task: {3bd2c435-2d93-4de0-96fb-cfbed35122ac} – no filepath
Task: {3be4cd0f-07a2-45c4-b93f-3e5171236a12} – no filepath
Task: {3c47581a-4729-455c-a3cb-61f81dfd422e} – no filepath
Task: {3d6c371d-5b8d-4592-80c0-dc9cbf972a9b} – no filepath
Task: {3d833c12-fbec-4cfc-ace2-8e5e9a1bb126} – no filepath
Task: {3d886d07-5b36-49ff-b883-0c4a65822529} – no filepath
Task: {3d8f083b-334e-4c52-8aef-f0063a9f2032} – no filepath
Task: {3DD3A58C-1268-496F-9595-3AC5C8D7BDDC} – System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053768 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {3e485da4-5265-44b6-8098-10da7fa76bb3} – no filepath
Task: {3ecd56aa-0862-46d1-8c61-1554fe559876} – no filepath
Task: {3f0c25a1-8cb8-4a47-a115-1109824cbbc7} – no filepath
Task: {3f3e9f98-93c7-4823-b1b3-4be5fa7933e9} – no filepath
Task: {3f6a3ded-d497-4388-8698-53d69ea8df9a} – no filepath
Task: {3f741c2d-339c-4fec-a7ec-e36d3294e4b5} – no filepath
Task: {3f99974d-9fb5-476b-927f-b436da71e43f} – no filepath
Task: {3fd4be8f-502b-40b0-b042-b76e5a07c40a} – no filepath
Task: {402c9c83-3ff5-4115-a026-4b1f6a8b9a3a} – no filepath
Task: {406e4452-5d04-4b0d-9a80-df85f65b93b4} – no filepath
Task: {412c97e3-43c2-4e2a-89de-2d8f9882b278} – no filepath
Task: {412fc078-ae0e-4f05-94a2-3150335e26e9} – no filepath
Task: {418b3f5f-9da5-4c6f-affe-180eab0a34b4} – no filepath
Task: {41a8657b-820e-4ee0-b53c-b03549ebcae7} – no filepath
Task: {420621df-25c2-486b-8bef-6dafc095853c} – no filepath
Task: {428182a8-0dae-418f-8290-df89b0aa4562} – no filepath
Task: {428c5ce7-3575-468b-b32d-f7ba0925b5ba} – no filepath
Task: {431d2d20-5b87-4cd5-9afb-2d274d48faa5} – no filepath
Task: {433e755a-19af-4b03-a0b7-0201f00fc4fb} – no filepath
Task: {439d4fe6-a97c-4c84-a981-f8ff2d60e683} – no filepath
Task: {4404955e-c8bb-40d7-82c8-bb971048c481} – no filepath
Task: {44e68db7-6bd3-4a77-b091-2944cfae81b5} – no filepath
Task: {45589578-9c01-49ab-8754-00ccfc5ba3dc} – no filepath
Task: {458eddfc-0dd6-435e-b997-48d0049df0ae} – no filepath
Task: {4594c00b-b154-43ec-9bff-6fc72e506f4f} – no filepath
Task: {45ac5ed0-2a20-4bf6-8d46-a5ae5b8cafb9} – no filepath
Task: {45eb1af1-6b7c-4b09-abf4-9e85f03ee4b7} – no filepath
Task: {46189176-a3a3-41e1-a3b3-6f80f254352f} – no filepath
Task: {47190CEA-9BFE-44F3-B879-81936463E2DB} – System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {47b45c68-14a1-4b2d-8950-de8f3f2d922f} – no filepath
Task: {4837e4be-c35a-4f32-ab2d-ae888c6dc264} – no filepath
Task: {486025ee-b788-4b5a-ac04-018b53bb06e6} – no filepath
Task: {488e48ff-de27-4423-83c1-979715823a6a} – no filepath
Task: {48d13222-f019-4629-8643-6a7da138f62f} – no filepath
Task: {48dfa3b1-8535-4605-9426-488aa95e85c4} – no filepath
Task: {492adf40-44b7-468a-88d8-8402dee33a7b} – no filepath
Task: {4a3df85c-a475-454c-b565-802a3448fe73} – no filepath
Task: {4a44504b-12b4-4b4c-ac87-bab832c8d501} – no filepath
Task: {4a64c630-6c3b-402a-8733-464e34d27bd2} – no filepath
Task: {4a6de796-189d-4a63-82c4-1a54efd0d075} – no filepath
Task: {4adc6669-dfbe-49d3-8e64-db7bd64f5759} – no filepath
Task: {4b4ece88-c832-4f64-9564-ab8bb5414ae4} – no filepath
Task: {4b663651-d45f-49a9-8348-ed1240017d70} – no filepath
Task: {4C16ABF6-A53B-4A07-8ACE-C24E9F9C18B1} – System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {4c608534-e1e3-4271-883b-700b8bfa1e4c} – no filepath
Task: {4c737ff2-7ffd-4a8b-8aa2-0242223b57e1} – no filepath
Task: {4cb1e94c-2061-4a4a-a8ea-432d1f3b3fd4} – no filepath
Task: {4cf89039-6f7e-45fb-a4c3-090320c78449} – no filepath
Task: {4d3506ba-58c9-4869-a7d4-0457752f7abf} – no filepath
Task: {4d388734-6965-41d3-ab36-fde3b76c12b2} – no filepath
Task: {4d3d7ccd-d45c-41c0-af1c-25ecab35b4e1} – no filepath
Task: {4dcc8809-324a-492a-b016-6ba83f67900f} – no filepath
Task: {4e1d60d9-e45f-4116-adc4-5522e2c2d3d6} – no filepath
Task: {4e4197f5-ea51-4d9b-bd54-ba870e4b4b82} – no filepath
Task: {4ecb4e32-bdf5-49f7-a301-47c960e4d5c9} – no filepath
Task: {4f3b8267-b90f-4b7f-91c1-ae111cd3cc29} – no filepath
Task: {4f4cd48d-5e3b-49ee-9baf-1b850e4cb739} – no filepath
Task: {4F99901B-6305-4908-82A3-C2AD961D98BF} – System32\Tasks\KMSpico Automatic Update Scheduler => C:\Program Files\KMSpico\KMSUPD.exe [89272 2021-02-11] (KMSpico ByELDI LTD -> @ByELDI)
Task: {4fc5521d-0b1f-442e-8061-82745d47b709} – no filepath
Task: {50024722-ddcb-492d-8055-927961378c59} – no filepath
Task: {5013e103-2a70-45f4-8bb5-a38763d5778d} – no filepath
Task: {50252307-ab22-47ec-99db-5830d1d4fb60} – no filepath
Task: {505312ca-a2a8-466a-81fe-cf95ffca6b47} – no filepath
Task: {50c86a5b-090d-47a5-afa3-8a147eec9b76} – no filepath
Task: {51cba998-89bf-441d-94c7-910635007a10} – no filepath
Task: {52251510-b786-40e7-9def-1536c6d77535} – no filepath
Task: {524c9476-eb8d-40f7-be58-d514979d6a33} – no filepath
Task: {527becba-941b-4c74-a0b7-941d2735ef89} – no filepath
Task: {530ed26e-5d35-4427-801d-c10be91a062e} – no filepath
Task: {5312d16d-6d06-42cc-a1c6-79a0e37f8678} – no filepath
Task: {53326a68-8ce0-40ab-9cd2-b24c19c9bc8a} – no filepath
Task: {53cb3744-0ec2-4a79-a195-767f9c7d5761} – no filepath
Task: {545b16b7-ed5f-497d-801b-6978855d0824} – no filepath
Task: {54907ab2-9e8d-449d-abdd-0c012916b826} – no filepath
Task: {54fb7706-868a-4984-ba54-d3f55e37590c} – no filepath
Task: {54fd28a5-cf72-46d4-9938-585d7a7d70c6} – no filepath
Task: {5519df36-b21f-4c2b-a435-cb2039f6e511} – no filepath
Task: {5525e8c2-4076-4aa0-88f7-b870e1949aec} – no filepath
Task: {556414e0-427a-4515-8a8b-718e4e842391} – no filepath
Task: {55ab76ad-8585-4d93-81d5-538dde712cc0} – no filepath
Task: {55d2fa09-519a-4d82-903f-8da6ff560b13} – no filepath
Task: {55e60964-5eb9-4bb6-912f-8dc9c8261af9} – no filepath
Task: {56328ffe-b9ac-490d-a68f-f091c692d912} – no filepath
Task: {56bf71a2-d50e-42b7-9dad-fb7e122a1453} – no filepath
Task: {5742b14e-8865-41eb-9b88-67daf5993d33} – no filepath
Task: {581fb10f-a42a-4a17-abbe-de2af7223b3d} – no filepath
Task: {59156bfb-c113-419e-83f1-f6d35e24f930} – no filepath
Task: {597de201-2baf-4693-bfc1-83bb87ed2bf6} – no filepath
Task: {59dd401b-3d41-4e2e-ade6-637a7bd9d5e8} – no filepath
Task: {59f4f88a-7e0b-4c5d-846e-d719a030c289} – no filepath
Task: {5a06684d-204c-4b7b-ab76-f989b59dbb07} – no filepath
Task: {5a307dd3-a4c6-4bd8-a01e-5cee27d72554} – no filepath
Task: {5b453ea7-f5a7-419e-9f3e-5b268e4f6da9} – no filepath
Task: {5bcdaa4a-97f0-46ad-9411-bb965dd7601b} – no filepath
Task: {5bee1b24-11ec-4367-a0ca-5ce66f26e567} – no filepath
Task: {5c3553ce-956b-4efb-a551-651422d51925} – no filepath
Task: {5ca5112a-3b0c-413e-a72e-3ca21ba6d69e} – no filepath
Task: {5cd1eb4a-a63f-4f34-8b89-4e1bfb1240ce} – no filepath
Task: {5cd81bc8-527c-413e-8ba0-ebfe7d5b6c4c} – no filepath
Task: {5cf4ae7b-4224-4a9b-b330-8d2a00433f96} – no filepath
Task: {5d10a27e-1b7a-413d-a932-77bb9e242d98} – no filepath
Task: {5d83019f-cac7-4eb8-9422-ef9ed95b5977} – no filepath
Task: {5df4fc40-3be1-4fa9-b3f4-013e86515596} – no filepath
Task: {5e900a95-8944-49ca-88bb-5b63fea21f64} – no filepath
Task: {5EA3AD25-50F2-4819-8132-3A36F929FAB4} – System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1931608 2021-01-16] (Smadsoft) [File not signed]
Task: {5ea9ccde-b7b7-48e5-b192-5a130cd4404b} – no filepath
Task: {5f02d209-3c33-470f-b08a-8048716f5878} – no filepath
Task: {5f846b4a-eaa6-4e50-8afe-2204844d49b4} – no filepath
Task: {5fbabf3a-917a-4437-af60-bc06f65114c9} – no filepath
Task: {60249c29-774c-476f-9b55-4ea4e0dacecd} – no filepath
Task: {606c4dda-ebf7-4c5b-933e-9059e25a43ec} – no filepath
Task: {6080e225-0463-43ad-a37a-5bf6d4a93062} – no filepath
Task: {609771b5-7167-4b4c-af81-a8f51d99d266} – no filepath
Task: {6099a297-fbd4-456c-a55b-0a14cb9d4f8d} – no filepath
Task: {60bcbf0d-a260-44f9-809c-f5caaa97de4a} – no filepath
Task: {612aafa3-6f3e-4436-b8c7-35111acede25} – no filepath
Task: {6141dd05-65ce-4875-9835-3d1fdd138f7a} – no filepath
Task: {615d98f4-716f-430e-a0cc-88963189735c} – no filepath
Task: {61acdd93-5fc7-43d8-851c-5e99afe7e1ab} – no filepath
Task: {620c1524-ff2b-4de2-ae30-e7cbe762c58c} – no filepath
Task: {624b35d5-9dd0-4db7-976b-a20c5bb63ea1} – no filepath
Task: {625820b3-6a45-490b-87c8-870fd30c167d} – no filepath
Task: {628855e9-76ae-4fc9-b951-13cdb703212d} – no filepath
Task: {62903682-f141-4099-81ba-49021d1695fd} – no filepath
Task: {63d2fac3-efe5-447d-8010-f07e291cfbc3} – no filepath
Task: {63eca8b3-a6fd-4e09-807b-737fac6ab2cf} – no filepath
Task: {640bafa5-1743-4d31-99e1-78273ad8886a} – no filepath
Task: {6410dbbc-bcf3-4d57-8fcf-96ab51666c5f} – no filepath
Task: {642c755f-5d5a-49da-b7ed-4b72e5deaae0} – no filepath
Task: {64ed48f4-457f-47c6-b98e-80579355a37e} – no filepath
Task: {65851aac-8d77-473c-9091-632f3e47a636} – no filepath
Task: {660c4d28-aaf4-4c92-8fce-43f62c4d2a66} – no filepath
Task: {660c9b1f-68f4-43f4-9067-76990fd2ea9d} – no filepath
Task: {66687581-8434-4750-a0fd-07017dc3f9da} – no filepath
Task: {66903e38-cb8e-479c-8394-e1ce006d8b04} – no filepath
Task: {66a395db-c9ea-4dc4-82bd-7e21203fc171} – no filepath
Task: {672e2d73-41a4-454c-8ce8-5df77c6b13da} – no filepath
Task: {67a3374f-c3c6-47ab-bd31-2a7f3e6350b9} – no filepath
Task: {67cb70a9-4503-4155-9e97-5d8d9ad6117b} – no filepath
Task: {6927f1a9-ee6a-4cd3-9f1f-f584ebdec499} – no filepath
Task: {6933ac32-859f-472a-bf07-c6f517387a5f} – no filepath
Task: {699117e6-fde0-4769-b9f1-ef3b9616d026} – no filepath
Task: {6a67efe5-f989-4555-82d7-6321a02147f2} – no filepath
Task: {6afa86c5-4258-4731-b0aa-09d8befbba82} – no filepath
Task: {6b4fac00-500d-4e29-9c30-2cb399f231e0} – no filepath
Task: {6b5720ed-54b0-43a8-9369-3c37641cbcdc} – no filepath
Task: {6bab59b9-17bd-41ae-b27b-e83526122fe9} – no filepath
Task: {6c14c1bd-00be-429e-b217-c8757b2692ec} – no filepath
Task: {6c600d25-4d04-4e0e-8a55-d34d4aa991f2} – no filepath
Task: {6d098851-bd36-4d8b-83c0-d8121e30ced2} – no filepath
Task: {6d45d6b5-f0c1-4744-9a78-16d525e84b0a} – no filepath
Task: {6d481518-55dc-440f-83b1-89bdb8f61162} – no filepath
Task: {6dd1398b-77ca-4fd0-8a13-c41225ad1730} – no filepath
Task: {6df4484c-72ef-4b3e-9458-54dda27ca9a8} – no filepath
Task: {6e021229-f679-432b-8548-0bc6aba8ceb7} – no filepath
Task: {6eb484d7-ec4d-4098-87d7-71ca09cfbd63} – no filepath
Task: {6eccb3ff-b90d-42ab-b359-27380319ad05} – no filepath
Task: {6EE1B7FE-E024-4AA3-81A1-2ED2DCDFDE82} – System32\Tasks\Optimize Thumbnail Cache => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe [61104 2020-09-26] (Flexera Software LLC -> InstallShield®) [File not signed] <==== ATTENTION
Task: {6effecd9-00b4-4c6b-8edb-369da50178ab} – no filepath
Task: {6f6e33ee-57a3-4f8f-8a4f-79d5d7f86d12} – no filepath
Task: {6fb6d6c8-de6b-4655-af6a-a003fe8e406d} – no filepath
Task: {6fbe34fc-0911-4f55-8b55-5f72329c8b6a} – no filepath
Task: {6ffddd4d-3754-4daf-a314-49726de293aa} – no filepath
Task: {70615fb9-db70-422e-b7b3-584eaf14324b} – no filepath
Task: {7113a2d8-5fb7-49f1-a14b-7bdfb4a7666b} – no filepath
Task: {71691c31-13b3-499f-ae33-bdb43b39202e} – no filepath
Task: {718e0006-41f6-4ea0-9cbc-25251dce2971} – no filepath
Task: {71c211f4-ce6d-4f17-a1c9-6ee76473b95e} – no filepath
Task: {71e99508-c407-4ef8-971f-d49a6eaab3b8} – no filepath
Task: {720e935c-3b52-4450-abff-9b2e11a2d8f1} – no filepath
Task: {72719cbc-6b5a-4c95-b6b2-273981029f09} – no filepath
Task: {72b95f1b-6589-4363-b3c8-0993b5758ca7} – no filepath
Task: {72bd8c13-ad50-4c3b-81ab-e5279df4d30a} – no filepath
Task: {72c6ded3-553e-4da2-abd7-8d5f12250fbf} – no filepath
Task: {72ebfde7-d605-4448-84c6-ef3401c09f4e} – no filepath
Task: {72fcc3b3-34ad-48d0-bc39-4c378c3679a7} – no filepath
Task: {735bf4f5-af4c-4fe5-a50f-28ff9a4958f8} – no filepath
Task: {7386b9cf-e45e-42b9-836e-3b8d17522c78} – no filepath
Task: {73d670e7-1b56-4596-83d9-025ad771f7ab} – no filepath
Task: {73dae143-8e8b-4dfe-ba47-1dea372690e4} – no filepath
Task: {73ff90e3-a55f-4c15-bdf3-33a7ff3509f3} – no filepath
Task: {7438d836-6229-44e3-9f75-7291edea3a16} – no filepath
Task: {74a58ad5-83dc-4d47-9235-f1e44af356de} – no filepath
Task: {74ff08b2-2753-417a-8613-1aeb8ee6b5a8} – no filepath
Task: {7500d7ed-6f9a-4425-aeee-bf09223d6bb7} – no filepath
Task: {75081a3d-9e99-4651-a8e5-83f9413861d6} – no filepath
Task: {754a58b0-c85a-4109-aadb-17f62a211fde} – no filepath
Task: {758d7e6a-9e6a-496b-a7c2-75a071704c27} – no filepath
Task: {75becf93-ae3e-4507-9732-dae3888f93ad} – no filepath
Task: {75e59a0c-7af4-4798-9175-5eacc77fab37} – no filepath
Task: {76142106-ee8c-4ce9-8cb3-e813770b0231} – no filepath
Task: {761b540b-b702-429d-997e-626afa0a383a} – no filepath
Task: {76ed047d-9873-4a6f-8684-cc85941c5f04} – no filepath
Task: {775b66fe-f931-41da-9e25-924473851107} – no filepath
Task: {77809314-406b-4571-bcb1-f13f2866d9e9} – no filepath
Task: {779e9b78-2b52-4d2e-be3a-3df8dadcee60} – no filepath
Task: {77ba1e80-9458-47c9-aa0e-6f12b30414a3} – no filepath
Task: {7860cb6f-3982-4b61-8006-4cc233c0e923} – no filepath
Task: {7874a49f-d07c-4696-b2df-3a7883e4eca3} – no filepath
Task: {789d727f-6b74-4e40-8932-804aa1e614d0} – no filepath
Task: {78d63861-8320-4a0d-9448-e6538ce990ad} – no filepath
Task: {78d7c4d2-4892-4b1a-9f13-40e81aacfe27} – no filepath
Task: {78eda625-a853-4cc8-a6c8-26bbaae6d3f5} – no filepath
Task: {790b6955-ae65-4f80-a50e-1c3ce2e3bc65} – no filepath
Task: {795dd51d-05f0-45b8-8629-f24a72d86553} – no filepath
Task: {7962cbd3-1d98-4a91-9ee4-faec352cd7bc} – no filepath
Task: {7965f677-d3af-4ede-b409-7eb09ab08514} – no filepath
Task: {797d6d92-8f4c-41ef-9fbc-d2609129a9a5} – no filepath
Task: {798f7c94-9f80-4afa-a86a-c0326ea31e09} – no filepath
Task: {79be7b0d-a09e-4850-a448-c2f4055b0163} – no filepath
Task: {7a8eb476-fde6-44c5-b251-23a210e9ed48} – no filepath
Task: {7b1e6bc2-bae1-4825-a982-87b570df3670} – no filepath
Task: {7b6f5831-0def-467f-aeed-2f2ae19e60a9} – no filepath
Task: {7bb8e5a0-004a-4566-84dc-31ff34b32d16} – no filepath
Task: {7c418550-35e3-47b8-a0fd-7ba966e0c4a4} – no filepath
Task: {7c675321-988b-4ae5-8350-d26010ea778c} – no filepath
Task: {7c8a76ac-646f-419d-b73a-45e8e3b84706} – no filepath
Task: {7c9ee161-7108-489c-89a5-fbd461b15856} – no filepath
Task: {7cfed74f-cd86-40ca-9c15-27f8f93ffe0e} – no filepath
Task: {7d19e451-9ad4-45a0-a1e8-5b9859b6dd60} – no filepath
Task: {7d6c9550-1e85-4e39-b65e-8d554c1aef89} – no filepath
Task: {7d716c88-7733-4533-98f5-a0686d4997db} – no filepath
Task: {7d854c46-6059-4b2a-86ab-38d5ad22aecd} – no filepath
Task: {7d89a96a-901b-4c04-b779-8e369c655dda} – no filepath
Task: {7daf9874-1188-4337-ac4e-c1871ffcff5a} – no filepath
Task: {7dc0ed8e-d55e-438a-873b-dfe17224e7b7} – no filepath
Task: {7dd2ad21-8d1c-4c3f-9be1-c9b5457729c0} – no filepath
Task: {7DF22681-6A6C-45D6-9BE5-F986EF623212} – System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {7dfdd8cd-79fd-43fe-94b3-a2b99a73a779} – no filepath
Task: {7e7b97e0-1db7-4bdd-90ee-66243d14dae4} – no filepath
Task: {7ebcde91-a882-484f-846a-9529210cc5fa} – no filepath
Task: {7f5897f7-45b2-4027-ba8b-f8ebab16c442} – no filepath
Task: {7f6016e5-44a1-4b4a-a1de-b476aa6b7d8c} – no filepath
Task: {7fa1a006-ec4c-4e22-a09a-27922a964c39} – no filepath
Task: {7fa31c4a-f5c9-4167-9d71-b2a4b51bb53d} – no filepath
Task: {7fd02d81-b604-40e3-a373-de49b9756329} – no filepath
Task: {805e87c6-3366-420a-a8a5-7dea8805b5fe} – no filepath
Task: {806aeab2-432d-4bf0-876f-0c2a98c373e1} – no filepath
Task: {809aca0c-bf93-4888-9185-e48e2badb29d} – no filepath
Task: {80a3a202-c862-45a6-8686-63f1075d29f7} – no filepath
Task: {80b57679-a8e4-4fe5-b046-0983487ad315} – no filepath
Task: {81666862-f2cd-4703-a010-f370e2c84e06} – no filepath
Task: {81707c30-a223-4be9-bd9f-30d916d6fa52} – no filepath
Task: {81793c19-2683-4f76-8b81-d3bc8d1fb007} – no filepath
Task: {81c1b9cc-2fbd-4664-8364-efec93994c49} – no filepath
Task: {81ce84f3-4e89-4756-bd6f-8e2b968b1135} – no filepath
Task: {82ce266c-edc6-43ed-9a32-5b9004fb375e} – no filepath
Task: {83059658-33ac-456e-926b-49d698f96327} – no filepath
Task: {8392bcf9-d5a6-49c2-a94f-cecf72a246fe} – no filepath
Task: {83cf50c3-d1e3-4722-80b0-c6dd39218947} – no filepath
Task: {83d39b52-0428-4a1c-98bd-127e92bbc81f} – no filepath
Task: {85766003-dbca-4e9f-8977-21fb30a9d991} – no filepath
Task: {85992939-5b43-43c2-9829-c1a4376fa9fd} – no filepath
Task: {85b3ce29-25b1-491d-8817-b27e2609efa7} – no filepath
Task: {85dbd7ad-f6e6-4d7e-b58c-2953f639a880} – no filepath
Task: {8682543d-9c47-4789-a88d-c68d05a8d538} – no filepath
Task: {884236db-0d74-4d42-a6a5-6593462fcd39} – no filepath
Task: {8996f5ac-7a88-47af-a1bf-af12f2c8094b} – no filepath
Task: {89db19ce-6775-49ab-8c3a-56ca6ad842fc} – no filepath
Task: {89eadd5e-9e77-4413-b955-88bab328302a} – no filepath
Task: {89fc5678-7b83-44a2-a761-0803cfd8e100} – no filepath
Task: {8a2b7005-5be5-4fd8-a7c2-e16bc95d0458} – no filepath
Task: {8c2dfcb8-74b9-499f-b74b-96e0d30d75e2} – no filepath
Task: {8c916c63-ab83-4882-a256-d9ef77062548} – no filepath
Task: {8cbea7fe-17f0-4269-88de-9968281d785f} – no filepath
Task: {8db24a03-4cf7-494e-aef4-d427f827bbcd} – no filepath
Task: {8e395403-74fa-49e4-9f14-df340d292a74} – no filepath
Task: {8e41f6a2-8870-4200-9838-90e64b6dc84b} – no filepath
Task: {8e51ccfa-c9fa-4e54-aaa3-f03c178f50ef} – no filepath
Task: {8e59af3c-30b9-4063-b31d-0226757d8868} – no filepath
Task: {8e85881b-db3f-45d9-a678-b93d0fd8e8cf} – no filepath
Task: {8ee294fc-cb63-4411-b26d-0915b62ab442} – no filepath
Task: {8eebf6ad-f8a8-4f83-9422-82b2d5831639} – no filepath
Task: {8f143409-4e36-4426-82d2-65a8e3aacbe2} – no filepath
Task: {8f2018ad-08d4-49ce-847b-ccabb196eb52} – no filepath
Task: {8f2b9905-d320-4602-81cb-e2cca3bf0b67} – no filepath
Task: {8f475a9d-619d-4618-aec6-2af3c368e302} – no filepath
Task: {8f68e221-b066-420b-aac6-23990d331dc1} – no filepath
Task: {8fe16873-d30c-4c72-8e68-d32a35bdf96f} – no filepath
Task: {8ff94be3-3d6d-4ad3-b69d-795cad5495df} – no filepath
Task: {9043bfe7-28bd-4540-ad38-76c68523d4e9} – no filepath
Task: {9086087c-57bc-455e-94da-a38a4f502684} – no filepath
Task: {90ada62b-6aeb-4b0c-a99e-c1735f415b74} – no filepath
Task: {90f9859e-01f3-4997-a238-cf14b57a9994} – no filepath
Task: {91212bc7-78ab-446b-9c11-114286422bab} – no filepath
Task: {91a7dcc2-7487-43f3-9a7e-3c5bf1510b48} – no filepath
Task: {91d840c2-41e5-414f-a139-be189c0121bc} – no filepath
Task: {91F587E1-FB71-4E3C-91B3-E67E4F003EAF} – System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9236052a-2dea-48c2-836e-c3b7ef1e26be} – no filepath
Task: {92485b8e-03e6-477d-bd58-b3212452aa28} – no filepath
Task: {928957c3-dd31-4c49-ab22-cbd305ad02c3} – no filepath
Task: {92cfaf19-c89f-43da-ac79-9d876a1182b3} – no filepath
Task: {93160f08-668e-4eb9-9260-45857a76e997} – no filepath
Task: {935da77a-fca1-4782-9968-0cec435afb26} – no filepath
Task: {93d33ef3-d8d7-4d6d-9403-199d8907ad4d} – no filepath
Task: {93d585d5-f46e-458d-b365-fb1ecfd842b9} – no filepath
Task: {93e32bf9-fe77-437e-a331-5d467218cd1f} – no filepath
Task: {93f99d58-0923-4b78-8fb2-65d027d8e233} – no filepath
Task: {94029457-b971-4e81-a6dc-8e715647f318} – no filepath
Task: {951c5017-bb3c-4993-b260-d862d45e49b9} – no filepath
Task: {951dc7cf-9e15-4c98-a693-e5205c8a5bba} – no filepath
Task: {966c58e6-1bdf-45d3-9746-fe20c26547a4} – no filepath
Task: {968d8dcb-1215-4edc-a4ef-33186e54ffad} – no filepath
Task: {96a281ca-ff16-4315-98d2-0fb75e2ba98a} – no filepath
Task: {979b81ef-16c1-4572-bc41-7b1ce7d4ade6} – no filepath
Task: {979b9858-2ecc-45ea-a16b-a8e7f4267d28} – no filepath
Task: {97fe96f7-f99b-4ef4-8a40-f33e2adb3dff} – no filepath
Task: {9879350b-06f2-4ccd-9baf-410069182174} – no filepath
Task: {989a067e-4f7c-4a8a-8add-1b43f2c81f44} – no filepath
Task: {989a420a-768d-4144-ae12-4a4f6eccc56d} – no filepath
Task: {98e96714-7929-453d-af58-9e04c2cae7ad} – no filepath
Task: {9952337e-7468-49e6-89b0-7b19905bc14f} – no filepath
Task: {997d48e7-b82a-4146-afa9-941e4f5cc44d} – no filepath
Task: {99e1bbb4-3755-4452-b673-26835757a67a} – no filepath
Task: {9abcd776-87df-4218-ba92-b7719eda4085} – no filepath
Task: {9b2a1236-b4cd-4793-bbc0-2a21b885d83e} – no filepath
Task: {9b512962-f43f-4605-a2c8-efaf6085857d} – no filepath
Task: {9b9f2b31-ad7e-4284-a376-0244aa853ba6} – no filepath
Task: {9c3fe8e1-ff02-4312-99c2-5f6a790c51ce} – no filepath
Task: {9c53a46f-9fda-43d2-914c-edfe9c341d88} – no filepath
Task: {9c755ce2-a8ab-4116-9d17-406a9ff20057} – no filepath
Task: {9c77a090-3d68-45be-bf4a-8c0066752777} – no filepath
Task: {9cbbda13-4ab1-435f-93e5-51a758c14b1a} – no filepath
Task: {9cebd8ba-ed14-4a8e-95e8-215452985436} – no filepath
Task: {9dbf99a0-63a1-4e3e-b747-11f8b66080d4} – no filepath
Task: {9e027f8e-8c6d-4d4a-9ad0-7a61b63c8d9d} – no filepath
Task: {9e251b05-9379-460d-9841-3dc28c55f508} – no filepath
Task: {9edec920-d98d-4cbd-a00b-72ac98a5ffff} – no filepath
Task: {9f5848ff-a735-4bfc-8f1b-b44c5c550d8a} – no filepath
Task: {9f8cd3f0-8487-49b8-b121-ec8cad033fea} – no filepath
Task: {9fb483e0-c5fc-40ba-98fa-70e0a7ad6cbd} – no filepath
Task: {a05cca94-6818-41ae-9447-a32cb87d9523} – no filepath
Task: {a0723a0d-5e44-44d7-bbce-6b4f23aa2bb2} – no filepath
Task: {a1024473-2f67-46ef-ab44-970ef03d8f1f} – no filepath
Task: {a1505fe7-b074-4a12-b719-db1e6d46af63} – no filepath
Task: {a157309e-9ff7-48e1-b40a-f18e08529bd9} – no filepath
Task: {a190af4a-0194-43e0-8f4b-00b6c896e9a8} – no filepath
Task: {a1f14b47-d7a8-4249-be08-9e91094799dd} – no filepath
Task: {a2e0ae00-35f9-48c4-9330-bbebad19b26e} – no filepath
Task: {a2e8bc8e-d1ad-41f7-a015-076e0843a609} – no filepath
Task: {a2fb8f09-1dee-4db8-a49b-b0bd46079a3d} – no filepath
Task: {a30d2214-9bf8-4791-b558-b651dc8f5650} – no filepath
Task: {a37beabb-eecf-4524-bc51-75701fbdcb83} – no filepath
Task: {a3e870b2-e0c7-4f14-b514-bd3dd478635d} – no filepath
Task: {a43065bc-5004-4101-a750-8d82b672ee37} – no filepath
Task: {a5758bd7-b9e8-4215-b967-59bd7f1108cb} – no filepath
Task: {a586d5f5-d4a4-4846-ade5-dde4053a30cb} – no filepath
Task: {a6042cd1-ef6d-4965-a7d0-cf6110e4bbd4} – no filepath
Task: {a6103949-438c-40a4-9967-31a40a7b0b1f} – no filepath
Task: {a693ec73-7585-4449-a33d-abf62bedc185} – no filepath
Task: {a69ef637-6da1-4036-8ce7-3c75d31e942a} – no filepath
Task: {a6ccc0e1-df5a-468a-afa1-d17c69b7b138} – no filepath
Task: {a742bfc5-d4ad-4de2-9648-ddc6c100ae2f} – no filepath
Task: {a7e43313-b6f7-49a4-bb0c-878af7721d37} – no filepath
Task: {a7fec498-5814-4cb4-be90-d8ea341af964} – no filepath
Task: {a840c196-f8dc-498a-9dfe-68a610b328ef} – no filepath
Task: {a8b58e6f-763f-4218-a93a-471ef3194718} – no filepath
Task: {a8ff904c-db7c-47a4-9601-c82a866f8f09} – no filepath
Task: {a940acbc-2f12-4303-a29f-0496be53c9ae} – no filepath
Task: {a96af939-e03a-47a5-9c2c-6c39aac31335} – no filepath
Task: {a9a539bc-a3c7-42ca-bed3-0d208f52ce5c} – no filepath
Task: {aa196f29-8bd2-4a54-b1f4-1bf842074706} – no filepath
Task: {aa6cd345-099c-4961-acee-7949b5136c14} – no filepath
Task: {aadd42d9-1ed1-41dc-9c25-5e2f845dd4dc} – no filepath
Task: {ab06184a-e02f-4a75-92cd-027d2bc07f13} – no filepath
Task: {ab187a07-f252-47d8-9193-f163bad23f09} – no filepath
Task: {ab3cf43b-ac74-4bcb-8ef8-225310ae556d} – no filepath
Task: {ab792830-e654-4669-babc-ae668dbc662f} – no filepath
Task: {abfc3f86-993a-4444-b06b-d86451b13cd5} – no filepath
Task: {ad0b3239-ee35-4db3-be29-45eaba22b2b6} – no filepath
Task: {ad506e14-d4db-4034-9e7c-0adb81787764} – no filepath
Task: {ad8ef2cf-8a4b-4c5e-8dfe-82e883f9603e} – no filepath
Task: {ada44909-edbf-4727-a410-5deef88b41b1} – no filepath
Task: {adba1d22-1144-481a-9982-40f2d9e57aea} – no filepath
Task: {af2cf812-e6eb-4b31-831e-fa0118ada396} – no filepath
Task: {af5b4f70-e8b3-4b0e-be0d-3cf6b64276ab} – no filepath
Task: {af8cc3e4-653d-4e83-9326-182a8c1625ad} – no filepath
Task: {afbe2bfc-9bcf-4efb-a0f7-ef4cf21d96c2} – no filepath
Task: {b06444d8-d4cf-40fd-9e0a-497fc451bd53} – no filepath
Task: {b0c3667c-6d35-4105-aa34-e118654efe2b} – no filepath
Task: {b0f16def-e4fe-4a2b-90d3-d51b56827dc5} – no filepath
Task: {b14f01dd-71a6-4622-8e99-d213a4e209fa} – no filepath
Task: {b23fdbaa-2f21-4e66-82cd-bbb21a9f2a1a} – no filepath
Task: {b2aedfa6-ecff-4022-bd40-4772deba4bf4} – no filepath
Task: {b2c84bcd-5bed-4325-aabc-6b17434e84ca} – no filepath
Task: {b3510350-7431-4934-a7f1-6ffde02ac2b2} – no filepath
Task: {b372ea39-fd10-47ec-a431-573d38b5bfcf} – no filepath
Task: {b37df8be-41b1-4e10-84bc-f89d9f261d23} – no filepath
Task: {b3a3dfad-90cf-41c3-b402-f06f0ed717c7} – no filepath
Task: {b474d0b7-4826-4bb6-a688-8fe2847d1f88} – no filepath
Task: {b49b9e38-b384-4030-8f39-cabc3fc944a0} – no filepath
Task: {b52e76e2-f11e-4eb6-b06b-c5dda827a4fe} – no filepath
Task: {b5dfee4d-614d-4f40-95a2-2f9228f7898b} – no filepath
Task: {b621cf8f-1b50-4bb5-8fbf-8b2913b31592} – no filepath
Task: {b63aab30-7f79-46f6-8322-13850c5b6d77} – no filepath
Task: {b6540377-600d-43f2-a822-c60ba4a53aef} – no filepath
Task: {b68ce367-c8f7-4d44-b726-6c2b56e4c225} – no filepath
Task: {b68e3060-1dff-4dad-8080-c50bcac9817c} – no filepath
Task: {b7305653-bd96-4798-92c5-0968d4983fac} – no filepath
Task: {b7983f84-20cf-43d1-b19d-ef5f7e1a1c0c} – no filepath
Task: {b81464d2-b056-40fd-8ac1-c357bc5e0492} – no filepath
Task: {b83d888a-ce1b-49bc-bcc7-0651638a13e6} – no filepath
Task: {b848105b-0938-4c8b-bacf-ab339e00f5e1} – no filepath
Task: {b848c0fd-4c2a-425f-886f-84b3c5b77233} – no filepath
Task: {b894afeb-930a-4902-9253-765a8ad4c57d} – no filepath
Task: {b8c83f12-eb7b-4301-b00a-8821c60bbb45} – no filepath
Task: {b917b2b8-c9c3-4ed2-9e26-638ce6678a23} – no filepath
Task: {b92da597-cc8c-467a-aaa0-8c04d4856da0} – no filepath
Task: {b97ee90b-d210-46ff-b523-9c3c6a943811} – no filepath
Task: {b9a7b2fb-66ad-4611-8ad2-d6cd3f485b3a} – no filepath
Task: {b9dc514f-c08b-4f72-a082-4de09389c9d6} – no filepath
Task: {ba0f04b5-a8fa-408c-b0b0-31d6f341681d} – no filepath
Task: {ba231c90-3e53-4f02-a64c-7d9944719d83} – no filepath
Task: {ba4f172a-3562-4b25-bfcd-e1be83b1e74d} – no filepath
Task: {baad7833-2761-4d12-a635-6b238ec8b3ef} – no filepath
Task: {bb69df20-6b28-473d-84cf-8b86a05c2cad} – no filepath
Task: {bb8fdf56-8c06-401c-bf0a-26f4ccba2726} – no filepath
Task: {bc3b1f61-bba7-464e-b5c9-192e9fa1ef51} – no filepath
Task: {bc5c6769-f3e8-4746-b14c-30fe188b2f8a} – no filepath
Task: {bc6625a0-f9a2-48e4-9f68-5b169a22c5fe} – no filepath
Task: {bcd01532-03bc-4ed9-9822-84452c806150} – no filepath
Task: {bd63a9d1-425c-4d4f-9686-a308479d7a60} – no filepath
Task: {bd79fd8e-fc2c-4c7d-8f42-5910caf2fae8} – no filepath
Task: {bdc251e9-6988-46a6-8c03-725cb26ca4d9} – no filepath
Task: {bdebab6f-5abc-4c1d-83b9-db5f8db630e8} – no filepath
Task: {be85b520-4302-4336-a753-3c3cb08afc73} – no filepath
Task: {bebd7f56-94e1-491d-85e0-d9a1f7d09975} – no filepath
Task: {bf3e7655-b17f-4836-8eab-e78234dac029} – no filepath
Task: {bf5a5cf4-8c2b-4c09-9415-304f3835d911} – no filepath
Task: {c0156bc0-1a2d-4ecd-aab7-c1fe602d5074} – no filepath
Task: {c06b99d5-2241-4e30-9176-eaec6a73fe56} – no filepath
Task: {c099495e-960b-4ad7-b79e-78a552160f30} – no filepath
Task: {c159c8d9-eaa3-44b9-87dd-7344e56becf6} – no filepath
Task: {c20e6538-34e3-4623-9b2f-44c9ecb9104f} – no filepath
Task: {c2a9443f-8bbe-42cd-8962-9a238f33056c} – no filepath
Task: {c36b922e-e9e8-4851-a9db-49d76bad937a} – no filepath
Task: {c42126b7-f30d-4ab8-8d56-30c2d4fb2d8f} – no filepath
Task: {c56d381a-0ec6-49fd-9bbf-fc1e671df630} – no filepath
Task: {c596edbc-7ffd-4cbc-b16c-dae56ecae7a8} – no filepath
Task: {c5ca835f-2f46-48eb-8f7d-bbe90a7423aa} – no filepath
Task: {c5d89c17-746d-4e6d-ae5a-f5cbf08f3f47} – no filepath
Task: {c6216398-7883-4a87-8ad2-727690e08472} – no filepath
Task: {c6e503d1-ff31-41ad-8273-ebd291d77d49} – no filepath
Task: {c71021e3-8257-4054-8a87-0c18469d259d} – no filepath
Task: {c7439533-e7e7-4513-a58b-3d5c9137eded} – no filepath
Task: {c7581714-be6b-4936-b6d3-a218053d6a99} – no filepath
Task: {c7eb4880-9639-4d52-9500-82813396b083} – no filepath
Task: {c87dee07-cd76-45fd-917a-777ccceebca9} – no filepath
Task: {c905586c-89c4-44ea-b5aa-71f2156ca1dd} – no filepath
Task: {c921ee22-0f1a-4dcb-9603-6a974b8c3aac} – no filepath
Task: {c96f885b-5d6d-4d58-bb8f-14be6c14a563} – no filepath
Task: {c9ae29e4-4818-475f-a1e1-47b8c60e85b3} – no filepath
Task: {c9c68624-02ea-4911-9839-2bb4f136995a} – no filepath
Task: {ca0d2b7d-85a4-4f49-a13d-a9f04750edb2} – no filepath
Task: {ca1c045f-17a0-4929-9143-31455f674cec} – no filepath
Task: {ca320edc-948f-4d49-8668-342f677d7cdd} – no filepath
Task: {caadbfb9-ea8d-4103-bada-9ed3589c03e5} – no filepath
Task: {cacd4d33-f771-4f08-88ed-d9bf15f82b50} – no filepath
Task: {cb794d8b-5de8-43e3-aa56-4005cf8f9969} – no filepath
Task: {cc9729f4-d0ad-404a-9029-2ee84ea8ef43} – no filepath
Task: {ccb4bc61-34b9-4368-b746-5a2720e6144b} – no filepath
Task: {cd1b9931-221c-4b52-b03d-293c49ee3684} – no filepath
Task: {cd4d9fc6-769b-4717-a813-93a19361524d} – no filepath
Task: {ce282ca5-2f2b-4b1b-b987-7f70e077ad4c} – no filepath
Task: {cf7cdb91-8430-4a96-bdf9-def1a5c587d8} – no filepath
Task: {cff72d39-f81b-4c71-b5eb-f9bccdbf6961} – no filepath
Task: {d0504279-9e8a-4be2-977e-b3a999a69200} – no filepath
Task: {d07e48d5-50f2-4d0d-80c0-fdec918970d1} – no filepath
Task: {d0a4b0eb-6a77-4ed4-80b9-444ecce2bd07} – no filepath
Task: {d0ce28b2-e5e0-4f01-80f1-c20643240b97} – no filepath
Task: {d1456639-ee91-4740-8443-62985069174f} – no filepath
Task: {d176c0a9-cc6c-4486-a23b-5bb3119982ea} – no filepath
Task: {d1adf183-0d09-45f9-b34a-2711b8f6267d} – no filepath
Task: {d2400971-21f5-4e67-a750-07ff6b3b839a} – no filepath
Task: {d2d14273-4f92-44b0-b228-e9a07064f9fa} – no filepath
Task: {d3048c3d-b7e6-45eb-87e8-dfbf5dd0d2ca} – no filepath
Task: {d32ff4f5-dd76-488c-bc50-8d71252d8bca} – no filepath
Task: {d38395cc-e503-4484-b876-8a19e3cdb74f} – no filepath
Task: {d3a22671-aa1b-4e68-891a-a2dde0e6efb2} – no filepath
Task: {d43b22c9-cb70-4424-93b3-9a60eaea9dbc} – no filepath
Task: {d47feab6-9341-4315-bdd9-db8571cf7ac4} – no filepath
Task: {d4c910d0-ea41-42b5-8a55-df3181c78a5b} – no filepath
Task: {d5000d7e-e0bc-424f-9517-4fed99d4d37f} – no filepath
Task: {d56ee484-9217-4d93-959d-deff705df7bc} – no filepath
Task: {d5b4b93a-c296-4ba0-92b4-70359ba77d11} – no filepath
Task: {d5ddda95-37fa-41bd-a69a-db68cee29228} – no filepath
Task: {d6d5ce2a-366a-48f4-94b4-298c03b91d51} – no filepath
Task: {d74182fc-af2b-4f8f-8215-3f1700fcd8d6} – no filepath
Task: {d8270491-278c-478f-9a81-39e5f1ad4113} – no filepath
Task: {d847a627-1bd6-4645-a410-d078f10e4640} – no filepath
Task: {d86d29e6-6dad-4afa-9000-6c7e1181c8c7} – no filepath
Task: {d8df3ea0-1e0e-4798-b1c3-f77a727d2b32} – no filepath
Task: {d949c404-f86e-47e3-95fd-14547785aec8} – no filepath
Task: {d980aaa5-53cd-4f07-9c6d-63134bbc15a4} – no filepath
Task: {d9a0e548-4c37-4923-90c5-b7a1dab228eb} – no filepath
Task: {da2f743b-4673-4c18-8057-c222eb21a05b} – no filepath
Task: {da86bd4a-fe17-487e-9081-5f376137419f} – no filepath
Task: {dae87f2e-f30c-432d-a639-9d4d71e28069} – no filepath
Task: {db629eca-9118-4f7a-aeb1-5fc2a6721c04} – no filepath
Task: {db82d92a-c1aa-48d0-9f72-1b9d4e222017} – no filepath
Task: {DC79882F-BFD0-459F-A873-5909337A9C30} – System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {dd00523c-270a-4ff1-8a16-3a04bb6a455e} – no filepath
Task: {de158ada-a059-4204-9749-6d66539eb9f3} – no filepath
Task: {de96e28e-bc97-49e8-b4e5-0e7a69b37d8a} – no filepath
Task: {deb0092a-0b63-4148-ac05-7f7339a0e40f} – no filepath
Task: {dee4b597-766d-4709-8d54-c17a7c27a39a} – no filepath
Task: {dfd7ec6a-641b-40ed-bc56-9ad2aa2c1438} – no filepath
Task: {DFE3410C-573D-4774-A230-EB7390FE07D3} – System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {e0690d9a-defe-4e7d-a9bd-c31fed88e36c} – no filepath
Task: {e078b856-8cc9-4a62-b8b0-58a95c1394e3} – no filepath
Task: {e087ecae-5670-4105-83a3-d1e61dedcabf} – no filepath
Task: {e0d77876-d6ac-4212-9ef1-8404d2964ac7} – no filepath
Task: {e0e6e05a-8822-4d8b-a50a-b04c643261a5} – no filepath
Task: {e2258705-dadd-4c8a-9218-376c02749791} – no filepath
Task: {e24de80a-1a96-42a7-a979-8f7defe0671b} – no filepath
Task: {e271b7a2-61b3-4bde-a85d-eb75f6e2bc06} – no filepath
Task: {e34c9884-5693-411c-a314-b21305e59759} – no filepath
Task: {e35169dd-e356-49fb-b8b1-80b3efa7a593} – no filepath
Task: {e35a380e-de4a-4dbb-8c69-71464a2d18e3} – no filepath
Task: {e36d9122-fcb3-4da8-996b-a32c6bdfbce3} – no filepath
Task: {e3966984-3679-491e-9a8b-2102e459968a} – no filepath
Task: {e3cf29ff-0870-4c9b-ad07-9512c24ead22} – no filepath
Task: {e4038b96-96e2-4aab-8471-8acfb2375ae8} – no filepath
Task: {e423738c-2d49-46f2-9e78-6d4d2070ccc6} – no filepath
Task: {e47436b2-11d5-4e6a-8bb1-931665f0649a} – no filepath
Task: {e48ac08a-27ac-48d2-ad9c-f3ef5f210a52} – no filepath
Task: {e4acb717-985e-4e98-a403-ed4cc99eca49} – no filepath
Task: {E4C33990-FA50-4942-865D-58E0A95D58E1} – System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {e4d0bd88-1960-41c7-8674-1d981b02ecbe} – no filepath
Task: {e4ef0f2f-1b83-45c4-95b7-7288cf79272c} – no filepath
Task: {e5ca3fa1-7476-40ec-9b58-d5bc48f247a9} – no filepath
Task: {e6e45bd1-655e-4ad7-af64-d541448dd0d7} – no filepath
Task: {e7323be0-836c-493b-bc5b-8a99bdfdc550} – no filepath
Task: {e75ff253-fb94-4894-b031-a645976e486e} – no filepath
Task: {e79a487a-d327-4c0f-b476-ebac420917aa} – no filepath
Task: {e81d1f28-afaa-4b76-b4ac-c637869c3afc} – no filepath
Task: {e8a72932-2aa2-4c29-826a-da77f72b7b7f} – no filepath
Task: {e8d1dc11-0611-473b-8b74-44b13f4512ae} – no filepath
Task: {e8d61f7b-6066-46dc-9266-322edf195a3d} – no filepath
Task: {e9384af5-f345-41db-b110-3d5deb3692e4} – no filepath
Task: {e942338f-d764-4950-a6b6-dd01a762dbfb} – no filepath
Task: {e9c19735-db09-4d3c-91f0-3ecb02e5361b} – no filepath
Task: {ea0aae27-517a-4f04-babc-c1ace5263953} – no filepath
Task: {ea2ad152-af62-467b-bc41-2b68972fb087} – no filepath
Task: {ea313a76-e02c-4507-b90d-8cef177c9cfb} – no filepath
Task: {ea3514bd-b24d-494a-9790-8f8e0bd6a450} – no filepath
Task: {ea7d909c-9cb7-485f-8738-736581a5bf98} – no filepath
Task: {eb090215-7ca6-48b4-b02d-4fda124de601} – no filepath
Task: {eb0efb69-e0f3-46ad-a9b1-cabf89b76868} – no filepath
Task: {eb3bd144-019d-4483-8476-1ab1485070f7} – no filepath
Task: {eb560d86-b78d-4fa0-a9b6-6f5ae9c027cb} – no filepath
Task: {ec012552-caf0-4d81-bbf5-60f4d0370801} – no filepath
Task: {ec875192-8c75-41bb-92cd-8783a87e7873} – no filepath
Task: {ecbfee26-b837-42d0-8d9e-7b08f42feaf5} – no filepath
Task: {ecc765e2-0497-4d06-b219-19c106a859e8} – no filepath
Task: {ed1d8a85-f414-4968-8520-d28aa95dd499} – no filepath
Task: {ed4ac721-6cad-46fa-8953-19f7e2e1b695} – no filepath
Task: {ed794b29-c322-4794-9c69-e1bac182ad42} – no filepath
Task: {edf5de5b-f1ed-495b-8bb7-75bdbc720bf7} – no filepath
Task: {ee0a3389-eea7-40f4-80d1-fb7f0e23ad0d} – no filepath
Task: {ee169a0c-e2ec-4a1b-8980-c04736153b45} – no filepath
Task: {ee547793-9fd2-4559-8ef8-f0eaec70a85a} – no filepath
Task: {ee707ac0-780e-43a4-b7cb-867c57af8d92} – no filepath
Task: {ee87e4a1-f0f8-46e8-b1b1-7be3d7369704} – no filepath
Task: {ee8969d8-c1d4-4c27-9c64-2181aff27545} – no filepath
Task: {ee8a88ad-76d2-463b-b227-004e708eae0a} – no filepath
Task: {ef4fb3f1-c1b3-4ca7-a477-3f2ebf372fcf} – no filepath
Task: {ef6a3abc-b25c-4b18-9b84-099fc655a157} – no filepath
Task: {efacf881-772d-446d-84d7-2048913411b3} – no filepath
Task: {efd24eb8-ec63-4ed8-a630-b9cf6926f488} – no filepath
Task: {efeb221b-7263-4af7-aff6-f359c1cf9fd7} – no filepath
Task: {efed7859-d526-4dc4-9056-612344680b47} – no filepath
Task: {f007025e-7bb0-4aae-902f-0b774992de2b} – no filepath
Task: {f076e361-afd0-4f24-9c48-ffab7f2cded6} – no filepath
Task: {f09d1577-a916-42a8-b9ca-4d453d994186} – no filepath
Task: {f0aec4d1-b36f-4df5-9e59-a67554160d06} – no filepath
Task: {f0ee1c5f-4143-4c2b-a4fc-fdbc46652fc4} – no filepath
Task: {f12189a0-a51c-4600-91bf-b5ae1197f992} – no filepath
Task: {f1a84a39-e9b5-4353-8226-6a2eb2212322} – no filepath
Task: {f2173a3f-5137-4060-8955-5808a6cd6e5f} – no filepath
Task: {f22361bb-5370-440e-806e-94acf48474b4} – no filepath
Task: {f2a97ddc-04e7-4f93-8d14-95ea55d45a0c} – no filepath
Task: {f2b5eb01-7497-48a3-b016-074e1318eacd} – no filepath
Task: {f2cc9ecb-ec95-4ad9-bade-ea1e30d04a64} – no filepath
Task: {f305d7d4-a212-4695-b146-cef46e7665d0} – no filepath
Task: {f319539c-5335-4bd6-beba-53310931be9b} – no filepath
Task: {f31d5e5e-e00f-4b0e-8b75-b6b4b9648ce1} – no filepath
Task: {f4b33b11-7e80-45e2-9240-b983335e0ee2} – no filepath
Task: {f5406ad4-5a08-44e0-bd3c-eb1e858849a1} – no filepath
Task: {f6067538-7671-4944-b471-fbee7a027d46} – no filepath
Task: {f65aabc2-42f1-4601-933c-46d125c5f408} – no filepath
Task: {f687fb30-de99-4571-84b5-048b579c2dee} – no filepath
Task: {F6ECDE94-3667-44CB-A2A3-7239905C2269} – System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {f6f85bc1-4075-4823-87d0-2bb36baf53fe} – no filepath
Task: {f7745ec4-89f0-4ae1-b607-da0c6a6777be} – no filepath
Task: {f7ae9e3a-0121-4ce2-bce6-3f5debb03f46} – no filepath
Task: {f8279d63-79bd-4e29-ba8d-830f8482b04d} – no filepath
Task: {f83e2c8b-61b1-47ff-a05a-bbf5fa8d3be6} – no filepath
Task: {f87226c4-6eb6-43f5-b7f4-705711e44153} – no filepath
Task: {f89fe279-2abc-4643-b875-ced5fae58156} – no filepath
Task: {f8c1e1a2-3be6-48e8-a51f-d14224c36721} – no filepath
Task: {f8cf6c4f-9bab-4238-a13b-cc6db71a2464} – no filepath
Task: {f8d22c5c-b43a-4fb6-85bd-81c2476518de} – no filepath
Task: {f92134e4-d5c2-477f-bf45-839f12566fd8} – no filepath
Task: {f92ca0ea-3b39-495f-808c-36a69b5f63f4} – no filepath
Task: {f965f78a-bcf3-4954-a2a8-32c162f1ead7} – no filepath
Task: {fa3d7451-7ed1-4eed-8f98-2800b6cf82e5} – no filepath
Task: {FA637CE9-3A8B-4E4F-B7AC-46199F3A0ADE} – System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {fb333bcb-e84c-43d1-8b42-b91f4bc06a35} – no filepath
Task: {fb3c363b-fd52-4b7f-9d56-11a9857ff1db} – no filepath
Task: {fb451f78-1f72-41a8-a5ef-4f41be92289f} – no filepath
Task: {fbdbc665-d299-452d-a3ef-02bb98418572} – no filepath
Task: {fc498aa9-7a64-4b4d-8a8d-f4514ad9e91e} – no filepath
Task: {fce05183-57d4-4068-b181-9acb932bf6b5} – no filepath
Task: {fce2ccfe-0f0f-439d-a872-f1f6faae0ca6} – no filepath
Task: {fd2d2e13-80bd-4270-bb6e-24455a9ff7b2} – no filepath
Task: {fd7793d6-38a1-4f66-97b5-2a670881327d} – no filepath
Task: {fd88e394-f46b-4276-87a5-cb46ce953917} – no filepath
Task: {FDA89417-514B-493B-90AA-937AF7089A52} – System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {fe09d5dc-d365-4702-816a-ee3a62f8fb91} – no filepath
Task: {fe11acf1-8f66-42b5-b6e4-7aeaf11c0dd8} – no filepath
Task: {fe47a6dd-3745-48e0-a903-3afaccb53e41} – no filepath
Task: {fe88ac88-1e39-4a04-b99d-4179485a66a7} – no filepath
Task: {FEB8F053-59D6-4037-B3F8-3CCE30533A2C} – System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {fee4ccfe-090d-4c8a-8bdc-23c0de934423} – no filepath
Task: {ff16211e-6a45-4dd6-9d08-e94e904099c0} – no filepath
Task: {ff477899-2ccc-4119-b57c-5ce7cff73a46} – no filepath
Task: {ff7d7209-23b7-4254-b146-2ee570cdcd71} – no filepath
Task: {ff9643c6-a188-48c6-b680-14a4dbba9d75} – no filepath
Task: {ffc4f908-6370-4730-8dba-2be0a813aa95} – no filepath
Task: {ffdef716-fbf3-4846-8df0-b19d0ed285a3} – no filepath
Task: {FFFE34A3-9F43-4C49-A97A-22CEA842EAEE} – System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053768 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction – ProxySettings)
AutoConfigURL: [HKLM] => hxxp://127.0.0.1:86/
AutoConfigURL: [HKLM-x32] => hxxp://127.0.0.1:86/
AutoConfigURL: [{7D3E0AC3-FF73-4C77-9CD2-AA5B485889A7}] => hxxp://127.0.0.1:86/
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{3cd811c8-23aa-4f71-a4ff-ef9e543995af}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{3cd811c8-23aa-4f71-a4ff-ef9e543995af}: [DhcpNameServer] 172.20.10.1
ManualProxies: 0hxxp://127.0.0.1:86/
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Junel D. Alviola\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-25]
Edge DownloadDir: Default -> D:\Downloads
Edge HomePage: Default -> hxxp://oem17win10.msn.com/?pc=NMTE
Edge HKU\S-1-5-21-171464497-1134113136-1496924207-1001\SOFTWARE\Microsoft\Edge\Extensions\…\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] – C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx <not found>
FF DefaultProfile: 632t3wyw.default
FF ProfilePath: C:\Users\Junel D. Alviola\AppData\Roaming\Mozilla\Firefox\Profiles\632t3wyw.default [2020-04-16]
FF ProfilePath: C:\Users\Junel D. Alviola\AppData\Roaming\Mozilla\Firefox\Profiles\on40eu6n.default-release [2021-09-25]
FF DownloadDir: D:\Downloads
FF Extension: (Video DownloadHelper) – C:\Users\Junel D. Alviola\AppData\Roaming\Mozilla\Firefox\Profiles\on40eu6n.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2019-11-26] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2019-11-26] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-29] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
CHR DefaultProfile: Default
CHR Profile: C:\Users\Junel D. Alviola\AppData\Local\Google\Chrome\User Data\Default [2021-09-25]
CHR DownloadDir: D:\Downloads
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3319613&octid=EB_ORIGINAL_CTID&ISID=AB585250-5005-4431-89B2-7DDA0E7AD41E&SearchSource=55&CUI=&UM=5&UP=SPB520EE55-8B11-4A13-A8ED-B9A0CD40657E&SSPV=
CHR StartupUrls: Default -> “hxxp://www.trovi.com/?gd=&ctid=CT3319613&octid=EB_ORIGINAL_CTID&ISID=AB585250-5005-4431-89B2-7DDA0E7AD41E&SearchSource=55&CUI=&UM=5&UP=SPB520EE55-8B11-4A13-A8ED-B9A0CD40657E&SSPV=”
CHR Extension: (Slides) – C:\Users\Junel D. Alviola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-21]
CHR Extension: (Docs) – C:\Users\Junel D. Alviola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-21]
CHR Extension: (Google Drive) – C:\Users\Junel D. Alviola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-21]
CHR Extension: (YouTube) – C:\Users\Junel D. Alviola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-21]
CHR Extension: (Sheets) – C:\Users\Junel D. Alviola\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-21]
CHR Extension: (Authy) – C:\Users\Junel D. Alviola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2021-09-22]
CHR Extension: (Google Docs Offline) – C:\Users\Junel D. Alviola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-21]
CHR Extension: (Chrome Web Store Payments) – C:\Users\Junel D. Alviola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-21]
CHR Extension: (Gmail) – C:\Users\Junel D. Alviola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-21]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
R2 Bentley Property Catalog Service; C:\Program Files (x86)\Bentley\Engineering\SPC Server v8i SS4\Bentley.Structural.PropertyCatalog.Server.exe [8704 2015-05-28] (Bentley Systems Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
R2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Repair\ElevationService.exe [907776 2020-07-30] () [File not signed]
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
R2 IQOptionUpdater; C:\Program Files (x86)\IQ Option\\IQOptionUpdater.exe [1824632 2021-09-07] (QUAD CODE SOFTWARE LTD -> )
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\MSIAPService.exe [47568 2018-10-29] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675392 2021-05-27] (A-Volute SAS -> Nahimic)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2483032 2021-09-09] (Overwolf Ltd -> Overwolf LTD)
R2 Sendevsvc; C:\Program Files (x86)\MSI\Dragon Center\Sendevsvc\Sendevsvc.exe [302888 2019-01-30] (Micro-Star International CO., LTD. -> ) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10202040 2021-08-31] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-12-10] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Addins\Repair\DriverInstall.exe [124304 2020-12-22] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_84aacc51d349bef7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_84aacc51d349bef7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 KuaiZipDrive; C:\WINDOWS\system32\drivers\KuaiZipDrive.sys [93992 2011-04-15] (Suzhou Shijie Software Co., LTD -> KuaiZip International Inc)
R3 MpKsl3027ed92; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5941DAB5-E1A7-446B-9BCB-332CA46E9507}\MpKslDrv.sys [130296 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-01-17] (A-Volute -> Windows ® Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8234240 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2021-03-29] (Nemea Mjukvaruutveckling AB -> Basil Projects)
S3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [18688 2018-07-18] (WDKTestCert heavenluo,131620253795976757 -> )
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2742720 2021-05-03] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S1 EneTechIo; \??\C:\WINDOWS\system32\drivers\ene.sys [X]
S3 NTIOLib_CC_Clock; \??\C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-25 16:36 – 2021-09-25 16:37 – 000070889 _____ C:\Users\Junel D. Alviola\Desktop\Addition.txt
2021-09-25 16:35 – 2021-09-25 18:01 – 000078698 _____ C:\Users\Junel D. Alviola\Desktop\FRST.txt
2021-09-25 16:35 – 2021-09-25 18:01 – 000000000 ____D C:\FRST
2021-09-25 16:34 – 2021-09-25 16:34 – 002304512 _____ (Farbar) C:\Users\Junel D. Alviola\Desktop\FRST64.exe
2021-09-25 14:46 – 2021-09-25 14:49 – 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0008E63B-81C1-4723-90D1-387B06B0CB13}
2021-09-25 14:17 – 2021-09-25 14:17 – 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-09-23 18:31 – 2021-09-25 14:31 – 000002326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-23 18:19 – 2021-09-23 18:19 – 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-171464497-1134113136-1496924207-1001
2021-09-22 16:11 – 2021-09-22 16:11 – 001342296 _____ (Google LLC) C:\Users\Junel D. Alviola\Downloads\ChromeSetup.exe
2021-09-22 11:06 – 2021-09-22 11:06 – 000000000 ___HD C:\$SysReset
2021-09-21 22:53 – 2021-09-25 14:19 – 000000000 ____D C:\Program Files\Mozilla Firefox
2021-09-21 21:35 – 2021-09-21 21:35 – 000003242 _____ C:\WINDOWS\system32\Tasks\smadav
2021-09-21 17:20 – 2021-09-21 17:20 – 000000000 ____D C:\Program Files\Common Files\logishrd
2021-09-21 17:20 – 2021-09-21 17:20 – 000000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2021-09-21 17:20 – 2012-10-26 09:42 – 010919784 _____ C:\WINDOWS\SysWOW64\LogiDPP.dll
2021-09-21 17:20 – 2012-10-26 09:42 – 010919784 _____ C:\WINDOWS\system32\LogiDPP.dll
2021-09-21 17:20 – 2012-10-26 09:42 – 004758176 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\lvuvc64.sys
2021-09-21 17:20 – 2012-10-26 09:42 – 000768288 _____ (Logitech Inc.) C:\WINDOWS\system32\LVUI64.dll
2021-09-21 17:20 – 2012-10-26 09:42 – 000560416 _____ (Logitech Inc.) C:\WINDOWS\system32\LVUIRC64.dll
2021-09-21 17:20 – 2012-10-26 09:42 – 000542568 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\LVUI2.dll
2021-09-21 17:20 – 2012-10-26 09:42 – 000538472 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\LVUI2RC.dll
2021-09-21 17:20 – 2012-10-26 09:42 – 000351520 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\lvrs64.sys
2021-09-21 17:20 – 2012-10-26 09:42 – 000336232 _____ C:\WINDOWS\SysWOW64\DevManagerCore.dll
2021-09-21 17:20 – 2012-10-26 09:42 – 000336232 _____ C:\WINDOWS\system32\DevManagerCore.dll
2021-09-21 17:20 – 2012-10-26 09:42 – 000305000 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\lvcodec2.dll
2021-09-21 17:20 – 2012-10-26 09:42 – 000266828 _____ C:\WINDOWS\system32\Drivers\LVAFT.cfg
2021-09-21 17:20 – 2012-10-26 09:42 – 000262432 _____ (Logitech Inc.) C:\WINDOWS\system32\lvco1380853.dll
2021-09-21 17:20 – 2012-10-26 09:42 – 000175392 _____ (Logitech Inc.) C:\WINDOWS\system32\lvcod64.dll
2021-09-21 17:20 – 2012-10-26 09:42 – 000103272 _____ C:\WINDOWS\SysWOW64\LogiDPPApp.exe
2021-09-21 17:20 – 2012-10-26 09:42 – 000103272 _____ C:\WINDOWS\system32\LogiDPPApp.exe
2021-09-21 17:20 – 2012-10-26 09:42 – 000040398 _____ C:\WINDOWS\system32\Repository.reg
2021-09-21 17:20 – 2012-10-26 09:42 – 000029494 _____ C:\WINDOWS\system32\lvcoin64.ini
2021-09-21 16:43 – 2021-09-21 16:43 – 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-21 16:43 – 2021-09-21 16:43 – 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-21 16:43 – 2021-09-21 16:43 – 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-21 16:43 – 2021-09-21 16:43 – 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-21 16:43 – 2021-09-21 16:43 – 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-21 16:43 – 2021-09-21 16:43 – 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-21 16:36 – 2021-09-21 16:36 – 000000000 ___HD C:\$WinREAgent
2021-09-20 14:29 – 2021-09-20 14:31 – 000000360 _____ C:\Users\Junel D. Alviola\Desktop\New Text Document.txt
2021-09-20 12:30 – 2021-09-20 12:30 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Local\Bentley
2021-09-20 12:26 – 2021-09-20 12:27 – 000000000 ____D C:\Staad.foundation 5.3
2021-09-20 12:26 – 2021-09-20 12:27 – 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bentley Engineering
2021-09-20 12:25 – 2021-09-20 12:26 – 000000000 ____D C:\SProV8i SS6
2021-09-20 12:25 – 2021-09-20 12:25 – 000000000 ____D C:\Program Files (x86)\VectorDraw
2021-09-20 12:24 – 2021-09-20 12:26 – 000000000 ____D C:\ProgramData\Bentley
2021-09-20 12:24 – 2021-09-20 12:24 – 000000000 ____D C:\Program Files\Microsoft Synchronization Services
2021-09-20 12:24 – 2021-09-20 12:24 – 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2021-09-20 12:24 – 2021-09-20 12:24 – 000000000 ____D C:\Program Files (x86)\Bentley
2021-09-20 12:17 – 2021-09-22 09:53 – 000001256 _____ C:\Users\Junel D. Alviola\AppData\Roaming\ETABS.settings
2021-09-20 12:16 – 2021-09-20 12:16 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Local\Computers and Structures
2021-09-20 12:12 – 2021-09-22 09:52 – 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETABS 18
2021-09-20 12:12 – 2021-09-20 12:12 – 000000000 ____D C:\ProgramData\SafeNet Sentinel
2021-09-20 12:12 – 2021-09-20 12:12 – 000000000 ____D C:\Program Files\Computers and Structures
2021-09-18 20:33 – 2021-09-25 15:54 – 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2021-09-18 20:33 – 2021-09-25 15:54 – 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2021-09-18 20:33 – 2021-09-18 20:33 – 000003152 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2021-09-18 20:33 – 2021-09-18 20:33 – 000003152 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2021-09-18 20:31 – 2021-09-18 20:31 – 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-18 20:31 – 2021-09-18 20:31 – 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71bd017a56dae
2021-09-17 16:27 – 2021-09-25 14:32 – 000000000 ____D C:\Program Files (x86)\Epic Games
2021-09-17 16:27 – 2021-09-25 14:31 – 000000000 ____D C:\ProgramData\Epic
2021-09-17 14:08 – 2021-09-24 16:21 – 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2021-09-17 14:08 – 2021-09-17 14:09 – 000003798 _____ C:\WINDOWS\system32\Tasks\Optimize Thumbnail Cache
2021-09-17 14:08 – 2021-09-17 14:09 – 000003350 _____ C:\WINDOWS\system32\Tasks\KMSpico Automatic Update Scheduler
2021-09-17 14:08 – 2010-12-06 10:16 – 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2021-09-11 11:24 – 2021-09-11 11:24 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-04 18:17 – 2021-09-04 18:17 – 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-04 18:17 – 2021-09-04 18:17 – 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-04 18:17 – 2021-09-04 18:17 – 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-04 18:17 – 2021-09-04 18:17 – 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-04 18:17 – 2021-09-04 18:17 – 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-04 18:17 – 2021-09-04 18:17 – 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-04 18:17 – 2021-09-04 18:17 – 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-04 18:16 – 2021-09-04 18:16 – 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-04 18:16 – 2021-09-04 18:16 – 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-04 18:16 – 2021-09-04 18:16 – 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-04 18:16 – 2021-09-04 18:16 – 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-04 18:16 – 2021-09-04 18:16 – 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-04 18:16 – 2021-09-04 18:16 – 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-04 18:16 – 2021-09-04 18:16 – 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-01 15:11 – 2021-09-01 15:11 – 000000368 ____H C:\WINDOWS\Tasks\Intel PTT EK Recertification.job
2021-08-30 09:38 – 2021-09-23 18:11 – 000000000 ____D C:\Program Files (x86)\Overwolf
2021-08-30 09:38 – 2021-08-30 09:38 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2021-08-30 09:38 – 2021-08-30 09:38 – 000000000 ____D C:\ProgramData\Overwolf
2021-08-30 09:15 – 2021-09-25 15:55 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Local\Overwolf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-25 17:14 – 2019-06-12 02:34 – 000000000 ____D C:\ProgramData\Common
2021-09-25 17:08 – 2019-11-26 11:27 – 000000000 ____D C:\Program Files (x86)\Google
2021-09-25 17:02 – 2021-03-18 16:19 – 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-25 16:30 – 2021-03-18 16:28 – 000842414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-25 16:30 – 2019-12-07 17:13 – 000000000 ____D C:\WINDOWS\INF
2021-09-25 16:28 – 2019-12-03 19:23 – 000000632 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-09-25 15:57 – 2021-04-30 22:01 – 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-09-25 15:55 – 2019-12-14 21:42 – 000000000 ____D C:\ProgramData\boost_interprocess
2021-09-25 15:55 – 2019-11-26 15:34 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Roaming\Smadav
2021-09-25 15:55 – 2019-11-26 11:09 – 000000000 ___RD C:\Users\Junel D. Alviola\OneDrive
2021-09-25 15:54 – 2021-03-18 16:24 – 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-25 15:54 – 2021-03-18 16:19 – 000008192 ___SH C:\DumpStack.log.tmp
2021-09-25 15:54 – 2019-12-11 23:27 – 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-09-25 15:54 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-25 15:54 – 2019-12-07 17:14 – 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-25 15:54 – 2019-12-07 17:03 – 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-09-25 15:54 – 2019-11-26 11:07 – 000000000 __SHD C:\Users\Junel D. Alviola\IntelGraphicsProfiles
2021-09-25 15:54 – 2019-06-12 01:14 – 000000000 ____D C:\ProgramData\NVIDIA
2021-09-25 15:54 – 2019-06-12 01:13 – 000000000 ____D C:\Intel
2021-09-25 14:48 – 2021-03-18 15:56 – 000000000 ____D C:\Users\Junel D. Alviola
2021-09-25 14:19 – 2020-04-16 13:53 – 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-25 14:17 – 2020-04-16 13:53 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\LocalLow\Mozilla
2021-09-25 14:17 – 2020-04-16 13:53 – 000000000 ____D C:\ProgramData\Mozilla
2021-09-25 14:16 – 2020-04-16 13:53 – 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-09-25 14:06 – 2019-11-26 20:34 – 000000000 ____D C:\Program Files\Microsoft Office
2021-09-25 13:46 – 2019-11-26 11:33 – 000000001 _____ C:\Users\Public\Documents\dgc_DC.txt
2021-09-24 16:23 – 2021-01-02 12:41 – 000000000 ____D C:\Program Files\KMSpico
2021-09-23 21:50 – 2019-12-13 20:08 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Roaming\vlc
2021-09-23 20:40 – 2020-12-09 07:16 – 000000000 ____D C:\Program Files (x86)\IQ Option
2021-09-23 18:34 – 2019-11-26 11:22 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Local\D3DSCache
2021-09-23 18:26 – 2021-08-12 13:39 – 000000000 ____D C:\Program Files\Google
2021-09-23 18:19 – 2021-03-18 15:56 – 000002419 _____ C:\Users\Junel D. Alviola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-22 10:48 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\NDF
2021-09-22 10:37 – 2019-11-26 16:15 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Local\CrashDumps
2021-09-22 10:12 – 2020-07-23 14:55 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Roaming\Authy Desktop
2021-09-22 10:12 – 2019-11-27 10:14 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Local\SquirrelTemp
2021-09-22 09:52 – 2019-11-26 15:34 – 000000000 __SHD C:\[Smad-Cage]
2021-09-21 22:54 – 2019-11-26 11:26 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Local\Google
2021-09-21 21:44 – 2019-12-07 17:03 – 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-21 21:32 – 2019-12-07 17:03 – 000000000 ____D C:\WINDOWS\servicing
2021-09-21 21:13 – 2021-03-18 16:19 – 000573160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-21 21:12 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\SystemResources
2021-09-21 21:12 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-21 21:12 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-21 17:20 – 2019-11-26 16:13 – 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-21 16:45 – 2019-11-26 16:13 – 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-20 12:52 – 2019-06-12 01:12 – 000000000 ____D C:\ProgramData\Package Cache
2021-09-20 12:33 – 2021-04-30 22:02 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Local\UnrealEngine
2021-09-20 12:24 – 2019-12-14 21:00 – 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2021-09-20 12:24 – 2019-12-14 21:00 – 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2021-09-20 12:10 – 2021-04-19 06:46 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Local\Downloaded Installations
2021-09-18 20:37 – 2021-04-29 12:12 – 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-09-18 20:37 – 2019-12-07 17:14 – 000000000 ___HD C:\Program Files\WindowsApps
2021-09-18 20:36 – 2020-06-25 20:12 – 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 20:27 – 2021-08-19 15:23 – 000000000 ____D C:\Users\defaultuser100001
2021-09-18 20:27 – 2019-12-07 17:52 – 000000000 ____D C:\Program Files\Windows Portable Devices
2021-09-18 20:27 – 2019-12-07 17:52 – 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-09-18 20:27 – 2019-12-07 17:52 – 000000000 ____D C:\Program Files\Windows Multimedia Platform
2021-09-18 20:27 – 2019-12-07 17:52 – 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2021-09-18 20:27 – 2019-12-07 17:52 – 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-09-18 20:27 – 2019-12-07 17:52 – 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2021-09-18 20:27 – 2019-12-07 17:50 – 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ___SD C:\WINDOWS\system32\UNP
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ___SD C:\WINDOWS\system32\F12
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ___SD C:\WINDOWS\system32\dsc
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ___RD C:\WINDOWS\PrintDialog
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\setup
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\downlevel
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\Com
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\ShellExperiences
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\IME
2021-09-18 20:27 – 2019-12-07 17:14 – 000000000 ____D C:\Program Files\Common Files\System
2021-09-18 20:27 – 2019-06-12 01:16 – 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2021-09-18 20:26 – 2019-12-18 20:52 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Roaming\CC
2021-09-18 20:26 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\Containers
2021-09-18 20:26 – 2019-11-27 17:52 – 000000000 ____D C:\ProgramData\FLEXnet
2021-09-18 19:57 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\registration
2021-09-18 19:56 – 2021-04-30 18:43 – 000000000 ____D C:\ProgramData\Riot Games
2021-09-18 19:56 – 2021-04-07 22:39 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Local\NVIDIA Corporation
2021-09-18 19:56 – 2019-06-12 01:16 – 000000000 ____D C:\ProgramData\A-Volute
2021-09-18 17:50 – 2019-12-17 20:49 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Local\ElevatedDiagnostics
2021-09-15 16:57 – 2021-01-11 17:39 – 000044861 _____ C:\Users\Junel D. Alviola\battery-report.html
2021-09-11 11:24 – 2020-03-20 15:24 – 000000000 ____D C:\Users\Junel D. Alviola\AppData\Roaming\Zoom
2021-09-11 10:08 – 2021-05-04 06:58 – 000000000 ____D C:\Program Files\Riot Vanguard
2021-09-09 14:00 – 2019-01-24 01:58 – 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-09-09 13:55 – 2021-02-18 14:43 – 000000000 ___RD C:\Users\Junel D. Alviola\Desktop\Files
2021-09-04 18:32 – 2020-10-15 22:06 – 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-04 18:21 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-04 18:21 – 2019-12-07 17:14 – 000000000 ____D C:\WINDOWS\Provisioning
2021-08-31 17:48 – 2019-11-26 15:26 – 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Files in the root of some directories ========
2021-09-20 12:17 – 2021-09-22 09:53 – 000001256 _____ () C:\Users\Junel D. Alviola\AppData\Roaming\ETABS.settings
2020-04-15 10:48 – 2021-03-02 09:16 – 000000600 _____ () C:\Users\Junel D. Alviola\AppData\Roaming\winscp.rnd
2020-04-15 10:48 – 2021-03-02 09:21 – 000000128 _____ () C:\Users\Junel D. Alviola\AppData\Local\PUTTY.RND
2021-02-17 17:24 – 2021-02-17 17:24 – 000001619 _____ () C:\Users\Junel D. Alviola\AppData\Local\recently-used.xbel
2020-09-30 00:08 – 2020-09-30 00:08 – 000000000 _____ () C:\Users\Junel D. Alviola\AppData\Local\{82DE8673-2418-4E2F-98F6-059E1D835DB4}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by Junel D. Alviola (25-09-2021 18:01:43)
Running from C:\Users\Junel D. Alviola\Desktop
Windows 10 Home Single Language Version 20H2 19042.1237 (X64) (2021-03-18 08:24:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-171464497-1134113136-1496924207-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-171464497-1134113136-1496924207-503 – Limited – Disabled)
Guest (S-1-5-21-171464497-1134113136-1496924207-501 – Limited – Disabled)
Junel D. Alviola (S-1-5-21-171464497-1134113136-1496924207-1001 – Administrator – Enabled) => C:\Users\Junel D. Alviola
WDAGUtilityAccount (S-1-5-21-171464497-1134113136-1496924207-504 – Limited – Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A360 Desktop (HKLM\…\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 – Autodesk)
Adobe Flash Player 18 NPAPI (HKLM-x32\…\Adobe Flash Player NPAPI) (Version: 18.0.0.232 – Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\…\PHSP_21_1_3) (Version: 21.1.3 – Adobe Inc.)
Adobe Reader XI (11.0.20) (HKLM-x32\…\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 – Adobe Systems Incorporated)
AnyFix – iOS System Recovery (HKLM\…\AnyFix – iOS System Recovery) (Version: 1.1.1.0 – iMobie Inc.)
Authy Desktop (HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\authy) (Version: 1.8.3 – Twilio Inc.)
AutoCAD 2019 – English (HKLM\…\{28B89EEF-2001-0409-2102-CF3F3A09B77D}) (Version: 23.0.46.0 – Autodesk) Hidden
Autodesk Advanced Material Library Base Resolution Image Library 2021 (HKLM-x32\…\{C9FDA270-A0B9-45EE-8748-F37DF1370767}) (Version: 19.1.23.0 – Autodesk)
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\…\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 – Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2021 (HKLM-x32\…\{AB7DC10F-1D72-4F90-988F-CDC2D6323A48}) (Version: 19.1.23.0 – Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2021 (HKLM-x32\…\{B4545986-9002-4090-9E58-44F985F2FF4F}) (Version: 19.1.23.0 – Autodesk)
Autodesk App Manager 2016-2019 (HKLM-x32\…\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 – Autodesk)
Autodesk AutoCAD 2019 – English (HKLM\…\AutoCAD 2019 – English) (Version: 23.0.46.0 – Autodesk)
Autodesk AutoCAD Civil 3D 2018 – English (HKLM\…\{28B89EEF-1000-0409-2102-CF3F3A09B77D}) (Version: 12.0.842.0 – Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 – English (HKLM\…\Autodesk AutoCAD Civil 3D 2018 – English) (Version: 12.0.842.0 – Autodesk)
Autodesk AutoCAD Civil 3D 2018 Object Enabler 32 Bit (HKLM-x32\…\{6979BD25-1000-479A-0001-72684B59A545}) (Version: 12.0.842.0 – Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 Object Enabler 32 Bit (HKLM-x32\…\{9d04fcf1-1000-9043-0001-39caef5b9ebc}) (Version: 12.0.842.0 – Autodesk)
Autodesk AutoCAD Civil 3D 2018 Object Enabler 64 Bit (HKLM\…\{6979BD25-1000-479A-1001-72684B59A545}) (Version: 12.0.842.0 – Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 Object Enabler 64 Bit (HKLM-x32\…\{9d04fc1e-1000-4390-1001-39caef5b9ebc}) (Version: 12.0.842.0 – Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\…\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 – Autodesk)
Autodesk Cloud Models for Revit 2021 (HKLM\…\{AA384BE4-2101-0010-0000-97E7D7D021A0}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Desktop App (HKLM-x32\…\Autodesk Desktop App) (Version: 8.0.0.46 – Autodesk)
Autodesk Featured Apps 2016-2019 (HKLM-x32\…\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 – Autodesk)
Autodesk Material Library 2018 (HKLM-x32\…\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 – Autodesk)
Autodesk Material Library 2019 (HKLM-x32\…\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 – Autodesk)
Autodesk Material Library 2021 (HKLM-x32\…\{8C559572-4A10-43C2-9346-6E7C7E012487}) (Version: 19.1.23.0 – Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\…\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 – Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\…\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 – Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\…\{EFC36459-CD89-44F3-BA04-B7C5804199AF}) (Version: 19.1.23.0 – Autodesk)
Autodesk Material Library Low Resolution Image Library 2021 (HKLM-x32\…\{AD6312B6-3056-460A-833F-02654FAC5FCE}) (Version: 19.1.23.0 – Autodesk)
Autodesk Material Library Medium Resolution Image Library 2021 (HKLM-x32\…\{69D8FFED-B14E-4998-BBC2-535006E195D6}) (Version: 19.1.23.0 – Autodesk)
Autodesk ReCap (HKLM\…\Autodesk ReCap 360) (Version: 5.0.0.40 – Autodesk)
Autodesk ReCap Photo (HKLM\…\Autodesk ReCap Photo) (Version: 19.0.0.38 – Autodesk)
Autodesk Revit 2021 (HKLM\…\Revit 2021) (Version: 21.0.0.383 – Autodesk)
Autodesk Revit 2021 Revit MEP Imperial Content (HKLM\…\{80B2AAE7-4B04-4BDE-B545-DA0298C548FD}) (Version: 2.2 – Autodesk)
Autodesk Revit 2021 Revit MEP Metric Content (HKLM\…\{18FAFC92-6F7A-4894-ACD1-19EC6C4E639B}) (Version: 2.2 – Autodesk)
Autodesk Revit Content Core 2021 (HKLM\…\{583895D0-2021-0410-0000-9241AD002DA5}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Core-RVT 2021 (HKLM\…\{CC7D1ED0-2021-0410-0000-1CC925969102}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Core-RVT 2021 (HKLM-x32\…\{1aa4d703-a089-48e4-b1d0-ae8e867add5f}) (Version: 21.0.0.0 – Autodesk) Hidden
Autodesk Revit Content Essential-CHS 2021 (HKLM\…\{848BACE1-2021-2052-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-CHT 2021 (HKLM\…\{848BACE1-2021-1028-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-CSY 2021 (HKLM\…\{848BACE1-2021-1029-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-DEU 2021 (HKLM\…\{848BACE1-2021-1031-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-DEU 2021 (HKLM-x32\…\{435bd39b-3dd5-416c-92fa-3c74410c8ea0}) (Version: 21.0.0.0 – Autodesk) Hidden
Autodesk Revit Content Essential-ENG 2021 (HKLM\…\{848BACE1-2021-2057-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-ENU 2021 (HKLM\…\{848BACE1-2021-1033-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-ENU 2021 (HKLM-x32\…\{cc2718e8-7490-46e0-b667-2d7b41238bc6}) (Version: 21.0.0.0 – Autodesk) Hidden
Autodesk Revit Content Essential-ESP 2021 (HKLM\…\{848BACE1-2021-1034-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-FRA 2021 (HKLM\…\{848BACE1-2021-1036-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-ITA 2021 (HKLM\…\{848BACE1-2021-1040-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-JPN 2021 (HKLM\…\{848BACE1-2021-1041-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-KOR 2021 (HKLM\…\{848BACE1-2021-1042-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-PLK 2021 (HKLM\…\{848BACE1-2021-1045-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-PTB 2021 (HKLM\…\{848BACE1-2021-1046-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Content Essential-RUS 2021 (HKLM\…\{848BACE1-2021-1049-A981-1A6F0898E5BC}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit Unit Schemas 2021 (HKLM\…\{CDCC6F31-2021-4900-8E9B-D562B70697B6}) (Version: 21.0.0.383 – Autodesk)
Autodesk Revit US English Base Families 2021 (HKLM\…\{E4F0A635-2021-1033-A996-5AAEF147B573}) (Version: 21.0.0.383 – Autodesk) Hidden
Autodesk Revit US English Base Families 2021 (HKLM-x32\…\{57017330-1b06-4faf-8d95-366bdef2862f}) (Version: 21.0.0.0 – Autodesk)
Autodesk Storm and Sanitary Analysis 2018 (HKLM-x32\…\{58E36D07-2112-0000-8518-C854F44898ED}) (Version: 12.0.42.0 – Autodesk)
Autodesk Storm and Sanitary Analysis 2018 x64 Plug-in (HKLM\…\{58E36D07-2122-0000-8518-C854F44898ED}) (Version: 12.0.42.0 – Autodesk)
Autodesk Subassembly Composer on Autodesk AutoCAD Civil 3D 2018 – English – English (United States) (HKLM\…\{9C40DBA9-25A9-4666-92FA-8B8AF96258C4}) (Version: 842.0 – Autodesk, Inc.)
Autodesk Vehicle Tracking 2018 (64 bit) Core (HKLM\…\{9BB641F3-24B1-427E-A850-1C02157219EC}) (Version: 18.0.533.0 – Autodesk, Inc.) Hidden
Batch Print for Autodesk Revit 2021 (HKLM\…\{82AF00E4-2101-0010-0000-FCE0F87021A0}) (Version: 21.0.0.383 – Autodesk) Hidden
Bentley OpenSTAADOEM (HKLM-x32\…\{4F180E04-ED69-40A7-95F0-2228E5C60AB2}) (Version: 08.02.09.41 – Bentley Systems, Inc.)
Bentley SPC Server v8i SS4 (HKLM-x32\…\{C88234D5-2327-4B3D-9D75-9F2749930B04}) (Version: 8.11.11.14 – Bentley Systems, Inc.)
Bentley Structure Property Catalog V8i SS4 v3.1.4.2 (HKLM-x32\…\{1D70E5D3-34E6-4EE8-BFB7-AB1DDC8DE0D1}) (Version: 3.1.4.2 – Bentley Systems, Inc.)
BUFF (HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\Overwolf_caboggillkkpgkiokbjmgldfkedbfnpkgadakcdl) (Version: 0.5.0.28 – Overwolf app)
Dragon Center (HKLM-x32\…\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.2005.0601 – Micro-Star International Co., Ltd.)
Epic Games Launcher Prerequisites (x64) (HKLM\…\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\…\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 – Epic Games, Inc.)
ETABS 18 (HKLM\…\{82EAC31A-2E83-40E8-9421-13F3BA8D1CBA}) (Version: 18.0.2 – Computers and Structures, Inc.)
eTransmit for Autodesk Revit 2021 (HKLM\…\{4477F08B-2101-0010-0000-9A09D83421A0}) (Version: 21.0.0.383 – Autodesk) Hidden
ExpertGPS 6.39.0.0 (HKLM-x32\…\ExpertGPS_is1) (Version: 6.39.0.0 – TopoGrafix)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\…\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 – FARO Scanner Production)
FARO LS 1.1.700.0 (64bit) (HKLM-x32\…\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 – FARO Scanner Production)
FormIt Converter For Revit 2021 (HKLM\…\{6865122A-3762-4ED1-A6C8-89011772ADA2}) (Version: 19.0.0.0 – Autodesk)
Garmin Trip and Waypoint Manager v5 (HKLM-x32\…\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 – Garmin Ltd or its subsidiaries)
Generative Design For Revit (HKLM\…\{C52C0D6B-722A-4B7D-BF0A-4828F5095D96}) (Version: 21.2.10.0 – Autodesk)
Genshin Impact (HKLM\…\Genshin Impact Beta) (Version: 2.3.3.0 – miHoYo Co.,Ltd)
Genshin Impact (HKLM\…\Genshin Impact) (Version: 2.11.2.0 – miHoYo Co.,Ltd)
Google Chrome (HKLM-x32\…\Google Chrome) (Version: 94.0.4606.61 – Google LLC)
Google Earth Pro (HKLM\…\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 – Google)
GPSBabel 1.6.0 (HKLM-x32\…\{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1) (Version:  – GPSBabel)
GRASP (HKLM-x32\…\ST5UNST #1) (Version:  – )
Intel® Chipset Device Software (HKLM-x32\…\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 – Intel® Corporation)
Intel® Rapid Storage Technology (HKLM\…\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.0.1072 – Intel Corporation)
Intel® Serial IO (HKLM\…\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1841.2 – Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\…\{cc6edfa9-9806-4a53-9313-f8e2d11d69c4}) (Version: 20.120.0 – Intel Corporation)
IQ Option (HKLM-x32\…\{14D7E71E-ADA6-47B5-9164-36DCA8B4CEB7}) (Version: 1.0.19956 – IQ Option Ltd)
KMSpico (HKLM\…\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  – )
KuaiZip (HKLM-x32\…\KuaiZip) (Version:  – )
Launcher Prerequisites (x64) (HKLM-x32\…\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
Mathcad 15 M050 (HKLM-x32\…\{E87C64F5-1AC1-4780-8C11-93DD65DCE627}) (Version: 15.0.5.0 – PTC)
Mathcad PDSi viewable support (HKLM-x32\…\Mathcad PDSi viewable support) (Version: 9.0.0 – Adobe Systems)
Messenger 91.5.119 (HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 91.5.119 – Facebook, Inc.)
Microsoft 365 Apps for enterprise – en-us (HKLM\…\O365ProPlusRetail – en-us) (Version: 16.0.14326.20404 – Microsoft Corporation)
Microsoft Edge (HKLM-x32\…\Microsoft Edge) (Version: 93.0.961.52 – Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\OneDriveSetup.exe) (Version: 21.170.0822.0002 – Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\…\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 – Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\…\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 – Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\…\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 – Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\…\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 – Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\339020b868450372) (Version: 17.0.5057.11 – Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\Teams) (Version: 1.3.00.21759 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM\…\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 – Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\…\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 – Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\…\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM\…\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32\…\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM\…\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32\…\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.51106 (HKLM-x32\…\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32\…\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32\…\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32\…\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40660 (HKLM-x32\…\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32\…\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40660 (HKLM-x32\…\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.23.27820 (HKLM-x32\…\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.23.27820 (HKLM-x32\…\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 – Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\…\Mozilla Firefox 92.0 (x64 en-US)) (Version: 92.0 – Mozilla)
Mozilla Maintenance Service (HKLM\…\MozillaMaintenanceService) (Version: 75.0 – Mozilla)
MSI Recovery Image Backup (HKLM-x32\…\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1812.2001 – Application) Hidden
MSI Recovery Image Backup (HKLM-x32\…\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1812.2001 – Application)
NiceHash Miner 3.0.4.0 (only current user) (HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\8abad8e2-b957-48ed-92ba-4339c2a40e78) (Version: 3.0.4.0 – H-BIT, d.o.o.)
Norton Security Scan (HKLM-x32\…\NSS) (Version: 4.6.1.179 – Symantec Corporation)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 – NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 – NVIDIA Corporation)
NVIDIA Graphics Driver 466.27 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.27 – NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\…\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\…\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\…\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 – Microsoft Corporation) Hidden
OpenStudio CLI For Revit 2021 (HKLM\…\{CD67BD67-5A43-4D49-8E6D-12C6B97A930B}) (Version: 0.1.10 – NREL)
Overwolf (HKLM-x32\…\Overwolf) (Version: 0.180.0.5 – Overwolf Ltd.)
PDF Report Writer (novaPDF 6.4  printer) (HKLM\…\PDF Report Writer_is1) (Version:  – Softland)
Personal Accelerator for Revit (HKLM\…\{286D0198-755D-44AA-8788-56BCCCC065B9}) (Version: 21.0.15.0 – Autodesk) Hidden
Personal Accelerator for Revit (HKLM\…\Personal Accelerator for Revit) (Version: 21.0.15.0 – Autodesk)
PipeLink for STAAD.Pro V8i (Build 20.14.11.04) (HKLM-x32\…\{A7979F57-9431-4CD4-AE4B-50D407EBA400}) (Version: 20.14.11.04 – Bentley Systems, Inc.)
Plex.Earth 4.8 for AutoCAD (HKLM-x32\…\{EB86D742-647C-4EC9-A229-AE31CC4DF5A9}) (Version: 4.8.7277 – Plexscape)
PTC Diagnostic Tools (HKLM\…\{1B24B434-F1AF-43DF-8947-AF9B98707176}) (Version: 6.0.3.0 – PTC)
PTC Mathcad Prime 6.0.0.0 (HKLM\…\{A2949F3D-5AB5-483D-95BD-CCD1D2E7A70E}) (Version: 6.0.0.0 – PTC)
Realtek Ethernet Controller Driver (HKLM-x32\…\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 – Realtek)
Realtek High Definition Audio Driver (HKLM-x32\…\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8622 – Realtek Semiconductor Corp.)
Remo Repair RAR (HKLM-x32\…\{E09BC02C-78B3-40CE-84B5-825A2E3012DF}_is1) (Version: 1.0.0.12 – Remo Software)
Revit 2021 (HKLM\…\{7346B4A0-2100-0510-0000-705C0D862004}) (Version: 21.0.0.383 – Autodesk) Hidden
Riot Vanguard (HKLM\…\Riot Vanguard) (Version:  – Riot Games, Inc.)
SHAREit (HKLM-x32\…\www.ushareit.com_is1) (Version: 4.0.6.177 – SHAREit Technologies Co.Ltd)
Shotcut (HKLM\…\Shotcut) (Version: 20.11.28 – Meltytech, LLC)
SketchUp 2019 (HKLM\…\{E16DD37C-6FBC-F51F-702E-DD6E92D6ED68}) (Version: 19.1.174.20409 – Trimble, Inc.)
SketchUp 2021 (HKLM-x32\…\{09480c81-5458-4d69-ab73-ee488fe8c297}) (Version: 21.0.339 – Trimble, Inc.)
SketchUp Import 2016-2019 (HKLM-x32\…\{74DB912B-CF86-474C-A6BF-E2B8641DBABD}) (Version: 2.5.0 – Autodesk)
SketchUp Import 2020 (HKLM-x32\…\{92FAED02-1770-4096-BC67-60A44B5124B4}) (Version: 3.0.0 – Autodesk)
SketchUpPro (HKLM\…\{db5288e9-89f4-722c-9939-39e899d2e519}) (Version: 21.0.339.121 – SketchUp) Hidden
SMADAV version 14.6.0 (HKLM-x32\…\{8B9FA5FF-3E61-4658-B0DA-E6DDB46D6BAD}_is1) (Version: 14.6.0 – Smadsoft)
Speccy (HKLM\…\Speccy) (Version: 1.32 – Piriform)
STAAD.foundation V8i (SELECTseries 4) Release 5.3 (HKLM-x32\…\{EF9432B0-F705-46FB-A864-2AE17F571E7A}) (Version: 05.03.00.37 – Bentley Systems Inc.)
STAAD.Pro V8i SELECTseries 6 (HKLM-x32\…\{8A6D0892-27A0-4429-8C85-15DCF73B8529}) (Version: 20.07.11.33 – Bentley Systems, Inc.)
Steam (HKLM-x32\…\Steam) (Version: 2.10.91.91 – Valve Corporation)
StrucLink for STAAD.Pro V8i (Build 20.14.11.05) (HKLM-x32\…\{127FE612-C33A-410E-B11C-A98025A6D366}) (Version: 20.14.11.05 – Bentley Systems, Inc.)
Teams Machine-Wide Installer (HKLM-x32\…\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.24753 – Microsoft Corporation)
TeamViewer (HKLM-x32\…\TeamViewer) (Version: 15.2.2756 – TeamViewer)
Telegram Desktop version 2.8.11 (HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.8.11 – Telegram FZ-LLC)
VALORANT (HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\Riot Game valorant.live) (Version:  – Riot Games, Inc)
VLC media player (HKLM\…\VLC media player) (Version: 3.0.16 – VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\…\WinRAR archiver) (Version: 5.91.0 – win.rar GmbH)
Wondershare Dr.Fone (Version 10.7.6) (HKLM-x32\…\{E8F86DA8-B8E4-42C7-AFD4-EBB692AC43FD}_is1) (Version: 10.7.6.314 – Wondershare Technology Co.,Ltd.)
Worksharing Monitor for Autodesk Revit 2021 (HKLM\…\{5063E738-2101-0010-0000-7B7B9AB021A0}) (Version: 21.0.0.383 – Autodesk) Hidden
Zoom (HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\ZoomUMX) (Version: 5.7.8 (1247) – Zoom Video Communications, Inc.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.13.4.0_x86__q4d96b2w5wcc2 [2021-09-18] (Evernote)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-09-18] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-09-18] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-09-18] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-09-18] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2021-09-18] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.4.4261.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Studios)
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Studios) [MS Ad]
MSI Driver & App Center -> C:\Program Files\WindowsApps\msiappadm.MSIDriverAppCenter_1.2009.1001.0_x64__7f61qv3vk9gn2 [2021-09-18] (msiappadm)
MSI Help Desk -> C:\Program Files\WindowsApps\msiappadm.MSIHelpDesk_2.2103.3101.0_x64__7f61qv3vk9gn2 [2021-09-18] (msiappadm)
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-09-18] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.6.5.0_x64__w2gh52qy24etm [2021-09-18] (A-Volute)
Norton Studio -> C:\Program Files\WindowsApps\SymantecCorporation.NortonStudio_2.2.0.0_x86__v68kp9n051hdp [2021-09-18] (Symantec Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-09-25] (NVIDIA Corp.)
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2021-09-18] (CyberLink)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation)
PowerDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirectorforMSI_15.0.4024.0_x64__jtmmp2jxy9gb6 [2021-09-18] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2021-09-18] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.712.0_x86__zpdnekdrzrea0 [2021-09-18] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-09-18] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-171464497-1134113136-1496924207-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Junel D. Alviola\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-171464497-1134113136-1496924207-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-171464497-1134113136-1496924207-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-171464497-1134113136-1496924207-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\Junel D. Alviola\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-171464497-1134113136-1496924207-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-171464497-1134113136-1496924207-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-171464497-1134113136-1496924207-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Junel D. Alviola\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-171464497-1134113136-1496924207-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2018-01-30] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => C:\Program Files\KuaiZip\KZipShell.dll [2011-09-08] (Suzhou Shijie Software Co., LTD -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-01-30] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-10-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => C:\Program Files\KuaiZip\KZipShell.dll [2011-09-08] (Suzhou Shijie Software Co., LTD -> )
ContextMenuHandlers1: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => C:\Program Files\KuaiZip\KZipShell.dll [2011-09-08] (Suzhou Shijie Software Co., LTD -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => C:\Program Files\KuaiZip\KZipShell.dll [2011-09-08] (Suzhou Shijie Software Co., LTD -> )
ContextMenuHandlers3: [SmadExt] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => C:\Program Files (x86)\SMADAV\SmadExtMenu64.dll [2019-10-18] (Zainuddin Nafarin -> Smadsoft)
ContextMenuHandlers4: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => C:\Program Files\KuaiZip\KZipShell.dll [2011-09-08] (Suzhou Shijie Software Co., LTD -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_84aacc51d349bef7\nvshext.dll [2021-04-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-10-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [SmadExt] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => C:\Program Files (x86)\SMADAV\SmadExtMenu64.dll [2019-10-18] (Zainuddin Nafarin -> Smadsoft)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\…\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\…\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-06-06 23:17 – 2021-06-06 23:17 – 000187392 _____ (Fortemedia) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj\FMAPOCTL.dll
2021-05-07 11:43 – 2021-05-07 11:50 – 042557440 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.dll
2019-11-27 21:43 – 2019-11-27 21:43 – 000000000 ____L (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder) C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2019-11-27 21:43 – 2019-11-27 21:43 – 000000000 ____L (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder) C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2019-06-12 01:58 – 2019-06-12 01:58 – 000023040 _____ (Synaptics Incorporated.) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj\SynAudSrvDll.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:8FAE08A5 [206]
AlternateDataStreams: C:\Users\Junel D. Alviola\Application Data:401b39480725c581a77cd78cb5a228f5 [394]
AlternateDataStreams: C:\Users\Junel D. Alviola\AppData\Roaming:401b39480725c581a77cd78cb5a228f5 [394]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe “%1”
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKU\.DEFAULT -> DefaultScope {E275DB9A-5FEF-49F6-B04E-D301B925A58C} URL = 
SearchScopes: HKU\S-1-5-21-171464497-1134113136-1496924207-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-171464497-1134113136-1496924207-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-171464497-1134113136-1496924207-1001 -> {E275DB9A-5FEF-49F6-B04E-D301B925A58C} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\google.com -> hxxps://www.google.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 15:31 – 2018-09-15 15:31 – 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-12-03 19:23 – 2021-09-25 16:28 – 000000632 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
2.168.137.251 iPhoneP.mshome.net # 2021 9 1 27 7 51 10 981
192.168.137.1 MSI.mshome.net # 2026 9 6 19 7 51 10 981
137.0.32 realme-8-5G.mshome.net # 2021 9 4 16 9 17 12 347
22 23 40 8 934
8-5G.mshome.net # 2021 7 4 29 10 19 13 947
4 18 27 10
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Junel D. Alviola\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 – 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\StartupApproved\StartupFolder: => “HoneygainUpdater.lnk”
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\StartupApproved\Run: => “com.squirrel.Teams.Teams”
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\StartupApproved\Run: => “Steam”
HKU\S-1-5-21-171464497-1134113136-1496924207-1001\…\StartupApproved\Run: => “Facebook.MessengerDesktop”
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{387DD906-10CF-4725-8227-36951854C576}C:\users\junel d. alviola\appdata\local\programs\messenger\messenger.exe] => (Block) C:\users\junel d. alviola\appdata\local\programs\messenger\messenger.exe (Facebook, Inc. -> Facebook, Inc.)
FirewallRules: [TCP Query User{C26AE1D7-5690-474F-BEEC-E7A4C32444B2}C:\users\junel d. alviola\appdata\local\programs\messenger\messenger.exe] => (Block) C:\users\junel d. alviola\appdata\local\programs\messenger\messenger.exe (Facebook, Inc. -> Facebook, Inc.)
FirewallRules: [UDP Query User{5771BEDC-EE95-489E-891D-90C088EF7C91}C:\users\junel d. alviola\appdata\local\programs\messenger\messenger.exe] => (Block) C:\users\junel d. alviola\appdata\local\programs\messenger\messenger.exe (Facebook, Inc. -> Facebook, Inc.)
FirewallRules: [TCP Query User{A9BA713A-F506-4F45-B806-DE12048C0047}C:\users\junel d. alviola\appdata\local\programs\messenger\messenger.exe] => (Block) C:\users\junel d. alviola\appdata\local\programs\messenger\messenger.exe (Facebook, Inc. -> Facebook, Inc.)
FirewallRules: [UDP Query User{4BC058DB-135B-4D67-A2D8-CAA3BE5E63A1}C:\program files (x86)\msi\dragon center\dragon center.exe] => (Allow) C:\program files (x86)\msi\dragon center\dragon center.exe (Micro-Star International Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{8BA5BFCC-3370-4EF8-AF23-E8ABDF4DCF36}C:\program files (x86)\msi\dragon center\dragon center.exe] => (Allow) C:\program files (x86)\msi\dragon center\dragon center.exe (Micro-Star International Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{B3780FC3-D3CF-4916-8C6C-694DF0D2B50D}C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\14.0\miner.exe] => (Allow) C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\14.0\miner.exe => No File
FirewallRules: [TCP Query User{52289AB9-D643-4D5E-BEFD-04A707702706}C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\14.0\miner.exe] => (Allow) C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\14.0\miner.exe => No File
FirewallRules: [{598D8AAB-8FD1-4490-AF9E-7304CAF0F618}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{43B37967-8548-4067-81BD-D71F687CF5D4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6806B84B-698B-477B-941D-AC71F118432C}] => (Allow) C:\Users\Junel D. Alviola\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{36FDF996-A136-405E-99F6-78AB443B28D0}] => (Allow) C:\Users\Junel D. Alviola\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{741EC1B7-7D4F-4906-819F-5B0DB5466E24}] => (Allow) D:\Downloads\SteamLibrary\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe => No File
FirewallRules: [{CA8C0BBF-0013-42A2-8CB1-D73643FB7112}] => (Allow) D:\Downloads\SteamLibrary\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe => No File
FirewallRules: [UDP Query User{DAE475A6-CA4F-489E-8C07-1C67AA0DFDAD}D:\downloads\steamlibrary\steamapps\common\total war three kingdoms\three_kingdoms.exe] => (Allow) D:\downloads\steamlibrary\steamapps\common\total war three kingdoms\three_kingdoms.exe => No File
FirewallRules: [TCP Query User{7A490DD6-E7D4-4473-BCEE-B3C864F9E397}D:\downloads\steamlibrary\steamapps\common\total war three kingdoms\three_kingdoms.exe] => (Allow) D:\downloads\steamlibrary\steamapps\common\total war three kingdoms\three_kingdoms.exe => No File
FirewallRules: [UDP Query User{9A0A28A2-B5F4-4D37-A6CA-61040BE006D6}D:\downloads\steamlibrary\steamapps\common\total war three kingdoms\three_kingdoms.exe] => (Allow) D:\downloads\steamlibrary\steamapps\common\total war three kingdoms\three_kingdoms.exe => No File
FirewallRules: [TCP Query User{BAB2D9A4-6110-479F-BED1-94906F18F9D7}D:\downloads\steamlibrary\steamapps\common\total war three kingdoms\three_kingdoms.exe] => (Allow) D:\downloads\steamlibrary\steamapps\common\total war three kingdoms\three_kingdoms.exe => No File
FirewallRules: [{77BA87F6-BDB8-4E72-A97F-ED1E5F276F2E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6B5B6EEA-8942-43F9-ACAF-0674489F5004}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{63085460-061A-4D9B-BC1D-B49F9C4E9B47}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{906F345E-699B-4EDF-BCF0-93FCA3E1D46B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{62FFF61C-3557-4446-8F76-7CF30685B099}C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\59bba2c0-b1ef-11e9-8e4e-bb1e2c6e76b4\bins\miniz.exe] => (Allow) C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\59bba2c0-b1ef-11e9-8e4e-bb1e2c6e76b4\bins\miniz.exe => No File
FirewallRules: [TCP Query User{1BC1BF3C-1584-4EA9-8178-412EE4DB0435}C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\59bba2c0-b1ef-11e9-8e4e-bb1e2c6e76b4\bins\miniz.exe] => (Allow) C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\59bba2c0-b1ef-11e9-8e4e-bb1e2c6e76b4\bins\miniz.exe => No File
FirewallRules: [UDP Query User{E2E423AF-FF5E-4687-81F5-C34BC16D326F}C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe] => (Allow) C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe => No File
FirewallRules: [TCP Query User{C9D26F9F-D120-498D-9BC8-41A13DB5FA42}C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe] => (Allow) C:\users\junel d. alviola\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe => No File
FirewallRules: [UDP Query User{4DD63671-D33E-476D-9C59-F73AC97F9D96}D:\rules of survival\ccmini\ccmini.exe] => (Allow) D:\rules of survival\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [TCP Query User{0CDBE5A1-6C5B-44A2-8DE0-06E1AB057CD4}D:\rules of survival\ccmini\ccmini.exe] => (Allow) D:\rules of survival\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [UDP Query User{C60D1B12-1C8C-4B1D-A0BF-9A919743ED87}D:\rules of survival\ccmini\ccmini.exe] => (Allow) D:\rules of survival\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [TCP Query User{969FA268-65BB-420C-BF8D-42586EA98886}D:\rules of survival\ccmini\ccmini.exe] => (Allow) D:\rules of survival\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [UDP Query User{0E6E0712-ED03-4D94-A5EE-A56BF0C1CDE7}D:\rules of survival\ros.exe] => (Allow) D:\rules of survival\ros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [TCP Query User{69F8B722-2879-4F9C-A364-1C151CB7DF98}D:\rules of survival\ros.exe] => (Allow) D:\rules of survival\ros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [UDP Query User{0C202C6E-5FEC-48C1-B07B-D29D499DD083}D:\rules of survival\ros.exe] => (Allow) D:\rules of survival\ros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [TCP Query User{D5963564-C192-48A5-B6BD-9D4FFBCC23E1}D:\rules of survival\ros.exe] => (Allow) D:\rules of survival\ros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [{9F017CB8-6D35-4D9F-8B4C-DDBCF4DBE577}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{78834010-C030-45E5-BAFD-230EAE775719}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{8FECD227-BE49-4A9E-A6F9-07EE9E3BE77E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{944D6C14-F670-4937-BD2A-C62018B199BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{203E2577-6BEB-4333-9626-D8A0F2D46D73}C:\users\junel d. alviola\appdata\local\temp\rar$exa0.415\msiproductreghelper.exe] => (Allow) C:\users\junel d. alviola\appdata\local\temp\rar$exa0.415\msiproductreghelper.exe => No File
FirewallRules: [TCP Query User{36D63CB6-0CCF-47B7-A609-6CCF7C545C9E}C:\users\junel d. alviola\appdata\local\temp\rar$exa0.415\msiproductreghelper.exe] => (Allow) C:\users\junel d. alviola\appdata\local\temp\rar$exa0.415\msiproductreghelper.exe => No File
FirewallRules: [{CEDF1750-3C91-4AB6-A87C-2C6960580AF7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{BCFBA31D-04EB-459C-9223-FF380AA62917}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{950F7324-21D2-49A6-BF8D-6749C4BA9E83}] => (Allow) C:\Program Files\BlueStacks_msi2\HD-Player.exe => No File
FirewallRules: [{C06C89C0-F055-4E08-884F-C7C2489DF032}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12130.20390.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{959338F4-9758-4C20-9A02-9AD92B6FD2B5}C:\users\junel d. alviola\appdata\local\temp\rar$exa0.952\msiproductreghelper.exe] => (Allow) C:\users\junel d. alviola\appdata\local\temp\rar$exa0.952\msiproductreghelper.exe => No File
FirewallRules: [UDP Query User{42174604-9EA3-4E3D-B2F9-F3D4AF602ED3}C:\users\junel d. alviola\appdata\local\temp\rar$exa0.952\msiproductreghelper.exe] => (Allow) C:\users\junel d. alviola\appdata\local\temp\rar$exa0.952\msiproductreghelper.exe => No File
FirewallRules: [TCP Query User{CC4B78B7-03A5-4111-834A-BD55DFAEBCA7}D:\rules of survival\x64\ros64.exe] => (Allow) D:\rules of survival\x64\ros64.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [UDP Query User{6912161D-F215-4432-B778-42FCF657D7E6}D:\rules of survival\x64\ros64.exe] => (Allow) D:\rules of survival\x64\ros64.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [TCP Query User{1DE1E3A4-2C2D-4340-86B9-E7DAE1626536}D:\rules of survival\x64\ros64.exe] => (Allow) D:\rules of survival\x64\ros64.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [UDP Query User{3B5289E2-6214-495A-AF3C-DD133BA7EED6}D:\rules of survival\x64\ros64.exe] => (Allow) D:\rules of survival\x64\ros64.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [{300F1430-C3F2-46CF-AF9E-DD3472AF75F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08153C66-4F1B-4698-8636-858CD8030CEA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D8BA1331-7650-4D5F-A812-D08F7CF13340}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4ED9577A-F64B-4D2F-894D-2BB0E5A61989}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3A3AA4E7-7154-4AA8-B8A3-7F3849851806}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D96E1F5E-EF3A-4567-BCC5-74FD70613985}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8283DAB0-AF2E-420C-BBFD-0B53F89D3BC2}] => (Allow) C:\Users\Junel D. Alviola\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe => No File
FirewallRules: [{840C725C-FBD7-4658-9392-A5BDC5D8E0BC}] => (Allow) D:\Program Files\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{9ED38722-3D46-4CF9-9C64-F62775503906}] => (Allow) D:\Program Files\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{67749CBD-2A40-48F9-AC39-9FCE1ADD6E07}] => (Allow) C:\Users\Junel D. Alviola\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{DE6193B8-AA90-42E3-A6A0-3E29FF9DC564}] => (Allow) C:\Users\Junel D. Alviola\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe => No File
FirewallRules: [{27DF2C7D-B8EB-4173-9295-FB07A5B51E86}] => (Allow) D:\Program Files\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{F32CC51A-85CC-4F0A-ADD2-3272E75E7467}] => (Allow) D:\Program Files\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{3A2C3CFB-45FC-430C-86F9-AB14464F4800}] => (Allow) C:\Users\Junel D. Alviola\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{1F9497E5-E3AC-401B-AF3C-554697930CA8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC06FB34-C75C-424A-9D6C-C5BAAEF3FDF8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1964756F-BC88-4CDF-B72E-12B088D9B243}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9C43F45D-2099-42FE-BB6D-4B7AE1B5CE26}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{32937539-8A17-4499-80E3-711A2BC1EA40}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6D1187FA-06D1-4D59-82BE-4767E524AAB7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4FCEB0F9-5B39-4F9E-A7DA-60FE22EFA3A0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{846CCD18-C5CF-4B98-89D8-4D9D680070D5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{60B9C0A3-4AD0-43E7-AB2B-39D6F6C3547A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BA0B0FA2-1DD4-430C-B178-0A525AEC81E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9D03004D-34D4-48B3-B5FA-D725A0625AAB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{186DCA4C-DB21-48E7-BEBB-195387A6212B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F8249B4-1CDA-4E4B-8739-A2909774E1D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06B1A5CD-23F7-4F9A-8712-017C69C55BCB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{65DBEA70-23D9-45A8-B4B2-9FF11AF92533}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.712.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2BFB081-0FB2-4F9F-9788-C09765E791C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.712.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CAB4E631-BEF8-41C8-A403-C9D4DE1C55D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.712.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AF881A2B-6029-412A-928F-58B94B1A30F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.712.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E0495C7A-4AFA-4A19-AFF8-6016E17F4B18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.712.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EC5CFAD6-D3B3-42FC-9A19-676FD5C0A8F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.712.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BCBD9198-5315-436C-9AF4-24FB83F02928}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.712.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6DA844EE-70A2-486F-8323-7CCA433A6D92}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.712.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{45EC7979-A908-4508-B936-A98BC48418F9}D:\program files\gta v\7launcher\tools\aria2\aria2c.exe] => (Block) D:\program files\gta v\7launcher\tools\aria2\aria2c.exe => No File
FirewallRules: [UDP Query User{C3CB97D7-B6E4-47D7-9CBB-C3897EE92727}D:\program files\gta v\7launcher\tools\aria2\aria2c.exe] => (Block) D:\program files\gta v\7launcher\tools\aria2\aria2c.exe => No File
FirewallRules: [{9732A03D-A702-44E4-B591-4479150631C7}] => (Allow) LPort=32682
FirewallRules: [{19F6C5A7-AC47-421A-B316-1634052ED6DC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E5186F06-E47A-4CBF-A37D-1270DE36D3BE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9953CCD9-9F56-4F47-B935-FCD55CEA1129}D:\program files\riot games\riot client\riotclientservices.exe] => (Allow) D:\program files\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{5C19DDC6-1F08-4533-A1D8-5A6014C658E4}D:\program files\riot games\riot client\riotclientservices.exe] => (Allow) D:\program files\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{1B67E2AC-D96A-4435-8683-23460F90C627}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9797D084-3B28-40D3-9662-D740280E1FF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1741F069-1587-4813-8B6D-C71702802DE8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7E76689C-0E68-44E9-9DFA-E9EF5A791081}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6F300974-4465-483D-99CE-834D69FF5A7D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C0974ED0-665A-4A1C-93D2-65AAD3FD7D7A}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A26B59EB-7B63-4262-8B3B-5BA2DFEC0C32}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D4C0B89C-120F-4344-BC07-DFA8153C1CB5}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A5108D54-CFA1-428A-B8B8-1C27645110F1}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{9C94709F-3B77-4A07-8690-11111627AFF3}] => (Allow) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe => No File
FirewallRules: [{8E85E19F-0C61-4E50-B35C-8EE02E28C10D}] => (Allow) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe => No File
FirewallRules: [{1D51F535-85AA-4DBD-ADD7-1C13BB3DD331}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe => No File
FirewallRules: [{E9351F57-0A88-4314-928D-72495D6A0B03}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe => No File
FirewallRules: [{40D71C9A-C971-4C2F-AB94-81FED208E56B}] => (Allow) LPort=1688
FirewallRules: [{1A95D137-DD69-4B48-B5C2-88C9003F54A9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => No File
FirewallRules: [{0905F280-7579-4AE0-8398-EE661B8B1803}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => No File
FirewallRules: [{7D9F7543-23BD-4BA8-992C-FE0090EA4915}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
20-09-2021 12:14:31 Installed DirectX
21-09-2021 16:35:53 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/25/2021 06:01:58 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2021-10-24T04:39:58Z. Error Code: 0x80070002.
Error: (09/25/2021 06:01:28 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2021-10-24T04:40:28Z. Error Code: 0x80070002.
Error: (09/25/2021 06:00:58 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2021-10-24T04:39:58Z. Error Code: 0x80070002.
Error: (09/25/2021 06:00:28 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2021-10-24T04:40:28Z. Error Code: 0x80070002.
Error: (09/25/2021 05:59:58 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2021-10-24T04:39:58Z. Error Code: 0x80070002.
Error: (09/25/2021 05:59:28 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2021-10-24T04:40:28Z. Error Code: 0x80070002.
Error: (09/25/2021 05:58:58 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2021-10-24T04:39:58Z. Error Code: 0x80070002.
Error: (09/25/2021 05:58:28 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2021-10-24T04:40:28Z. Error Code: 0x80070002.
System errors:
=============
Error: (09/25/2021 03:54:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service KMSELDI service failed to start due to the following error: 
The system cannot find the file specified.
Error: (09/25/2021 03:38:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service KMSELDI service failed to start due to the following error: 
The system cannot find the file specified.
Error: (09/25/2021 03:12:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service KMSELDI service failed to start due to the following error: 
The system cannot find the file specified.
Error: (09/25/2021 02:53:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service KMSELDI service failed to start due to the following error: 
The system cannot find the file specified.
Error: (09/25/2021 02:51:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the OneSyncSvc_3e6b7 service to connect.
Error: (09/25/2021 02:51:25 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} did not register with DCOM within the required timeout.
Error: (09/25/2021 02:51:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the OneSyncSvc_3e6b7 service to connect.
Error: (09/25/2021 02:49:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service KMSELDI service failed to start due to the following error: 
The system cannot find the file specified.
Windows Defender:
================
Date: 2021-09-25 16:36:34
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win64/AutoKMS
Severity: High
Category: Tool
Path: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Junel D. Alviola\Desktop\FRST64.exe
Security intelligence Version: AV: 1.349.1371.0, AS: 1.349.1371.0, NIS: 1.349.1371.0
Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10
Date: 2021-09-25 16:36:34
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win64/AutoKMS
Severity: High
Category: Tool
Path: file:_C:\Windows\SECOH-QAD.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Junel D. Alviola\Desktop\FRST64.exe
Security intelligence Version: AV: 1.349.1371.0, AS: 1.349.1371.0, NIS: 1.349.1371.0
Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10
Date: 2021-09-25 15:51:42
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-24 16:23:18
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/AutoKMS
Severity: High
Category: Tool
Path: containerfile:_C:\Program Files\KMSpico\Service_KMS.exe; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x86.dll]; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x86.exe]; process:_pid:4468,ProcessStart:132769320156529365
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\Program Files\KMSpico\Service_KMS.exe
Security intelligence Version: AV: 1.349.1309.0, AS: 1.349.1309.0, NIS: 1.349.1309.0
Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10
Date: 2021-09-24 16:23:18
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win64/AutoKMS
Severity: High
Category: Tool
Path: containerfile:_C:\Program Files\KMSpico\Service_KMS.exe; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.dll]; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.exe]; process:_pid:4468,ProcessStart:132769320156529365
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\Program Files\KMSpico\Service_KMS.exe
Security intelligence Version: AV: 1.349.1309.0, AS: 1.349.1309.0, NIS: 1.349.1309.0
Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10
CodeIntegrity:
===============
Date: 2021-06-19 14:20:42
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\vdsldr.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\SMADAV\SmadHook64c.dll that did not meet the Microsoft signing level requirements.
Date: 2021-05-26 22:22:43
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\WdiWiFi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-05-26 22:22:41
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\cimfs.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-05-26 22:22:41
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\cdrom.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info =========================== 
BIOS: American Megatrends Inc. E17F2IMS.109 05/19/2020
Motherboard: Micro-Star International Co., Ltd. MS-17F2
Processor: Intel® Core™ i5-9300H CPU @ 2.40GHz
Percentage of memory in use: 27%
Total physical RAM: 20324.63 MB
Available physical RAM: 14714.59 MB
Total Virtual: 23396.63 MB
Available Virtual: 16360.39 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:219.54 GB) (Free:48.26 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:931.5 GB) (Free:436.26 GB) NTFS
\\?\Volume{625a760d-e1cc-4fdb-a851-8471cce9a0ad}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.44 GB) NTFS
\\?\Volume{8c9cf026-ce3e-4e30-b17c-a73328501eee}\ (BIOS_RVY) (Fixed) (Total:17.64 GB) (Free:0.69 GB) NTFS
\\?\Volume{9d0f7d61-03a5-4868-8c69-21b077b9a967}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3382AFEA)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================

Source of this news: https://www.bleepingcomputer.com/forums/t/759012/proxy-script-address-http12700186-is-on-and-cant-access-google-sites/

Related posts:

Tribune shareholders approve sale of firm’s newspapers to Alden you need to The Morning Call
The vote in essence clears the way for Alden Global Capital, which earlier owns more than 31% during the company, to complete its discount to buy the rest of Tribune, that will also publishes the...
Network Server Management: Datadog vs. NetCrunch | ENP - EnterpriseNetworkingPlanet
A server is a segment of computer hardware or software that provides functionality such as computing resources, data, programs, and services for other programs or devices called clients. This archite...
Maryland businessman bids $650 million for all of Tribune, including The Baltimore Sun - Baltimore S...
Bainum subsequently made his bid for the whole company on March 16, Tribune Publishing said in the SEC filing. In addition to Baltimore Sun Media, which includes the Capital Gazette in Annapolis, Ca...
FBI Releases AvosLocker Ransomware Advisory - Security Intelligence
FBI Releases AvosLocker Ransomware Advisory <!-- --> Home& / NewsFBI Releases AvosLocker Ransomware ...
Why are some investors still supporting the dying fossil fuel economy? - Royal Dutch Shell plc .com
independent.co.uk Clean energy is the future – so why are some investors still supporting the dying fossil fuel economy? Institutional forces continue to prop up the fossil fuel economy, while ...
Microsoft-Signed Rootkit Targets Gaming Regions in China - Briwn Reading
Study have identified a rootkit with a valid digital well-known from Microsoft being being purchased within gaming environments as China. One of the rootkit, called FiveSys, is being used to re...
Everything You Need to Know About Sneaker Bots - Complex
In a nondescript warehouse at an undisclosed location in Northern New Jersey, there sits a garage space full of neatly stacked sneakers—some on shelves, some not—a basketball hoop, an Armenian flag, ...
Review: Group-IB Fraud Hunting Platform - Help Net Security
Today’s Internet is a hectic place. A lot of different web technologies and services are “glued together” and help users shop online, watch the newest movies, or stream the newest hits while jogging....
How to Find My Proxy Server Address - Techstory
A proxy server provides a valuable boost to your internet security and privacy. Most people use a proxy server to hide their actual IP address and safeguard their location. If you’re using a proxy fo...
Remote Access to Shared Storage: VPN vs. Remote Desktop - Sports Video Group
Story Highlights There have been a lot of changes to production workflows since 2020. Creative teams had to adjust to working from home, and in many cases this was done by spinning up (sometimes hast...
The many benefits of Direct LDAP/MFA Integration you would like to Security Boulevard
The particular multi-factor authentication (MFA) tool needs to communicate immediately with your central directory to help facilitate seamless logins and straightforward management. For organiza...
Chinese APT Rebrands to Target Transportation Sector - GovInfoSecurity.com
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Group Now Called Earth Centaur Tries to Access Flight Schedules Mihir Bagwe • December 20, 2021     The Chines...
Connecting people, places, and things – Cisco Networking innovations for hybrid work - Marketscreene...
The world is changing and the structure of connectivity between users, businesses, and devices has entered a new dimension. The rate of transformation has accelerated, including major advances in ...
I'm Begging You to Use a VPN at Hotels - Lifehacker
Keep your keycard with you, don’t leave valuables in your room unattended, and keep the door locked. Most of us follow basic security precautions at hotels, but I’m begging you to add one more to the...
More women than ever are starting careers in science - Nature.com
NEWS 05 August 2021 But a study of the publications of millions of researchers also suggests that women are less likely to continue their academic careers than their male counterparts. Katha...
Scientists Tap Summit Supercomputer to Study Exotic Matter in Stars - HPCwire
May 7, 2021 — At the heart of some of the smallest and densest stars in the universe lies nuclear matter that might exist in never-before-observed exotic phases. Neutron stars, which form when the co...
How to Browse The Internet Securely And Anonymously - iLounge
Browsing the web while concealing your personally identifiable information so you can’t be tracked by advertisers, websites, your ISP, the government, or hackers is known as. To get genuine online an...
Bothersome new malware targets Microsoft-exchange servers - Texas Happenings Today
another Ransomware An operator medically known as LockFile encrypts a Room windows domain after breaking into the vulnerability Microsoft-exchange A server that uses the just recently publish...

IP Rotating Proxy Onsale

SPECIAL LIMITED TIME OFFER

00
Months
00
Days
00
Hours
00
Minutes
00
Seconds
First month free with coupon code FREE30