Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

MY WORKSTATION IS INFECTED

Started by Kamlesh Rathore , Feb 08 2017 01:46 AM

  • Please log in to reply

#1
Kamlesh Rathore
Posted 08 February 2017 - 01:46 AM

Kamlesh Rathore

    New Member

  • Member
  • Pip
  • 1 posts

Hi,

I was being assisted for a permission issue when trying to install sketchup pro 2017, noticed that I had malware present on my system. I came in this section to get checked and get them removed before i continue.

 

 Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017

Ran by user (administrator) on PC (08-02-2017 13:07:58)
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelConnectCenter] => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe [7763384 2016-07-15] (AO Kaspersky Lab)
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\Run: [PCLink] => C:\Program Files (x86)\ASUS\PC Link\PCLink.exe [640272 2015-10-29] (ASUSTek Computer Inc.)
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\MountPoints2: {43f25b84-182d-11e6-8255-f832e4b97664} - "I:\Autorun.exe" 
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\MountPoints2: {48abc74b-7833-11e6-82bf-f832e4b97664} - "I:\Setup.exe" 
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\MountPoints2: {ae4cb0a5-8242-11e6-82da-f832e4b97664} - "I:\Setup.exe" 
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
BootExecute: autocheck autochk * bddel.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{5127285E-B19B-496F-8802-B5FDE2F81C44}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{F0C995A4-8226-4F4E-832F-0A3D8DE1490E}: [NameServer] 8.8.8.8,8.8.4.4
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131207390893814267&GUID=38FF6765-2838-4C5F-8AAE-B8D6E621DE5E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131207390893816845&GUID=38FF6765-2838-4C5F-8AAE-B8D6E621DE5E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.in/
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-989176755-2030777671-3719217794-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-01] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2016-12-01] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-01] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2016-12-01] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-989176755-2030777671-3719217794-1001 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF DefaultProfile: 2wqc5nvh.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2wqc5nvh.default [2017-02-08]
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2wqc5nvh.default\user.js [2016-08-10]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\tfxt7kvm.default-1480664112747 [2016-12-12]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-01]
FF HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\Firefox\Extensions: [kpm_win_add_on@kaspersky] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm_win_add_on@kaspersky
FF Extension: (Kaspersky Password Manager) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm_win_add_on@kaspersky [2016-08-16]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-26] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-26] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.co.in/
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-02-08]
CHR Extension: (Google Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-31]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-31]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-31]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-31]
CHR Extension: (Bitdefender Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem [2016-08-31]
CHR Extension: (Google Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-31]
CHR Extension: (Chrome Remote Desktop) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-02-08]
CHR Extension: (Kaspersky Password Manager) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2016-08-31]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-31]
CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-05]
CHR Extension: (Kaspersky Protection) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2017-01-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-31]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR Extension: (Spot The Differences!) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pniinickecbjegedmgagmgikbolfgaij [2016-08-31]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-17]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKU\S-1-5-21-989176755-2030777671-3719217794-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gebpdbfmpedcnopofelmhndhincfkhki] - hxxps://chrome.google.com/webstore/detail/gebpdbfmpedcnopofelmhndhincfkhki
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
S4 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S4 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-26] (NVIDIA Corporation)
S4 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
S4 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel Corporation)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] ()
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-03] (TeamViewer GmbH)
S4 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R2 VRLService; C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe [209408 2014-09-05] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
S3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2015-10-07] (Windows ® Win 7 DDK provider)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [75576 2015-10-07] (ASUS Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2016-05-12] (Disc Soft Ltd)
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-07-02] (ASUSTeK Computer Inc.)
R3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [37160 2015-06-03] (Intel)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\drivers\klhk.sys [237912 2016-12-01] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2017-02-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [992600 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-08-10] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-08-16] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-30] (Malwarebytes)
S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\Dnetr28x.sys [2454160 2014-12-23] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-10-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2016-09-02] (NVIDIA Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2016-05-12] (Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S1 ESProtectionDriver; \??\C:\Windows\system32\drivers\mbae64.sys [X]
S0 ignis; \SystemRoot\system32\DRIVERS\ignis.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2049-07-12 20:06 - 2049-07-12 20:06 - 00000000 ____D C:\ProgramData\Dumps
2049-07-12 20:05 - 2049-07-12 20:05 - 00024550 _____ C:\ProgramData\2509713304.bdinstall.bin
2049-07-12 20:03 - 2049-07-12 20:03 - 01880989 _____ C:\ProgramData\2509713145.bdinstall.bin
2049-07-12 20:03 - 2049-07-12 20:03 - 00253404 ____H C:\bdr-ld01
2049-07-12 20:03 - 2049-07-12 20:03 - 00009216 ____H C:\bdr-ld01.mbr
2049-07-12 20:03 - 2049-07-12 20:03 - 00000684 ____H C:\bdr-cf01
2049-07-12 20:03 - 2049-07-12 20:03 - 00000385 _____ C:\Users\user\AppData\Roaminguser_gensett.xml
2049-07-12 20:03 - 2049-07-12 20:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2049-07-12 20:03 - 2016-08-10 14:22 - 00000000 ____D C:\ProgramData\BDLogging
2049-07-12 20:03 - 2015-12-15 21:35 - 49760229 ____H C:\bdr-im01.gz
2049-07-12 20:03 - 2013-08-13 12:38 - 03271472 ____H C:\bdr-bz01
2049-07-12 20:03 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2049-07-12 20:01 - 2049-07-12 20:01 - 00088445 _____ C:\ProgramData\2509713090.bdinstall.bin
2049-07-12 20:01 - 2049-07-12 20:01 - 00042523 _____ C:\ProgramData\2509713107.bdinstall.bin
2049-07-12 20:01 - 2049-07-12 20:01 - 00000000 ____D C:\Users\user\AppData\Roaming\QuickScan
2049-07-12 20:01 - 2049-07-12 20:01 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2017-02-08 13:07 - 2017-02-08 13:08 - 00023473 _____ C:\Users\user\Desktop\FRST.txt
2017-02-08 13:07 - 2017-02-08 13:07 - 02421248 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2017-02-08 13:07 - 2017-02-08 13:07 - 00000000 ____D C:\FRST
2017-02-08 12:57 - 2017-02-08 12:58 - 00029897 _____ C:\Users\user\Desktop\MTB.txt
2017-02-08 12:56 - 2017-02-08 12:57 - 00892416 _____ (Farbar) C:\Users\user\Desktop\MiniToolBox.exe
2017-02-08 12:30 - 2017-02-08 12:30 - 15701965 _____ C:\Users\user\Desktop\IE10-Windows6.1-KB2859903-x86.msu
2017-02-08 12:19 - 2017-02-08 12:20 - 24592606 _____ C:\Users\user\Desktop\Windows8.1-KB2901549-x64.msu
2017-02-08 12:04 - 2017-02-08 12:07 - 155266792 _____ (Trimble, Inc.) C:\Users\user\Desktop\SketchUpPro-en-x64.exe
2017-02-08 12:02 - 2017-02-08 12:03 - 08310320 _____ (Trimble, Inc.) C:\Users\user\Desktop\SketchUpPro-en-x64.exe.crdownload
2017-02-08 11:59 - 2017-02-08 11:59 - 00000000 ____D C:\Users\user\Downloads\sketchup_install
2017-02-07 23:01 - 2017-02-07 23:01 - 00000000 ____D C:\Users\user\AppData\LocalLow\uTorrent
2017-02-07 22:15 - 2017-02-07 23:45 - 181419922 ____R C:\Users\user\Downloads\SketchUp Pro 2017 17.0.18899 (x64) + Crack [SadeemPC].zip
2017-02-07 14:25 - 2017-02-07 14:25 - 00055433 _____ C:\Users\user\Downloads\Case study - Video Streaming Business (1)(1).pdf
2017-02-06 23:18 - 2017-02-08 10:05 - 04985433 _____ C:\Users\user\Desktop\Video Streaming Business of Endurance.pptx
2017-02-06 22:56 - 2017-02-06 22:56 - 00055433 _____ C:\Users\user\Downloads\Case study - Video Streaming Business (1).pdf
2017-02-03 13:22 - 2017-02-03 13:38 - 00010671 _____ C:\Users\user\Desktop\HOLD MIS REVERT AS ON 03rd OF FEB 2017.xlsx
2017-01-31 22:54 - 2017-01-31 22:54 - 00076045 _____ C:\Users\user\Desktop\Payment_Acknowledgement_Receipt(24228746).pdf
2017-01-30 18:11 - 2017-01-30 18:15 - 01466939 _____ C:\Users\user\Downloads\ISES-WP-600DV.pdf
2017-01-30 18:11 - 2017-01-30 18:13 - 00429159 _____ C:\Users\user\Downloads\pppppt.pptx
2017-01-30 18:10 - 2017-01-30 18:16 - 02698776 _____ C:\Users\user\Downloads\EMC-AFGAN_ENERGY_FROM_WASTE-BIOTECH.pdf
2017-01-30 18:10 - 2017-01-30 18:16 - 02360472 _____ C:\Users\user\Downloads\buildingsc_.zip
2017-01-30 18:10 - 2017-01-30 18:16 - 02089984 _____ C:\Users\user\Downloads\Eco Friendly Energy Systems.ppt
2017-01-30 18:10 - 2017-01-30 18:12 - 00399360 _____ C:\Users\user\Downloads\GREENBUILDINGS.ppt
2017-01-30 18:10 - 2017-01-30 18:11 - 00280503 _____ C:\Users\user\Downloads\BUILDING SCIENCE.pptx
2017-01-30 18:09 - 2017-01-30 18:15 - 02159777 _____ C:\Users\user\Downloads\build_sc_2.zip
2017-01-30 18:09 - 2017-01-30 18:14 - 08263597 _____ C:\Users\user\Downloads\1.pdf
2017-01-30 18:09 - 2017-01-30 18:12 - 01112752 _____ C:\Users\user\Downloads\a  BUILDING SCIENCE - pj trade centre - jyoti shugani.pptm
2017-01-30 18:09 - 2017-01-30 18:11 - 02388203 _____ C:\Users\user\Downloads\BUILDING SCIENCE(Eco-Friendly Materials).pptx
2017-01-30 18:08 - 2017-01-30 18:11 - 02388129 _____ C:\Users\user\Downloads\BUILDING SCIENCE(Eco-Friendly Materials).ppsx
2017-01-27 23:40 - 2017-01-27 23:40 - 00001964 _____ C:\Users\user\Desktop\Crysis2.exe - Shortcut.lnk
2017-01-27 00:08 - 2017-01-27 00:08 - 00000000 ____D C:\ProgramData\Solidshield
2017-01-27 00:05 - 2017-01-27 00:05 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2017-01-22 00:40 - 2017-02-06 23:33 - 00000150 _____ C:\Users\user\Downloads\Lumion_7_Pro_Crack.zip
2017-01-12 23:12 - 2017-01-24 23:34 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2017-01-09 23:19 - 2017-01-10 01:08 - 731241267 _____ C:\Users\user\Downloads\sumitbot.blogspot.com - Dangal (2016)-DDR.mkv
2017-01-09 21:50 - 2017-01-09 21:47 - 00867392 _____ C:\Users\user\Desktop\xvvvvvvvvvvvvvvvvvvvvvvv.skb
2017-01-09 21:47 - 2017-01-09 21:50 - 00834463 _____ C:\Users\user\Desktop\xvvvvvvvvvvvvvvvvvvvvvvv.skp
2017-01-09 20:08 - 2017-01-09 21:03 - 01972166 _____ C:\Users\user\Desktop\hhhhhhhhhhhhhhhhhhhhhhhhhh.skb
2017-01-09 20:01 - 2017-01-09 21:09 - 01955270 _____ C:\Users\user\Desktop\hhhhhhhhhhhhhhhhhhhhhhhhhh.skp
2017-01-09 19:44 - 2017-01-09 19:59 - 01325842 _____ C:\Users\user\Documents\AutoSave_Untitled_4.skp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2049-08-10 14:12 - 2016-06-13 22:46 - 00003898 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4A2226FD-FD56-4BC5-A47D-0566383E821A}
2049-07-12 20:03 - 2016-04-27 16:39 - 00000000 ___RD C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2017-02-08 12:36 - 2016-12-03 22:31 - 00000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2017-02-08 12:25 - 2016-04-27 16:46 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-989176755-2030777671-3719217794-1001
2017-02-08 12:20 - 2016-05-12 21:07 - 00000000 ____D C:\ProgramData\SketchUp
2017-02-08 12:20 - 2016-05-12 21:07 - 00000000 ____D C:\Program Files\SketchUp
2017-02-08 12:08 - 2016-08-10 14:33 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-02-08 11:58 - 2016-04-27 16:42 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-08 11:58 - 2013-08-22 19:06 - 00000000 ____D C:\Windows\Inf
2017-02-08 11:55 - 2016-05-12 21:08 - 00000000 ____D C:\ProgramData\Reprise
2017-02-08 11:55 - 2016-05-12 18:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-08 11:52 - 2016-05-12 21:16 - 07671296 ___SH C:\Users\user\Desktop\Thumbs.db
2017-02-08 11:52 - 2013-08-22 20:15 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-08 10:05 - 2016-08-16 15:30 - 00000000 ____D C:\Users\user\AppData\Roaming\uTorrent
2017-02-07 13:53 - 2016-12-13 00:37 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 13:53 - 2016-12-13 00:37 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-07 07:55 - 2016-06-04 15:10 - 01000960 ___SH C:\Users\user\Downloads\Thumbs.db
2017-02-05 22:13 - 2016-09-14 18:12 - 00000080 _____ C:\Users\user\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2017-02-05 12:09 - 2016-10-29 11:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-01 23:10 - 2016-12-02 14:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-19 09:09 - 2016-05-12 17:02 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2017-01-18 20:39 - 2016-05-22 02:42 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2017-01-16 10:18 - 2016-09-12 19:04 - 00000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2017-01-16 09:05 - 2013-08-22 21:06 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-16 09:05 - 2013-08-22 21:06 - 00000000 ____D C:\Windows\AppReadiness
2017-01-13 19:05 - 2016-04-27 16:39 - 00000000 ____D C:\Users\user\AppData\Local\Packages
2017-01-12 23:19 - 2016-05-23 00:40 - 00000000 ____D C:\Users\user\Documents\My Games
2017-01-12 23:12 - 2016-09-13 15:30 - 00000000 ____D C:\Temp
2017-01-12 23:12 - 2016-05-18 19:03 - 00000000 ____D C:\Windows\SysWOW64\directx
 
==================== Files in the root of some directories =======
 
2016-06-07 16:44 - 2016-06-07 16:44 - 0000034 _____ () C:\Program Files\Common Files\9E3EC1B1.zq
2016-08-11 00:05 - 2016-08-12 17:35 - 0000132 _____ () C:\Users\user\AppData\Roaming\Adobe BMP Format CS6 Prefs
2016-06-01 09:24 - 2016-06-01 09:30 - 6859776 _____ () C:\Users\user\AppData\Roaming\agent.dat
2016-06-21 15:35 - 2016-10-24 01:58 - 0000083 _____ () C:\Users\user\AppData\Roaming\alsoft.ini
2016-06-01 09:20 - 2016-06-01 09:20 - 0128512 _____ () C:\Users\user\AppData\Roaming\Installer.dat
2016-06-01 09:24 - 2016-06-01 09:30 - 0018432 _____ () C:\Users\user\AppData\Roaming\Main.dat
2016-08-14 01:03 - 2016-08-14 01:03 - 0000045 _____ () C:\Users\user\AppData\Roaming\WB.CFG
2016-07-21 21:26 - 2016-07-21 21:26 - 0007598 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2016-08-10 13:58 - 2016-08-10 13:58 - 0017509 _____ () C:\ProgramData\1470817704.bdinstall.bin
2016-08-10 14:02 - 2016-08-10 14:02 - 0017509 _____ () C:\ProgramData\1470817923.bdinstall.bin
2049-07-12 20:01 - 2049-07-12 20:01 - 0088445 _____ () C:\ProgramData\2509713090.bdinstall.bin
2049-07-12 20:01 - 2049-07-12 20:01 - 0042523 _____ () C:\ProgramData\2509713107.bdinstall.bin
2049-07-12 20:03 - 2049-07-12 20:03 - 1880989 _____ () C:\ProgramData\2509713145.bdinstall.bin
2049-07-12 20:05 - 2049-07-12 20:05 - 0024550 _____ () C:\ProgramData\2509713304.bdinstall.bin
2016-04-27 17:08 - 2016-04-27 17:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-04-27 15:13 - 2016-04-27 15:13 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-05-20 13:25 - 2016-05-20 13:25 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
 
Some files in TEMP:
====================
2016-09-03 18:36 - 2016-09-03 18:37 - 2943992 _____ (Google) C:\Users\user\AppData\Local\Temp\42F.exe
2016-08-25 12:28 - 2016-08-25 12:29 - 2943992 _____ (Google) C:\Users\user\AppData\Local\Temp\95F2.exe
2016-08-16 16:12 - 2016-01-26 16:10 - 0066496 _____ (Autodesk, Inc.) C:\Users\user\AppData\Local\Temp\AcDeltree.exe
2016-11-06 19:58 - 2016-11-06 19:58 - 2934264 _____ (Google) C:\Users\user\AppData\Local\Temp\B6F7.exe
2016-09-12 18:35 - 2016-09-12 19:03 - 0524288 _____ (Sony DADC Austria AG) C:\Users\user\AppData\Local\Temp\DSSExp.exe
2016-10-28 20:02 - 2016-06-21 15:31 - 2463480 _____ () C:\Users\user\AppData\Local\Temp\eon_uninst_101.exe
2016-09-16 16:52 - 2016-11-08 19:25 - 0278528 _____ (Rockstar Games.) C:\Users\user\AppData\Local\Temp\GTA_V_Launcher_1_0_505_2 (2).exe
2017-01-03 17:31 - 2017-01-03 17:52 - 8142848 _____ (Rockstar Games.) C:\Users\user\AppData\Local\Temp\GTA_V_Launcher_1_0_505_2.exe
2016-07-16 09:21 - 2016-10-22 10:52 - 0747648 _____ (NVIDIA Corporation) C:\Users\user\AppData\Local\Temp\nvSCPAPI.dll
2016-07-16 09:21 - 2016-10-22 10:52 - 0860960 _____ (NVIDIA Corporation) C:\Users\user\AppData\Local\Temp\nvSCPAPI64.dll
2016-08-19 23:23 - 2016-10-22 10:52 - 0351680 _____ (NVIDIA Corporation) C:\Users\user\AppData\Local\Temp\nvStInst.exe
2015-04-14 03:44 - 2010-01-05 18:50 - 0088576 _____ (SkinSharp Inc.) C:\Users\user\AppData\Local\Temp\Skin.dll
2016-10-28 20:07 - 2016-06-28 12:53 - 0113008 _____ () C:\Users\user\AppData\Local\Temp\tmregister.exe
2016-11-02 14:01 - 2014-11-01 02:55 - 2707352 _____ (Microsoft Corporation) C:\Users\user\AppData\Local\Temp\vcredist_vs2005_x86.exe
2016-09-01 21:48 - 2016-09-01 21:48 - 3210240 _____ () C:\Users\user\AppData\Local\Temp\vrayuninst.dll
2016-11-02 14:01 - 2013-09-17 16:26 - 19551632 _____ () C:\Users\user\AppData\Local\Temp\WkRuntime32_64.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-02-08 03:40
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2017
Ran by user (08-02-2017 13:08:22)
Running from C:\Users\user\Desktop
Windows 8.1 Pro (Update) (X64) (2016-04-27 11:09:56)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-989176755-2030777671-3719217794-500 - Administrator - Disabled)
Guest (S-1-5-21-989176755-2030777671-3719217794-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-989176755-2030777671-3719217794-1003 - Limited - Enabled)
user (S-1-5-21-989176755-2030777671-3719217794-1001 - Administrator - Enabled) => C:\Users\user
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.7.5.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.7.5.0 - ASUSTek COMPUTER INC.) Hidden
ASUS PC Link (HKLM-x32\...\{52AE8601-EA55-456E-80A9-7FB48E82CF81}_is1) (Version: 3.0.22.1029 - ASUSTEK)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
ASUS Share Link (HKLM-x32\...\{c3bcc1e3-f950-439c-bcae-f01283e9f2a4}_is1) (Version: 1.0.27.0911 - ASUSTEK)
AutoCAD 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk 3ds Max 2017 (HKLM\...\Autodesk 3ds Max 2017) (Version: 19.0.1072.0 - Autodesk)
Autodesk 3ds Max 2017 (Version: 19.0.1072.0 - Autodesk) Hidden
Autodesk 3ds Max 2017 Populate Data (HKLM\...\{2B07E17E-A072-43BD-9DCC-369B56C16698}) (Version: 19.0.0.0 - Autodesk)
Autodesk 3ds Max Asset Library (HKLM\...\Autodesk 3ds Max Asset Library) (Version: 1.2.85.0 - Autodesk)
Autodesk 3ds Max Asset Library (Version: 1.2.85.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk Backburner 2017.0 (HKLM-x32\...\{0038F5AA-8482-4BB2-8A28-3FEA1D58D780}) (Version: 17.0.0.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk Civil View for 3ds Max 2017 64-bit (HKLM\...\{1C4FFAF0-7DBB-4F7A-A386-46747D060826}) (Version: 19.0.0.0 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Autodesk Featured Apps 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2017 (HKLM\...\{9167CA34-4E68-49E3-8892-3C439739D2D3}) (Version: 19.0 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2017 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2017) (Version: 17.0.411.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2017 (Version: 17.0.411.0 - Autodesk) Hidden
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
DWG To Lumion Bridge (HKLM\...\{224D3C57-E445-409C-A2C5-DBA03B2EF7F9}) (Version: 1.0.0 - Act-3D)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google SketchUp Pro 8 (HKLM-x32\...\{3AB65E95-37D6-4DD7-8862-29AED3AFD54B}) (Version: 3.0.3117 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
Intel® Chipset Device Software (x32 Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.5 (x32 Version: 2.5.0.22 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel® USB 3.0 Host Controller Adaptation Driver (HKLM\...\{9472AEE5-5D4D-4329-8BD8-B282FD33B8E0}) (Version: 1.0.0.42 - Intel Corporation)
Intel® CCF Manager (HKLM-x32\...\{0f3d8dd5-54af-4404-a01c-4967e485a065}) (Version: 3.0.13.2211 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel)
IRender_nXt (HKLM-x32\...\{7DB47195-56CF-4CD7-83E9-8FCA95AFBE65}) (Version: 5.00.0000 - )
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{2C74A102-DC39-4158-A831-02BDE2EC7D5D}) (Version: 8.0.5.485 - Kaspersky Lab)
Kaspersky Password Manager (x32 Version: 8.0.5.485 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Lumion 6.0 (HKLM\...\Lumion 6.0_is1) (Version: 6.0 - Act-3D B.V.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{1af6dc7d-ee8d-4bf8-aea0-07c6969a7170}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Need for Speed Most Wanted - Limited Edition version 1.0.0.0 (HKLM-x32\...\Need for Speed Most Wanted - Limited Edition_is1) (Version: 1.0.0.0 - )
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA mental ray and IRay feature plugins for 3ds Max 2017 (HKLM\...\{6ABEC32F-B90F-4499-B3A3-FF8A00948178}) (Version: 19.0.0.0 - Autodesk)
NVIDIA Miracast Virtual Audio 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 375.70 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.38.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
Revit Architecture Content Libraries 2015 (Version: 15.0.136.0 - Autodesk) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
STCServ (Version: 3.0.0.1783 - Intel Corporation) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
V-Ray for 3dsmax 2017 for x64 (HKLM\...\V-Ray for 3dsmax 2017 for x64) (Version: 3.40.03 - Chaos Software Ltd)
V-Ray for SketchUp adv (HKLM-x32\...\V-Ray for SketchUp adv 2.00.25244) (Version: 2.00.25244 - Chaos Software, Ltd)
VSDC Free Video Editor version 5.7.2.644 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 5.7.2.644 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{0147D323-DE12-49EA-AF59-6EC6029C4D1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{058268AC-52DE-4AC2-AA6D-49A33790DCE2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{0584DCCD-CA95-448E-B499-B5C844D68218}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{05AFCEDA-84A0-4190-8E42-0B0A18F34654}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{066BA626-F785-4874-ADCB-A4F42CCBE229}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{06D23C2C-BED2-4FF2-BC4A-1055E7ACF3BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2017\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{0787D3C1-A128-4347-BBA9-0F8BCF2C0EA6}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{0AA15FCA-2D73-4DDD-8286-F65AA1621CE4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{0D1486F5-E8D5-4D9F-9961-AA18B36A5384}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{10464CD7-9F8A-411E-967A-D06B11C29E8F}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{105AC7CF-74FE-4BFB-8F87-1242C0738FB2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{10FDDE98-7C50-4AAC-98D3-C6BFE3A6B742}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{11396DAF-5066-461F-A4C3-15E7EF329C9D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{11D9CCF9-8D29-4311-A822-A7781D4F91CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{13597217-11B3-41A6-9F2D-D4EAA27F1C44}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{14C22841-C9F6-40A7-86B3-D5A245C48F2A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{15E2281D-71EE-4433-BEA2-73AFC5AEF9AF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{167AC0F9-6848-486C-A688-2CCE0CCCECE3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{17E9B011-53C2-4900-A6BE-0865AE9A55C7}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{192084F9-5068-4AF6-87EF-B8389F431719}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{19854688-F831-4119-A46D-7421EC3652C0}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{19D61EF7-E711-48D3-9214-35EE9C699240}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{1A53E8C0-6387-4CA9-89D9-88B1370CCB0A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{1AC5B486-9382-4294-A2EE-AB4F2E7A9251}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{1E8B3FB0-E02F-4304-82E4-0D96D04F6E2F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{1F62A2EC-2B8E-4CBB-81D6-7423B3C3496B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{203a7c10-dc7b-4355-8803-982860b6258d}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{20AA404D-02A6-480B-BC4C-E5396EEBCB98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{24891A90-4B89-47F9-8F03-48524FF627D9}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{2551F748-CF65-47E3-A482-D527FD1BAC15}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{28A05C50-DEAA-4317-8279-67E427E5A147}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{28E888D7-506A-4E22-BA7F-7C9C731C3E49}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{294457CD-170E-409A-BF63-1E099C590802}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{296C1C76-4212-40A2-9E9C-967F981A35F5}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{2A4DA92D-1954-4613-903C-C1975BEFEABB}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{2B41B5E7-34DA-4CB7-A0FB-D322D3BBC4A5}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{2D52F7DC-EF7C-4437-9453-55C3B3C3961E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{2EA1CB0B-A048-4610-BD1C-3891B0F1DD1F}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{2F6119F5-B61C-4A9C-9BFF-7A91AEA99AB1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{2FAFFE29-EFF6-40B0-AD3B-499DDABA34D8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{2FE0DF6F-9E53-4545-83DB-632DE5CCFD8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{31373C76-DBEC-4845-9F3C-B505BFBEE6CF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{350624A7-2316-41D7-A09A-A2EFCCCF51AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{3581812A-8232-4254-8324-B4F9FA19AAB3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{35E2A9A7-376D-44C0-810B-295C77E2F14C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{35FD0123-4B49-4E8D-9BCC-20B2C0E240F0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{371C502F-8ECC-408E-9DE6-C7C227610BFC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{3B86E939-FF1D-4A37-A0D1-EFBD71CBB5C2}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{3BB057DC-0A09-46E4-9CF9-3DB65C728767}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{3C718F35-4451-4C98-BA74-6252644BB954}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{3C86A83D-A14D-4C01-9C78-9A5ADD210638}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{3DADC568-3017-4289-A70A-5CA039F669AD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{3DD1037D-A173-4043-B9F6-E331FE5B0BF9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{3E896FA0-D2EF-4800-B771-08956A386ACF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{41FBC9BB-92F9-4375-9895-4F71D9A2B208}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{44797D71-ED09-41A1-BB32-1DB26C1A4731}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{45431B7A-BE41-4395-B730-27772D84E9FF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{457B965C-E67F-43FB-9491-69162DB62BE0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{4687F338-59AB-48AA-9167-4B4972BFBBF3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{46895C89-9976-44D0-9EE2-0A287B042974}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{46BFCC8B-D25B-4A00-842A-99C17C4DA3A2}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{4700E21A-5BB6-4A0C-9772-9945202FA5B3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{47775DA0-E874-4EAF-A28C-20C6E2D387A0}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{481D764E-CE5E-4CFC-A688-FE836721B8FA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{4A3D89CE-CFE0-4CDB-B70E-594579DD47F1}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{4C4FC28C-2984-4CEC-A0CB-BC0FF30F37FF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{4CD1350D-47CE-4BAC-80D7-2F4B9D61F3B5}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{515D6B2D-A272-40E8-9BAD-332402C8D3EE}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{51BC0880-8759-4482-A9E8-7DAA6F6C1498}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{52DA3F2E-1657-4391-8C9D-524FD2FBD7FB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5406DE3C-7C3C-4A9A-A107-AC73162E108A}\InprocServer32 -> AcMPolygonCOM.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{55C691D9-31F1-489B-B50D-823E5E55B5E7}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5611B09D-BCBB-4472-8100-6BD772BD4516}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{571498B7-54A9-409E-9B06-9DD7DBC7E0BD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{573FCDC4-6A92-46A0-BE06-BB031EFA2808}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5961E7CD-EA16-4DBB-BE46-34070578A3C3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{596AC23D-8F9D-4848-A41D-4E5F5AA8EDEE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5990DE44-D577-44F1-9FDB-726E2D64F042}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5A41C328-9E56-4CF3-81D7-C9C7601D3CC7}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5A5C3E3E-C06C-4FD1-ACA2-67EA8CA99212}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5B6F4E89-4299-474D-96B9-C5BE5C4BEACD}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5C4D00E2-E341-4F18-8A51-87E16F024873}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5CBAC317-6744-4C07-97C5-491202D1959C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5DAB5A7F-CC0F-4C87-BCD6-B1A3C18046BC}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5EB2EE02-A192-49FD-99A6-4000E78DD49C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{5EB6721F-506E-4817-B3BF-A4902DDB21AE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{600E5319-9BBA-4B4F-90D5-7C2B82A18CAD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{605060C2-E478-4598-B81E-7427B3FCD882}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{61A6F246-CAD2-4846-A51B-8CF41EB7805F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{6494D6EB-BDF2-471B-8CB4-F195E4CC5A4C}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{6870AA6A-7CBD-4EEC-8420-1D230105B1F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{6A4E56B5-0647-4841-B1BE-BFC679B33C6F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{6BC25F56-8959-4252-87B8-10509FD23D05}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{6C490DE0-DADC-44A3-89AF-1BE2247E4D20}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{6C88198B-23A8-4266-92C1-862176B6F992}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{6DDA4930-4050-4A45-AFAD-AE7D4197F3DF}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{6FE3B2A4-AA63-4515-B132-0CF6948A8495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{7084FE2D-DDE9-40B8-A8E7-5B394FDDE6D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{72EC5935-3EC3-4E94-A3F1-D2FC478521C2}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{73157A89-ABE5-40A5-88E6-C0C94BC718C7}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{73165417-C292-4E70-8676-AEEF66757956}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{73ED7D31-C3F0-42F0-89BB-1FB36575AC01}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{77781838-D547-4969-9D17-47667310867D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{7829A18C-0ECD-4F9F-9ACE-6C2342A19A21}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{78C9BF6F-8514-41E1-B81F-003AD0CCB19F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{7927D562-964A-4C9C-86CF-C6CDFEADE160}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{79464EDF-94EB-4F6D-A37D-F7E6035A9A99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{7BD30248-B49B-4206-8BF9-042D3620982B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{7F76C8E0-B0C3-420E-94B7-47B77C6373B7}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{80FD12F0-C879-4A6E-89B2-44B7C27DE707}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{84211AEC-9103-487C-8331-CDFC37B4564B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{8551E0B7-331A-4CD7-9241-0284BA9AB011}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{864B76DA-054A-4B50-9AE3-A34B83ECE24E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{86FE5CB4-F8C2-4EEA-8A68-F659776DAB34}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{87163B6B-E7E4-46A9-835C-598B0BC54231}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{88A10E3A-F60F-473A-80EB-9CC16BA1F489}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{8AF533B5-F76D-4F06-AD3F-1C19C903F3BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{8B00BEFC-117A-467B-AF03-049C2FF30337}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2017\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{8CF9DBE9-AD3D-419E-8563-5B3CE43E8933}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{8D751624-7267-4F12-B365-4330F6EAFC76}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{8D7FC5F3-5AAB-4833-95AA-A50B6C317518}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{8E462A4E-6221-4C8A-87F0-2A0E96F8B4FB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{8E5D75FF-E71A-492D-B6D9-DCD0CD95A8EE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{8F61C491-AA22-4AB8-8B2D-E24B0AA4303D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{8FF9E9CA-01F5-404C-B6B6-6D1AD2B89068}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{91E3EE6A-06A5-4A43-B7F1-09EACE26D791}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{92F84802-891F-46CB-921F-D6D8FD9FE00A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{9519F17C-24D4-40BE-8A6F-639B0EF82DA0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{95C9299B-0929-43CA-8762-5A22B8B1E489}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{9603023B-7BD8-4D49-9CFE-94265E21CF2C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{96490F92-5E25-41EE-AD48-16AE8FC3D2DE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{96FBE140-0202-4402-A85E-7122A62D679A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{9844C4FC-A4C9-41EA-8318-A1555A308319}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{988BA02B-1B64-479A-B9F6-8CEDB2B35A15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{99B752A9-7BBA-4E72-9D1E-984EC8C00D01}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{9BC2494F-4B3C-4436-8833-1A12894F8B08}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{9BE645E1-BBD9-4BC1-BFF6-989FCCEBBCAC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{9CCE028E-AA85-46EA-8FAA-646580BDF1CF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{9E78597D-7A65-4AD3-92A4-4AFB0CD6218C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{9FAA7B3C-E13D-4D07-B77D-CB1DC3A4E3E5}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{A13B628C-9C09-4FC0-A666-29D841D40120}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{A249F181-E261-4676-830B-C94C1B7A18D8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{A2F54202-7064-4C66-9991-21C0A97257EA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{A459CA0A-A548-4A20-9229-5B90C6FB4385}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{A746B08D-3E25-4C93-8BEB-CAC8208AEC62}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{A8E92D82-C736-4306-A27D-4BC9DBB9ECF9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{AA24F9EC-C62B-4402-9140-CD41D584FF8C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{AA71FEAF-2B65-457D-9517-FCAB296F985D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{AAB83C11-1E56-40A8-8EBA-63D58A76EFCA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{AB0171AB-127C-4505-8985-86A95183F07D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{AB697162-0540-4B94-BC30-5304E5F6531E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{ABEC05BD-2C11-45FC-913D-A72F741BE1F3}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{AD1F611D-8D79-46F5-B7D1-9FF883002138}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{AD83D36C-F117-4F9E-AEF5-72B445B04CC5}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{AF703C53-A442-402F-AA7D-C86927E1FC2C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{B1C4EDD8-0266-46C9-A9BB-1F9655D5E402}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{B383973A-3C50-428B-9A4A-0FE47DBA0209}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{B41F0AC7-9BEE-44AB-8BF8-A60751C2E684}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{B476ECE6-6F7E-4CBC-AB02-7141F6B0569A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{B4823B43-DF67-4432-A774-F9B4BDB295ED}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{B61F9BA3-3EE3-4FDC-9067-9801FFAE146E}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{B9A8A472-84CA-451B-9BC2-196EA7F5976B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BA1E142F-2046-4B61-AD02-38B27D8D5CDF}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BA9AFD64-114E-4755-9FB8-30F426FE6479}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BBC76012-02A6-4172-9BDB-90A9D39BDDD7}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BC056EF6-3DFC-49CA-AA0B-166A37DAE72B}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BC0CE1AE-0FEF-4E4B-BB91-1E84E19EF3A5}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BC411239-813D-4313-8937-CC7E4EF110B3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BD08A7B0-4084-4144-9B9C-E88E53D9A1C7}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BE0BEE2E-AECF-4DAB-A7A3-B1564D890C2A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BEBDD05C-96F1-4A21-8BF2-91D73AABF676}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BEEC1AC5-4909-4F82-9CFE-1DF2E8FFA7AE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BF2568DD-2638-4596-A120-F64B30659BBA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{BF7227D0-D41D-48FC-B545-8263F2CDA621}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{C005A45C-BE76-4545-88A3-824AE339AE0F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{C256FC4C-9832-44A7-8865-031E020DE8CE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{C2C20721-1603-4B88-B876-CA9DBB886E2A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{C314D4C3-41B5-4175-AC0D-CD5606690FDB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{C681F6A7-1AC0-4847-9328-0E11BB055712}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{C7023C52-4730-45A0-8584-DE5B6CA8BABB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{C90B7373-8769-46B1-88A2-AC8559F86F6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{CB1F97B7-66F1-4C7B-A529-B5FD6894E0E6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{CBD0625E-8565-4C46-987F-8975FC273CB3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{CC617083-ACCE-42DC-AA9A-80C6DA55827A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{CD63B846-475A-47B0-A96C-C9FD2B5D5A86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{D00F417A-0635-4134-BEDF-0C6A806CF9E2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{D027D3AB-B9BC-46B2-9BDD-C0F1E261B389}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{D08B65B3-3909-44A1-95FC-5B8A830F0A76}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{D2F28163-AA51-4B1F-AECA-AD08B4ADDD83}\InprocServer32 -> AcMPolygonCOM.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{D3D1C947-F2ED-499C-AFBB-7DBE950A5963}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{D47353F4-2B25-4374-9F19-947396833EB7}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{D56A20B6-75F4-4B51-A267-77B8EE749130}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{D8AC0D39-7F4C-4744-A36F-FF423676C6C3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{D8C4556C-2407-4DD5-874F-0407D1FCCF85}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{DACE402F-40DD-42DC-9A50-852C06EB4F59}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{DBB39C1C-354D-41CE-951E-434D3EEFC3C4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{E031C9AC-9DA8-4F4A-B1DC-A91A2878BFDC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{E17A0618-1D8B-418D-87FF-97D66367BDF4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{E2C1822C-791C-48BB-AFD0-00890DE860C1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2017\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{E6E2CE29-8A7A-4535-9D34-E3C53AC3E200}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{E8355A27-A9B1-410C-B8E9-63F02470810E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{E8C500E8-689E-4B2E-9D71-3A89B9696C0A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{ECFFA436-F348-4BAA-A0DF-2CE13A27F311}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{F2ADAC45-3C69-4215-AB0A-5F34E852A976}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{F38759B2-1A83-4D74-87FD-FE363D8A7B91}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{F5653FC4-9C1A-478F-A356-D31DC7442191}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{F6C33976-FF62-4351-8C3B-09B0905223BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{F6FDE384-386E-432C-9E34-611B120A070D}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{F73D1357-2E3D-475F-8120-720B76B63D20}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{F7B19701-A106-4801-9927-7A973ADE49DE}\InprocServer32 -> AcSmComponents.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{F7E5AD8C-8950-4AA7-A38F-F34F10C4C365}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{FE5338D0-5CCE-46EF-9A67-E551AB96230D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-989176755-2030777671-3719217794-1001_Classes\CLSID\{FEFEE828-E288-45B1-BB21-DF6CAEA0D90B}\InprocServer32 -> axdb.dll => No File
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {163B0458-5B2F-40ED-9BF8-DEF976B65791} - System32\Tasks\{F02440FB-04D0-4C87-88A8-2B49A762214E} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Sanhold\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\Sanhold\uninstall.dat" -a uninstallme 5E5EC6C3-59E3-446D-927A-FB7AB8FBA3B3 DeviceId=084c2cb7-34f6-7d96-b52a-b4e2cee5b533 BarcodeId=51107003 ChannelId=3 DistributerName=APSFClickMeIn
Task: {20BB3EA9-874F-4822-BC8F-958C92B156EE} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {246C48D5-B011-4CE5-9E66-8499599D99D2} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {45302A8B-AD34-4C13-8AB5-F5CE90A6BEEB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {46CBDD44-C186-4F72-B8C5-71DFA0754644} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {5232F3C7-3C3B-48D8-B494-61D89A2C233C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-13] (Google Inc.)
Task: {54932EA0-5577-40D8-8D9B-A768FC23398F} - System32\Tasks\{FE327274-EEDA-4C82-9D57-044AA0C16137} => pcalua.exe -a "C:\Program Files\Autodesk\Revit Architecture Content 2015 English\Setup\en-US\Setup\Setup.exe" -c /P {941030D0-1500-0110-0000-818BB38A95FC} /M RCL2015 /LANG en-US
Task: {6F6AEAE3-80B7-4F56-BAB3-A9D1DCF5ADE5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {7796D628-492C-495A-A6CE-D9CE27B2B284} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [2015-03-16] (Intel® Corporation)
Task: {8BCC5739-D552-40A4-B764-F9C633B17CEB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
Task: {948111EA-3D1A-4223-B66A-01F8767E5222} - System32\Tasks\{5B442093-6879-4AD0-97C4-B7A7BB3E277D} => pcalua.exe -a "C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe"
Task: {A773E80B-CFD2-43DD-956E-5CF6FB1F787C} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\0CBF49C8CC663D70D57E8765BD8EC79C\Update\BrowserUpdate.exe <==== ATTENTION
Task: {AAEDA561-5F23-40DE-95C0-BAE24C63FAA7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {B48F01A4-82A1-4A12-8797-4EF0E31F58E6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {C34DD721-A9E1-4894-BB78-2E91CEE3F874} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {DEAE41B3-049A-4967-B9BB-29DA6C0BDC1A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {DEEE4260-6913-4AC2-BE88-E62111D0015B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {F711CEAC-91FF-4C47-A23A-2F03E185183E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-13] (Google Inc.)
Task: {FD38E950-8E86-4AAE-A530-4B028A9D5F2C} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> " <===== Cyrillic
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехрlоrеr (2).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> " <===== Cyrillic
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехрlоrеr.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> " <===== Cyrillic
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-11-02 14:01 - 2014-09-05 21:09 - 00209408 _____ () C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe
2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-05-21 14:43 - 2016-03-09 20:43 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-05-21 14:43 - 2016-03-09 20:43 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-05-21 14:43 - 2016-03-09 20:43 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-05-21 14:43 - 2016-03-09 20:43 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-05-21 14:43 - 2016-03-09 20:43 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-05-21 14:43 - 2016-03-09 20:43 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-05-21 14:43 - 2016-03-09 20:43 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-05-21 14:43 - 2016-03-09 20:43 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-05-21 14:43 - 2016-03-09 20:43 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-05-21 14:43 - 2016-03-09 20:43 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-11-06 21:50 - 2016-07-01 12:09 - 00061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2016-11-06 21:50 - 2016-07-01 12:09 - 00110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\kpcengine.2.3.dll
2016-07-15 12:06 - 2016-07-15 12:06 - 00434128 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\ipm_service.dll
2016-11-06 21:50 - 2013-09-23 23:22 - 00043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2016-11-06 21:50 - 2015-11-05 17:37 - 00052224 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2016-11-06 21:50 - 2015-11-05 17:37 - 00195584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2016-11-06 21:50 - 2015-11-05 17:37 - 00742400 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2016-11-06 21:50 - 2016-07-01 11:35 - 00285120 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\en-US\AdWingManRes.dll
2016-11-06 21:50 - 2015-09-08 12:01 - 40640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2016-11-06 21:50 - 2014-09-03 05:59 - 00912384 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2016-11-06 21:50 - 2014-09-03 05:59 - 00134144 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2016-11-06 21:50 - 2014-09-03 05:59 - 00950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2012-10-01 20:37 - 2012-10-01 20:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 18:55 - 2016-12-30 02:07 - 00000912 ____A C:\Windows\system32\Drivers\etc\hosts
 
to hosts so key not get blocked 
hosts file location: C:\Windows\System32\drivers\etc
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ASGT => 2
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IhPul => 2
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: klvssbrigde64 => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NVIDIA Wireless Controller Service => 2
MSCONFIG\Services: Service KMSELDI => 2
MSCONFIG\Services: SetupARService => 2
MSCONFIG\Services: SkypeUpdateEx => 2
MSCONFIG\Services: STCServ => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: SystemUsageReportSvc_WILLAMETTE => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: USER_ESRV_SVC_WILLAMETTE => 3
MSCONFIG\Services: WdMan => 2
MSCONFIG\Services: winsaber => 2
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "IntelConnectCenter"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "apphide"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\StartupApproved\Run: => "Mojorojo"
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\StartupApproved\Run: => "Mojorojoup"
HKU\S-1-5-21-989176755-2030777671-3719217794-1001\...\StartupApproved\Run: => "PCLink"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{4B3CB5AA-6204-447F-962D-EF9780F95C81}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FDB528A4-5CBA-4426-91F9-6761DC62769D}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{01B14B50-CCA1-4A6B-AFB0-C442F4434F1F}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{08D6AB9A-FE8C-47FC-A0BD-FF5EF486A9EC}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E7120A6F-ABFB-4A8C-ADEB-75DBF9403B1D}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2BE691AE-EBFE-4744-A50A-B895508E5474}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{17E29890-7FA8-4F57-9E2D-B6CFE748C12E}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0F94EBE7-C817-4B6D-ACEF-3C005C8D6686}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7788CBD8-0728-402F-8B23-377EC1C98610}C:\users\user\appdata\local\akamai\netsession_win.exe] => C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{4D921E41-9332-426D-AB4E-3C38392C5A92}C:\users\user\appdata\local\akamai\netsession_win.exe] => C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{EFB7F350-B3C0-4C53-8196-7CAAED5B9681}C:\program files\sketchup\sketchup 2015\sketchup.exe] => C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [UDP Query User{C6634693-B4B3-42CA-95CF-88A62FFF7724}C:\program files\sketchup\sketchup 2015\sketchup.exe] => C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [TCP Query User{0972BC56-0B1F-4786-ABD1-A2FD19930681}C:\games\need for speed most wanted - limited edition\nfs13.exe] => C:\games\need for speed most wanted - limited edition\nfs13.exe
FirewallRules: [UDP Query User{8656B64A-2596-4209-9613-50CEE049B88E}C:\games\need for speed most wanted - limited edition\nfs13.exe] => C:\games\need for speed most wanted - limited edition\nfs13.exe
FirewallRules: [{D66629D6-FED3-405F-8BD0-BD2E3E1AB144}] => LPort=50248
FirewallRules: [{394866A1-A0DB-4A08-8080-CB2B2523C40B}] => C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{9AC1B208-8CB2-4C4D-9E3A-6269BB6D9672}] => C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{08F3EAF2-4845-4D39-B387-84DB8E8DA4C3}] => C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{D18EAF5D-1AB9-4E33-87FF-CF8FCEB19AEA}] => C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{8E6D0081-7C68-4361-B4B1-14CD10359D1D}] => C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{9CBAA22C-FFB3-4B61-BA4D-BC8E5C16C51B}] => C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{389CB435-EE5C-41C9-A92D-039E6D09F9CE}] => C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{A593FF24-5BC2-4713-8A90-06FC23C82F8D}] => C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{03D7E637-2523-41F4-8CE6-EEB2D80C13B2}] => C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C42D53CE-E58E-41E6-836A-D89E4C19977C}] => C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{57E726F0-60D7-44B1-AD94-25658FE6ACD7}] => C:\Program Files (x86)\Jamben\Update\JambenUpdate.exe
FirewallRules: [{7F527D00-7CCD-4489-80CE-634FA8D3B61E}] => C:\Program Files (x86)\Jamben\Application\chrome.exe
FirewallRules: [{66DA2876-89F2-458F-9E40-98E660716289}] => C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [{46BC8347-459E-45F5-88FD-CE96E0FBC9FD}] => C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [{443064EA-526C-4D4B-9C22-5515EFB06FF6}] => C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [{8609D9EB-F527-4A6F-BE5E-F581CE6D595F}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{D253D8BE-1815-4A33-958F-1179E4EB2790}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{1E565F19-D441-491A-8D8C-4B1506D9600F}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D93EF8F8-070B-4DB2-BCC7-13F7606F6EAE}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EF93AC79-1597-4309-875D-233AA351D6EC}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FF674F07-AFB0-4F06-B916-F4D40CAA952F}] => C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe
FirewallRules: [{A7A92F11-357D-430A-A1E4-646B7CA2F6AF}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{62A8BFD8-C57E-4178-979A-914351303EF5}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DBCF5D2D-EF6F-4FF2-961F-D235BCF3E9F0}] => C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{C8132405-44D0-4953-9401-008149DD102E}] => C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{F07FD340-3D52-4A4D-884B-3C07E7BBE04A}] => C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{4663BCF8-3F76-4287-A4F4-56CC4D32CD59}] => C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{DD531A76-A6EC-4182-8AE2-73B8E074321E}] => C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{04F15637-07E7-417B-BB4B-CF2D0E1C6350}] => C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{E8E1E07F-73FB-491C-A615-688BC859461F}] => C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe
FirewallRules: [{7F4A9FC9-BC3C-4787-80C4-7380A4384174}] => C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe
FirewallRules: [{740EFF4F-9781-4803-9349-B497378A82E2}] => C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{2E595D83-FB53-49AF-87C4-460AA6348CD9}] => C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{6B526C9F-B5BD-4CA9-ADBC-5BAA4DC6C7AE}] => C:\Program Files (x86)\ASUS\Share Link\ShareLink.exe
FirewallRules: [{F2CBE3A0-34A5-4EA1-9D93-786BEB33C35E}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
21-01-2017 08:43:49 Scheduled Checkpoint
27-01-2017 00:03:32 Installed ProductName from default.wxl
03-02-2017 13:51:07 Scheduled Checkpoint
08-02-2017 11:54:55 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
08-02-2017 11:55:01 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/08/2017 12:57:19 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (02/08/2017 12:57:15 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (02/08/2017 12:42:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (02/08/2017 12:26:15 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (02/08/2017 12:20:43 PM) (Source: MsiInstaller) (EventID: 11402) (User: pc)
Description: Product: SketchUp 2017 -- Error 1402. Could not open key: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel.
 
Error: (02/08/2017 12:03:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (02/08/2017 12:03:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (02/08/2017 12:00:35 PM) (Source: MsiInstaller) (EventID: 11402) (User: pc)
Description: Product: SketchUp 2017 -- Error 1402. Could not open key: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel.
 
Error: (02/08/2017 11:58:45 AM) (Source: MsiInstaller) (EventID: 11402) (User: pc)
Description: Product: SketchUp 2017 -- Error 1402. Could not open key: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel.
 
Error: (02/08/2017 11:58:11 AM) (Source: MsiInstaller) (EventID: 11402) (User: pc)
Description: Product: SketchUp 2017 -- Error 1402. Could not open key: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel.
 
 
System errors:
=============
Error: (02/08/2017 11:52:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 09:50:00 on ‎08-‎02-‎2017 was unexpected.
 
Error: (02/08/2017 11:52:18 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
 
Error: (02/08/2017 03:41:51 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Error: (02/08/2017 03:41:21 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Error: (02/07/2017 03:41:13 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Error: (02/07/2017 03:40:43 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Error: (02/07/2017 02:13:09 AM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
 
CodeIntegrity:
===================================
  Date: 2016-08-10 12:40:27.140
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-08-10 12:30:04.202
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-08-10 12:11:45.311
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-08-09 17:22:00.412
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-08-09 14:36:30.549
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-08-09 11:52:41.064
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-08-09 10:42:17.257
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-08-08 18:51:26.743
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-08-08 17:39:42.727
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-08-08 14:01:51.204
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 53%
Total physical RAM: 8133.97 MB
Available physical RAM: 3746.63 MB
Total Virtual: 14533.97 MB
Available Virtual: 9606.49 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.23 GB) (Free:94.42 GB) NTFS
Drive e: (Entertainment) (Fixed) (Total:232.85 GB) (Free:163.82 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:232.85 GB) (Free:171.63 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:232.85 GB) (Free:184 GB) NTFS
Drive h: (Softwares & Setups) (Fixed) (Total:232.85 GB) (Free:77.62 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: CBF16C17)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.2 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 

 


Edited by Kamlesh Rathore, 08 February 2017 - 04:58 AM.

  • 0

Advertisements

#2
RKinner
Posted 09 February 2017 - 10:14 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Search for:

 

msconfig

 

hit Enter.

 

Please check everything under Startup and Services.  Then OK and Reboot.  It's hard to work on a PC with a bunch of stuff turned off in msconfig.

 

Uninstall

 

DAEMON Tools Lite 

 

Your version (or at least its SPTD driver)  is not compatible with Win 8.

 

then download, save  and run by right clicking and Run As Admin

http://www.duplexsec...st-v189-x64.exe

In dialog that appears press "Uninstall" button and then SPTD will remove itself from your Windows installation.

 

 

 
Download the attached fixlist.txt to the same location as FRST
 
[attachment=83948:fixlist.txt]
 
Run FRST and press Fix
A fix log will be generated please post that 
 
REBOOT
 
Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
 

 

 

 

 

 

 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP