Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

JavaScript Confirm Possible Virus [Solved]

Started by TonyRokomua , Dec 04 2015 02:32 AM
Virus Javascript Confirm WindowsWinhlp32stub

  • This topic is locked This topic is locked

#1
TonyRokomua
Posted 04 December 2015 - 02:32 AM

TonyRokomua

    New Member

  • Member
  • Pip
  • 6 posts

Hi, I have recently been receiving random pop ups on my desktop alerting me to "Javascript Confirm", asking me to click "ok" or "cancel' with gimmiky titles a couple of times a day. I have attached a screenshot of one of the pop ups and have named it "javascriptconfirm". I have been clicking the red cross on the top right to remove it.

 

I have also had my trend micro security program detecting "temp" files several times a day, proceeding to block files. I navigate to the folders and the temp files are there, and when I try to delete them, they keep reappearing. I have a screenshot of the trend micro alert named "tempfiles2", and I have attached a screenshot named "tempfiles1" that shows the location and contents of the folder.

 

Lastly I have noticed that in my system processes, a "Windows Winhlp32 Stub (32 bit)" is claiming a lot of CPU and Memory on my computer. I have searched this and have found that malware can disguise itself as this program and do harm to your computer. I have tried removing the multiple processes but they keep returning. I have attached a screenshot named "win" with my processes in the window.

 

I have used programs such as "Security Task Manager" in an attempt to find the root of the problem with no luck after removing some processes.

 

The notepad contents from Farbar are below. Thank you for your time and help.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
Ran by Tony (administrator) on TONYDELL (04-12-2015 17:44:01)
Running from C:\Users\Tony\Desktop
Loaded Profiles: Tony (Available Profiles: Tony)
Platform: Windows 10 Home (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\AP\WavesSysSvc64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel) C:\Program Files (x86)\Intel\Intel® Wake on Voice Setup\Intel®WakeonVoiceService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\IIS\RtI2SBgProc64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGui64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtI2SBgProc64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\AP\WavesSvc64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
() C:\Users\Tony\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell) C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
() C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6416.42001.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmopChromeMsgHost32.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\chrome_extension2\host\chrome_native_msg_host.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\winhlp32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\winhlp32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\winhlp32.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkNGui] => C:\Program Files\Realtek\Audio\AP\RtkNGui64.exe [9403096 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [RtI2SBgProc] => C:\Program Files\Realtek\Audio\AP\RtI2SBgProc64.exe [2707672 2014-12-17] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\AP\WavesSvc64.exe [562264 2014-04-11] (Waves Audio Ltd.)
HKLM\...\Run: [CxAgent] => C:\Program Files\Realtek\Audio\AP\CXAPOAgent64.exe [742592 2014-09-19] (Conexant Systems, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246264 2015-07-17] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1258496 2015-07-17] (Trend Micro Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\RunOnce: [DCERegBootClean64] => C:\WINDOWS\RegBootClean64.exe [399360 2015-12-02] (Trend Micro Inc.)
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Tony\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Run: [TouchFreeze] => C:\Users\Tony\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe [40960 2012-07-24] ()
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Run: [YtjcPack] => regsvr32.exe C:\Users\Tony\AppData\Local\YtjcPack\bpzxeqvr.dll <===== ATTENTION
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Run: [Aztlworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Tony\AppData\Local\Idcsoft\zwglahtc.dll
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-18] (Piriform Ltd)
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Run: [BluetoothManage] => rundll32.exe "%appdata%\Microsoft\btstack.dll",init
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2015-10-16] ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2e5067a7-5ba0-40ed-b13d-7b77c831c44b}: [DhcpNameServer] 10.0.0.138
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-326862469-2828319267-1526511065-1001 -> DefaultScope {442A480E-27AD-4417-8717-FAEBFE310C56} URL = 
SearchScopes: HKU\S-1-5-21-326862469-2828319267-1526511065-1001 -> {442A480E-27AD-4417-8717-FAEBFE310C56} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
BHO: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
BHO-x32: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2015-07-17] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2015-07-17] (Trend Micro Inc.)
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension [2015-09-22]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-12-03]
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-09-22]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://toshiba.msn.com/
CHR Profile: C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-31]
CHR Extension: (Google Docs) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-31]
CHR Extension: (Google Drive) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Google Sheets) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-31]
CHR Extension: (Google Docs Offline) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (AdBlock) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-04]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
CHR Extension: (Trend Micro Toolbar) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-11-22]
CHR Extension: (Gmail) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-31]
CHR HKU\S-1-5-21-326862469-2828319267-1526511065-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation)
R2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [45936 2014-11-14] (Dell)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [94568 2015-11-25] (Dell)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [49864 2015-08-24] ()
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [293440 2014-04-02] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-05-27] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [353896 2015-10-13] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 Intel® Wake on Voice Setup; C:\Program Files (x86)\Intel\Intel® Wake on Voice Setup\Intel®WakeonVoiceService.exe [17920 2014-09-25] (Intel) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
R2 LMS; C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [411936 2015-06-24] (Intel Corporation)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1137664 2015-07-17] (Trend Micro Inc.)
R2 RtkI2SCodec; C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe [149720 2015-07-31] (Realtek Semiconductor)
R2 WavesSysSvc; C:\Program Files\Realtek\Audio\AP\WavesSysSvc64.exe [497664 2014-04-07] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=60000 -ad -bt=0 [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11250440 2015-08-03] (Broadcom Corp)
R3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11250440 2015-08-03] (Broadcom Corp)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-05-27] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43000 2015-05-27] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [41976 2015-05-27] (Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [251384 2015-05-27] (Intel Corporation)
S3 facap; C:\Windows\system32\DRIVERS\facap.sys [37888 2012-09-03] (Windows ® Win 7 DDK provider)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [36192 2014-08-09] (Intel Corporation)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-12] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-12] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-12] (Intel Corporation)
R3 IntcADSP; C:\Windows\system32\DRIVERS\IntcADSP.sys [738576 2015-07-31] (Intel® Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 RTKI2SAC; C:\Windows\system32\DRIVERS\RTKI2SAC.sys [217816 2015-07-31] (Realtek Semiconductor Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [752856 2015-05-30] (Realsil Semiconductor Corporation)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [134280 2015-07-22] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [326896 2015-07-22] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [59712 2015-06-11] (Trend Micro Inc.)
R2 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [116576 2015-06-08] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [39056 2015-06-23] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [100320 2015-07-22] (Trend Micro Inc.)
R2 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [416608 2015-05-28] (Trend Micro Inc.)
R1 tmumh; C:\Windows\system32\DRIVERS\TMUMH.sys [91536 2015-06-29] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [116528 2015-06-26] (Trend Micro Inc.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-04 17:44 - 2015-12-04 17:44 - 00026648 _____ C:\Users\Tony\Desktop\FRST.txt
2015-12-04 17:43 - 2015-12-04 17:44 - 00000000 ____D C:\FRST
2015-12-04 17:42 - 2015-12-04 17:42 - 02350080 _____ (Farbar) C:\Users\Tony\Desktop\FRST64.exe
2015-12-04 17:10 - 2015-12-04 17:34 - 00000000 ____D C:\ProgramData\SecTaskMan
2015-12-04 17:10 - 2015-12-04 17:10 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2015-12-04 17:10 - 2015-12-04 17:10 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2015-12-04 17:10 - 2015-12-04 17:10 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2015-12-04 16:54 - 2015-12-04 16:54 - 00016148 _____ C:\WINDOWS\system32\TONYDELL_Tony_HistoryPrediction.bin
2015-12-02 17:01 - 2015-12-02 17:01 - 00003090 _____ C:\WINDOWS\RegBootClean64.CFG
2015-12-01 23:45 - 2015-12-01 23:46 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-29 15:32 - 2015-11-29 15:32 - 00000000 ____D C:\Users\Tony\AppData\LocalLow\DaylightStudios
2015-11-23 20:41 - 2015-11-23 20:41 - 00000000 ____D C:\Users\Tony\Tracing
2015-11-23 20:40 - 2015-11-27 22:24 - 00000000 ____D C:\Users\Tony\AppData\Roaming\Skype
2015-11-23 20:40 - 2015-11-23 20:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-23 20:40 - 2015-11-23 20:40 - 00000000 ____D C:\Users\Tony\AppData\Local\Skype
2015-11-23 20:40 - 2015-11-23 20:40 - 00000000 ____D C:\ProgramData\Skype
2015-11-23 20:40 - 2015-11-23 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-21 21:59 - 2015-12-02 16:55 - 00001136 _____ C:\WINDOWS\DCEBOOT.RST
2015-11-14 18:05 - 2015-11-14 18:05 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-11-11 14:23 - 2015-11-23 21:22 - 01388448 _____ C:\Users\Public\GROUP.dat
2015-11-11 13:05 - 2015-11-05 14:45 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 13:05 - 2015-11-05 14:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 13:05 - 2015-11-05 14:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 13:05 - 2015-11-05 14:43 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 13:05 - 2015-11-05 14:41 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 13:05 - 2015-11-05 14:36 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 13:05 - 2015-11-05 14:26 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 13:05 - 2015-11-05 14:26 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 13:05 - 2015-11-05 14:26 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 13:05 - 2015-11-05 14:00 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 13:05 - 2015-11-05 13:54 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 13:05 - 2015-11-05 13:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 13:05 - 2015-11-05 13:50 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 13:05 - 2015-11-05 13:48 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 13:05 - 2015-11-05 13:48 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 13:05 - 2015-11-05 13:47 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 13:05 - 2015-11-05 13:42 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 13:05 - 2015-11-05 13:41 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 13:05 - 2015-11-05 13:40 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 13:05 - 2015-11-05 13:40 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 13:05 - 2015-11-05 13:37 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 13:05 - 2015-11-05 13:36 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 13:05 - 2015-11-05 13:35 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 13:05 - 2015-11-05 13:33 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 13:05 - 2015-11-05 13:33 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 13:05 - 2015-11-05 13:31 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 13:05 - 2015-11-05 13:31 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 13:05 - 2015-11-05 13:29 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 13:05 - 2015-11-05 13:29 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 13:05 - 2015-11-05 13:28 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 13:05 - 2015-11-05 13:26 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 13:05 - 2015-11-05 13:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 13:05 - 2015-11-05 13:24 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 13:05 - 2015-11-05 13:17 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 13:05 - 2015-11-05 13:12 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 13:05 - 2015-11-05 13:10 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 13:05 - 2015-11-05 13:05 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 13:05 - 2015-11-05 13:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 13:05 - 2015-11-05 13:04 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 13:05 - 2015-11-05 13:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 13:05 - 2015-11-05 12:58 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 13:05 - 2015-11-05 12:57 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 13:05 - 2015-11-05 12:57 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 13:05 - 2015-11-05 12:53 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-11 13:04 - 2015-11-05 14:36 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 13:04 - 2015-11-05 14:31 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 13:04 - 2015-11-05 13:53 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 13:04 - 2015-11-05 13:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 13:04 - 2015-11-05 13:35 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 13:04 - 2015-11-05 13:31 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 13:04 - 2015-11-05 13:28 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 13:04 - 2015-11-05 13:03 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 13:04 - 2015-11-05 13:00 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-08 13:26 - 2015-11-08 13:26 - 00000000 ____D C:\Users\Tony\AppData\LocalLow\PCDr
2015-11-08 11:39 - 2015-11-08 11:39 - 00000000 ____D C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2015-11-08 11:39 - 2015-11-08 11:39 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2015-11-05 23:10 - 2015-11-05 23:14 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-04 17:43 - 2015-07-10 18:35 - 00000000 ____D C:\Windows
2015-12-04 17:32 - 2015-07-10 20:34 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-04 17:27 - 2015-07-31 16:37 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-04 17:27 - 2015-07-31 16:37 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-04 17:22 - 2015-07-31 16:37 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 17:22 - 2015-07-31 16:37 - 00003750 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 17:18 - 2015-08-03 15:51 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-04 16:59 - 2015-07-10 20:34 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-04 16:57 - 2015-08-03 15:51 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9F88200D-D608-49CA-8CED-CCB29F7A60BC}
2015-12-03 22:51 - 2015-07-31 18:42 - 00000010 _____ C:\Users\Tony\AppData\Local\sponge.last.runtime.cache
2015-12-03 21:49 - 2015-08-30 11:38 - 00000000 ____D C:\Users\Tony\Documents\Work
2015-12-03 21:44 - 2015-08-01 11:20 - 00000000 ____D C:\Users\Tony\Documents\Nitty Gritty
2015-12-03 21:43 - 2015-07-31 22:19 - 00000000 ___RD C:\Users\Tony\Google Drive
2015-12-03 21:42 - 2015-07-31 18:09 - 00000000 ____D C:\Users\Tony\Documents\UQ
2015-12-02 21:43 - 2015-08-01 01:18 - 00876942 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-02 21:43 - 2015-07-10 20:32 - 00000000 ____D C:\WINDOWS\INF
2015-12-02 21:35 - 2015-07-10 21:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-02 21:29 - 2015-10-03 00:21 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-02 21:29 - 2015-07-31 17:03 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-02 17:01 - 2015-10-16 23:12 - 00399360 _____ (Trend Micro Inc.) C:\WINDOWS\RegBootClean64.exe
2015-12-02 17:01 - 2015-10-16 22:41 - 00000000 ____D C:\Users\Tony\AppData\Local\Idcsoft
2015-12-02 16:57 - 2015-07-10 18:35 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-02 16:56 - 2015-08-01 01:11 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-02 16:56 - 2015-07-31 16:18 - 00000000 __SHD C:\Users\Tony\IntelGraphicsProfiles
2015-12-02 01:22 - 2015-07-10 18:35 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-02 00:41 - 2015-10-24 11:20 - 00025088 _____ (Trend Micro Inc.) C:\WINDOWS\DCEBoot64.exe
2015-12-01 23:48 - 2015-08-01 11:09 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-01 17:22 - 2015-07-31 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-11-29 22:01 - 2015-08-01 01:12 - 00000000 ____D C:\Users\Tony
2015-11-29 22:00 - 2015-07-10 20:34 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-11-29 10:53 - 2015-06-02 03:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-11-29 10:53 - 2015-06-02 03:36 - 00000000 ____D C:\Program Files\Dell
2015-11-28 20:03 - 2015-08-28 22:20 - 00000000 ____D C:\Users\Tony\.oracle_jre_usage
2015-11-28 20:03 - 2015-08-03 15:51 - 00000000 ____D C:\ProgramData\Oracle
2015-11-27 22:12 - 2015-06-02 03:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-27 18:24 - 2015-07-31 17:18 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-27 18:24 - 2015-07-10 20:34 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-23 21:22 - 2015-06-02 03:39 - 00000000 ____D C:\Temp
2015-11-22 11:47 - 2015-07-31 17:34 - 00000000 ____D C:\Users\Tony\AppData\Roaming\uTorrent
2015-11-22 10:00 - 2015-08-10 20:30 - 00000000 ____D C:\Users\Tony\Documents\Fun
2015-11-21 22:06 - 2015-06-02 03:41 - 00017236 _____ C:\WINDOWS\system32\results.xml
2015-11-21 21:40 - 2015-08-30 15:47 - 00000000 ____D C:\Users\Tony\.spyder2-py3
2015-11-19 10:46 - 2015-07-31 16:18 - 00000000 ____D C:\Users\Tony\AppData\Local\Packages
2015-11-16 20:38 - 2015-08-30 15:47 - 00000000 ____D C:\Users\Tony\.matplotlib
2015-11-15 00:21 - 2015-07-10 20:34 - 00000000 ____D C:\WINDOWS\rescache
2015-11-14 18:06 - 2015-06-02 03:35 - 00000652 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2015-11-14 18:05 - 2015-08-01 01:11 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-11-12 13:05 - 2015-07-10 20:34 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-11-12 13:05 - 2015-07-10 20:34 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-11-12 13:05 - 2015-07-10 20:34 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 13:21 - 2015-08-13 10:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 13:21 - 2015-07-10 20:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 13:18 - 2015-08-13 10:21 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-08 13:25 - 2015-09-20 13:09 - 00000000 ____D C:\Users\Tony\AppData\Local\Deployment
2015-11-08 11:49 - 2015-07-31 23:24 - 00000000 ____D C:\ProgramData\Adobe
2015-11-08 11:48 - 2015-07-31 16:18 - 00000000 ____D C:\Users\Tony\AppData\Roaming\Adobe
2015-11-08 01:22 - 2015-08-20 10:15 - 00000000 ____D C:\Users\Tony\AppData\Local\Akamai
2015-11-04 03:50 - 2015-07-10 20:36 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-04 03:50 - 2015-07-10 20:36 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2015-07-31 17:37 - 2015-07-31 17:37 - 0000036 _____ () C:\Users\Tony\AppData\Local\housecall.guid.cache
2015-07-31 18:42 - 2015-12-03 22:51 - 0000010 _____ () C:\Users\Tony\AppData\Local\sponge.last.runtime.cache
 
Files to move or delete:
====================
C:\Users\Public\GROUP.dat
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:01-12-2015
Ran by Tony (2015-12-04 17:44:47)
Running from C:\Users\Tony\Desktop
Windows 10 Home (X64) (2015-07-31 15:50:06)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-326862469-2828319267-1526511065-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-326862469-2828319267-1526511065-503 - Limited - Disabled)
Guest (S-1-5-21-326862469-2828319267-1526511065-501 - Limited - Disabled)
Tony (S-1-5-21-326862469-2828319267-1526511065-1001 - Administrator - Enabled) => C:\Users\Tony
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Trend Micro Internet Security (Enabled - Up to date) {8242D66F-41BD-4049-C2E6-E578E73B62A0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Internet Security (Enabled - Up to date) {3923378B-6787-4FC7-F856-DE0A9CBC281D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Advanced Scan to PDF Free 5.5.3 (HKLM-x32\...\Advanced Scan to PDF Free_is1) (Version:  - PDFCore Co., Ltd.)
Akamai NetSession Interface (HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Dell Customer Connect (HKLM-x32\...\{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}) (Version: 1.2.1.0 - Dell Inc.)
Dell Data Services (HKLM\...\{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}) (Version: 1.1.6.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{6D790340-C6A7-4009-9FB0-FAC1318A6CE9}) (Version: 3.0.700.0 - Dell Inc.)
Dell Help & Support (HKLM-x32\...\InstallShield_{A00269ED-FD88-4907-834B-60B70DCE82C5}) (Version: 2.0.366.0 - Dell Inc.)
Dell Help & Support (Version: 2.0.366.0 - Dell Inc.) Hidden
Dell Product Registration (HKLM-x32\...\{17FFE63C-6734-4950-B488-134B5A2505F7}) (Version: 2.04.0280 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell System Detect (HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\73f463568823ebbe) (Version: 6.7.0.2 - Dell)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 7.35.295.0 - Dell Inc.)
Eco Materials Adviser for Autodesk Inventor 2016 (64-bit) (HKLM\...\{1A56BE00-916E-432D-A576-EB00D2FF8450}) (Version: 5.6.4.44 - Granta Design Limited)
Empire TV Tycoon (HKLM-x32\...\Steam App 377900) (Version:  - Dreamsite Games)
FARO LS 1.1.503.3 (64bit) (HKLM-x32\...\{1C05E654-FB81-4274-BF32-292E3707701D}) (Version: 5.3.3.38662 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Holy Potatoes! A Weapon Shop?! (HKLM-x32\...\Steam App 363600) (Version:  - Daylight Studios)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.147 - Intel Corporation)
Intel® HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.0.0.243 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Wake on Voice (HKLM-x32\...\{A61059F4-F902-4417-8ED2-20A29972EC40}) (Version: 1.0.6 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
Python 3.4.2 (64-bit) (HKLM\...\{cd723946-09c1-38d3-8542-732ba931e9ef}) (Version: 3.4.2150 - Python Software Foundation)
Python 3.4.3 (Anaconda3 2.3.0 64-bit) (HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Python 3.4.3 (Anaconda3 2.3.0 64-bit)) (Version: 2.3.0 - Continuum Analytics, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek I2S Audio (HKLM-x32\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 6.4.10041.127 - Realtek Semiconductor Corp.)
Realtek USB Gigabit Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 8.17.812.2014 - Realtek)
Security Task Manager 2.1e (HKLM-x32\...\Security Task Manager) (Version: 2.1e - Neuber Software)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Jackbox Party Pack (HKLM-x32\...\Steam App 331670) (Version:  - Jackbox Games, Inc.)
TouchFreeze (HKLM-x32\...\{9C9744E5-2BB7-4042-BD1C-8A339480A08C}) (Version: 1.1.0 - Ivan Zhakov)
Trend Micro Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 10.0 - Trend Micro Inc.)
Trend Micro Titanium (Version: 10.0 - Trend Micro Inc.) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.400 - Broadcom Corporation)
WinDirStat 1.1.2 (HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\WinDirStat) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\iDrop.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxTest.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtCp.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\Inventor.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxApprenticeServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxInventorUtilities.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\InvResc.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\InvTXTStack.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
 
==================== Restore Points =========================
 
14-11-2015 18:04:30 Dell Update: Intel HD Graphics Driver
22-11-2015 00:20:25 Scheduled Checkpoint
27-11-2015 22:12:05 Removed Dell Backup and Recovery
01-12-2015 16:44:59 Dell Update: eDellRoot Removal
04-12-2015 17:17:52 Removed Java 8 Update 66
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 22:55 - 2013-08-22 22:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {16C54A22-5E31-4646-B6B7-D2DEE6D2C457} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-02] (Aviata Inc)
Task: {295DD193-AA04-4F03-9047-8A4EE1D80436} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {34B24FA6-15FD-426C-9195-BF7E592A3112} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {3E1D5D8F-E07C-4C33-B3EC-7716FF779D78} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {408CC256-8ABA-441D-B8D5-DB5312392A7B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {4FEAE171-95A4-454B-B499-D3FBE830962C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {59C3504E-6B03-4BE0-B535-B9AC895801C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-18] (Piriform Ltd)
Task: {62773727-6557-4C69-8225-F2FD4DE0A337} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {796C2C08-4032-4721-A129-38AD451B44A3} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {86450ADC-0B47-4400-A4CF-7FB2ACEB3501} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {8EB4DA4B-A5E5-4DF1-BA6B-063E3223A2C1} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-02] (Aviata Inc)
Task: {8EE813A4-4C11-441D-A739-2A3C5AB05D58} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {9A75889F-D7C0-4CB0-B76B-7211A61B9A9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {A2FC0F28-AC8F-4DAE-B354-BD42FDEF6138} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {B611EDF2-1587-43E0-B51F-F2F714A867FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C3072D73-6996-4AA4-93FA-6E4199B7B372} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {C5114E1B-7530-4227-8C08-4E987A65326D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {C51C9737-385F-4C33-BBDB-0163EB0EF44F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C80631A4-82F3-4C5B-8BE3-0B02BC76F01D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-11] (Microsoft Corporation)
Task: {E5293304-D452-41F0-B17A-C4780F182301} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-13] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RunDFS.job => cmd /c sc start Dell Foundation Services WORKGROUP TONYDELL
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Anaconda Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Users\Tony\Anaconda3\Scripts\anaconda.bat" <==== ATTENTION
ShortcutWithArgument: C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Wakari (in the cloud).lnk -> C:\Users\Tony\Anaconda3\pythonw.exe () -> -m webbrowser -t "hxxps://www.wakari.io/" <==== ATTENTION
 
 
 

Attached Thumbnails

  • javascriptconfirm.png
  • tempfiles1.png
  • win.png
  • tempfiles2.png

  • 0

Advertisements

#2
Essexboy
Posted 04 December 2015 - 07:14 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you let me know if this stops the alerts

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Run: [YtjcPack] => regsvr32.exe C:\Users\Tony\AppData\Local\YtjcPack\bpzxeqvr.dll <===== ATTENTION
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Run: [Aztlworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Tony\AppData\Local\Idcsoft\zwglahtc.dll
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\iDrop.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxTest.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtCp.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\Inventor.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxApprenticeServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxInventorUtilities.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\InvResc.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\InvTXTStack.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
Task: {295DD193-AA04-4F03-9047-8A4EE1D80436} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {34B24FA6-15FD-426C-9195-BF7E592A3112} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {3E1D5D8F-E07C-4C33-B3EC-7716FF779D78} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4FEAE171-95A4-454B-B499-D3FBE830962C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {796C2C08-4032-4721-A129-38AD451B44A3} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {86450ADC-0B47-4400-A4CF-7FB2ACEB3501} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {B611EDF2-1587-43E0-B51F-F2F714A867FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C51C9737-385F-4C33-BBDB-0163EB0EF44F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
C:\Users\Tony\AppData\Local\YtjcPack
C:\Users\Tony\AppData\Local\Idcsoft
C:\Users\Public\GROUP.dat
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
TonyRokomua
Posted 04 December 2015 - 07:31 AM

TonyRokomua

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Hi, I did the steps you laid out and these are the text files. The first is the fixlog and the second is the adw cleaner. Thank you so much for the help.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:01-12-2015
Ran by Tony (2015-12-04 22:49:01) Run:1
Running from C:\Users\Tony\Desktop
Loaded Profiles: Tony (Available Profiles: Tony)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Run: [YtjcPack] => regsvr32.exe C:\Users\Tony\AppData\Local\YtjcPack\bpzxeqvr.dll <===== ATTENTION
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\...\Run: [Aztlworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Tony\AppData\Local\Idcsoft\zwglahtc.dll
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\iDrop.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxTest.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtCp.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\Inventor.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxApprenticeServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxInventorUtilities.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\InvResc.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\InvTXTStack.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
Task: {295DD193-AA04-4F03-9047-8A4EE1D80436} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {34B24FA6-15FD-426C-9195-BF7E592A3112} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {3E1D5D8F-E07C-4C33-B3EC-7716FF779D78} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4FEAE171-95A4-454B-B499-D3FBE830962C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {796C2C08-4032-4721-A129-38AD451B44A3} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {86450ADC-0B47-4400-A4CF-7FB2ACEB3501} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {B611EDF2-1587-43E0-B51F-F2F714A867FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C51C9737-385F-4C33-BBDB-0163EB0EF44F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
C:\Users\Tony\AppData\Local\YtjcPack
C:\Users\Tony\AppData\Local\Idcsoft
C:\Users\Public\GROUP.dat
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\Software\Microsoft\Windows\CurrentVersion\Run\\YtjcPack => value removed successfully
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Aztlworks => value removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}" => key removed successfully
"HKU\S-1-5-21-326862469-2828319267-1526511065-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{295DD193-AA04-4F03-9047-8A4EE1D80436}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{295DD193-AA04-4F03-9047-8A4EE1D80436}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34B24FA6-15FD-426C-9195-BF7E592A3112}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34B24FA6-15FD-426C-9195-BF7E592A3112}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncherTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3E1D5D8F-E07C-4C33-B3EC-7716FF779D78}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E1D5D8F-E07C-4C33-B3EC-7716FF779D78}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4FEAE171-95A4-454B-B499-D3FBE830962C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FEAE171-95A4-454B-B499-D3FBE830962C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{796C2C08-4032-4721-A129-38AD451B44A3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{796C2C08-4032-4721-A129-38AD451B44A3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86450ADC-0B47-4400-A4CF-7FB2ACEB3501}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86450ADC-0B47-4400-A4CF-7FB2ACEB3501}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemToolsDailyTest" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B611EDF2-1587-43E0-B51F-F2F714A867FE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B611EDF2-1587-43E0-B51F-F2F714A867FE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C51C9737-385F-4C33-BBDB-0163EB0EF44F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C51C9737-385F-4C33-BBDB-0163EB0EF44F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
C:\Users\Tony\AppData\Local\YtjcPack => moved successfully
C:\Users\Tony\AppData\Local\Idcsoft => moved successfully
C:\Users\Public\GROUP.dat => moved successfully
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-326862469-2828319267-1526511065-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.8.10240 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 424 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 22:49:33 ====
 
 
# AdwCleaner v5.023 - Logfile created 04/12/2015 at 22:55:14
# Updated 30/11/2015 by Xplode
# Database : 2015-12-03.1 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Tony - TONYDELL
# Running from : C:\Users\Tony\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\SecTaskMan
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : flightaware.com
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [865 bytes] ##########
 

 


  • 0

#4
Essexboy
Posted 04 December 2015 - 07:50 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK could you confirm that the Java popups are now history

Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Ensure that "Enable free trial of Malwarebytes Anti-Malware Premium" is unchecked
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

To access logs from Malwarebytes Anti-Malware 2.0:

mbamlogs.JPG

1.Open Malwarebytes Anti-Malware 2.0
2.Click History > Application Logs
3.Double-click the log you would like to open

Scan Logs record detections from manual scans, including threats detected and the actions taken against them

To save a Scan Log:

1.Open the log file you would like to save
2.Click Export
3.Choose to export to a .txt
4.Choose a folder to save the log file in, then click Save
5.Post that log here
  • 0

#5
TonyRokomua
Posted 04 December 2015 - 09:19 AM

TonyRokomua

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

I followed your instructions and before I opened the "Malwarebites" another Java pop up came up. Screenshot attached.

 

Below is the txt file from the scan.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 5/12/2015
Scan Time: 12:23 AM
Logfile: scanlog.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2015.12.04.03
Rootkit Database: v2015.11.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Tony
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 350902
Time Elapsed: 6 min, 31 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 3
Trojan.Redyms, C:\Users\Tony\AppData\Roaming\Microsoft\btstack.dll, Delete-on-Reboot, [e033ffa2a0eb142214220163e22253ad], 
Trojan.Redyms, C:\Users\Tony\AppData\Roaming\Microsoft\btstack.dll, Delete-on-Reboot, [e033ffa2a0eb142214220163e22253ad], 
Trojan.Redyms, C:\Users\Tony\AppData\Roaming\Microsoft\btstack.dll, Delete-on-Reboot, [e033ffa2a0eb142214220163e22253ad], 
 
Registry Keys: 1
Trojan.Sathurbot, HKLM\SOFTWARE\CLASSES\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208}, Quarantined, [4fc4cad743489d99098c52f3c141ce32], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 5
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor, Delete-on-Reboot, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
 
Files: 14
Trojan.Redyms, C:\Users\Tony\AppData\Roaming\Microsoft\btstack.dll, Delete-on-Reboot, [e033ffa2a0eb142214220163e22253ad], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll, Delete-on-Reboot, [4fc4cad743489d99098c52f3c141ce32], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityHelper.dll, Delete-on-Reboot, [62b14c55b1dac175883292bfe71a15eb], 
Trojan.Injector, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp60C2.exe, Quarantined, [9182efb23c4f21159b9ec9ec60a17f81], 
PUP.Optional.InstallCore, C:\Users\Tony\AppData\Roaming\New Version Available\AdvancedScantoPDFFree.exe, Quarantined, [0112930e95f60f274690bc89ef127e82], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\zepplauncher.mif, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp3797.exe, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp3797.tmp, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp60C2.tmp, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp96B6.exe, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp96B6.tmp, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpB95E.exe, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpB95E.tmp, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\{0695F501-C590-5A83-D2C5-F8DCEFA7060B}, Quarantined, [5eb508997318bc7a750b3a325fa346ba], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Attached Thumbnails

  • newscreenshot.png

  • 0

#6
Essexboy
Posted 04 December 2015 - 10:23 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you get any java popups after MBAM ran ?

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#7
TonyRokomua
Posted 04 December 2015 - 06:28 PM

TonyRokomua

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

I haven't received a javascript pop up since the last scan. Below is the aswmbr scan. Thanks again.

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-12-05 09:05:34
-----------------------------
09:05:34.090    OS Version:A Windows x64 6.2.9200 
09:05:34.090    Number of processors: 4 586 0x3D04
09:05:34.090    ComputerName: TONYDELL  UserName: Tony
09:05:35.902    Initialize success
09:05:36.027    VM: initialized successfully
09:05:36.027    VM: Intel CPU supported 
09:05:58.904    VM: disk I/O iaStorA.sys
09:12:05.285    AVAST engine defs: 15120403
09:13:18.804    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003f
09:13:18.819    Disk 0 Vendor: SAMSUNG_SSD_PM851_M.2_2280_256GB EXT23D0Q Size: 244198MB BusType: 11
09:13:18.835    Disk 0 MBR read successfully
09:13:18.835    Disk 0 MBR scan
09:13:18.882    Disk 0 unknown MBR code
09:13:18.897    Disk 0 Partition 1 00     EE            GPT           2097151 MB offset 1
09:13:18.991    Disk 0 scanning C:\WINDOWS\system32\drivers
09:13:44.107    Service scanning
09:14:14.740    Modules scanning
09:14:14.756    Disk 0 trace - called modules:
09:14:14.771    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys 
09:14:14.787    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00114c07060]
09:14:14.787    3 CLASSPNP.SYS[fffff80156b37d95] -> nt!IofCallDriver -> [0xffffe001102b02f0]
09:14:14.802    5 ACPI.sys[fffff80155821361] -> nt!IofCallDriver -> [0xffffe001102b0090]
09:14:14.802    7 ACPI.sys[fffff80155821361] -> nt!IofCallDriver -> \Device\0000003f[0xffffe00110262400]
09:14:15.511    AVAST engine scan C:\WINDOWS
09:14:17.214    AVAST engine scan C:\WINDOWS\system32
09:19:14.228    AVAST engine scan C:\WINDOWS\system32\drivers
09:19:38.156    AVAST engine scan C:\Users\Tony
09:38:59.818    AVAST engine scan C:\ProgramData
09:42:36.266    Disk 0 statistics 4361816/0/0 @ 1948.58 MB/s
09:42:36.272    Scan finished successfully
09:56:34.758    Disk 0 MBR has been saved successfully to "C:\Users\Tony\Desktop\MBR.dat"
09:56:34.764    The log file has been saved successfully to "C:\Users\Tony\Desktop\aswmbr_scan.txt"

  • 0

#8
Essexboy
Posted 05 December 2015 - 07:21 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Any further problems before I tidy up ?
  • 0

#9
TonyRokomua
Posted 05 December 2015 - 05:42 PM

TonyRokomua

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

I think that's the lot thank you! Quick questions though, are you able to give me a quick description for what it was that was on my computer? Also am I able to uninstall the programs used during this process?


  • 0

#10
Essexboy
Posted 06 December 2015 - 05:24 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It was a Trojan of this family https://www.microsof.../Redyms.A#tab=2

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#11
TonyRokomua
Posted 06 December 2015 - 07:48 AM

TonyRokomua

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Thank you so much, I sent a little bit through paypal for your help. It isn't much as I'm a student and don't have a lot hahahha.


  • 0

#12
Essexboy
Posted 06 December 2015 - 08:24 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
My pleasure and thank you :thumbsup:
  • 0

#13
Essexboy
Posted 08 December 2015 - 12:52 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: Virus, Javascript, Confirm, WindowsWinhlp32stub

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP