1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Extremely High Disk Activity with various virus infections

Discussion in 'Malware and Virus Removal' started by scgoh123, 2017/03/13.

  1. 2017/03/20
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
    Ran by User (administrator) on ASUS (21-03-2017 12:10:46)
    Running from F:\
    Loaded Profiles: User (Available Profiles: User)
    Platform: Windows 8.1 Single Language (Update) (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
    (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
    (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
    () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
    (Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Don HO don.h@free.fr) C:\Program Files (x86)\notepad2\notepad2.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Hewlett-Packard) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe
    (Examsoft Worldwide Inc.) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.SoftShield.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    (ASUS) C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe

    ==================== Registry (Whitelisted) ====================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
    HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-18] (Oracle Corporation)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-14] (AVAST Software)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-07] (Dropbox, Inc.)
    HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.)
    HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-09] (Piriform Ltd)
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Loader] => C:\Program Files (x86)\Letv\LeTVLoader.exe #min
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [AfterPlayMonitor] => C:\Users\User\AppData\Roaming\Letv\AfterPlay\AfterPlayMonitor.ex
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Policies\Explorer: []
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\MountPoints2: {494ea61c-2e4f-11e6-828d-acd1b84b0fa0} - "E:\Setup.exe" /s
    HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
    ShellIconOverlayIdentifiers: [0DoyoShell] -> {D655C2B6-46A7-408B-8745-AE81AFC1FDD2} => C:\Users\User\AppData\Local\Doyo\DyShellIcon64.dll [2015-04-27] (Doyo.cn)
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Fast Start.lnk [2017-01-11]
    ShortcutTarget: SOLIDWORKS 2016 Fast Start.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 137.132.0.254 137.132.0.252
    Tcpip\..\Interfaces\{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF}: [DhcpNameServer] 137.132.0.254 137.132.0.252

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
    SearchScopes: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-07-13] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-14] (AVAST Software)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-07-13] (Oracle Corporation)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-14] (AVAST Software)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xt4h78mw.default [2017-03-21]
    FF Extension: (No Name) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xt4h78mw.default\extensions\arthurj8283@gmail.com [not found]
    FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-27]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-27]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_144.dll [2016-05-10] ()
    FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-07-13] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-07-13] (Oracle Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_144.dll [2016-05-10] ()
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-19] ()
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-19] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-24] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-24] (Intel Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-29] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-08] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-08] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-24] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-24] (Adobe Systems Inc.)
    StartMenuInternet: FIREFOX.EXE - firefox.exe

    Chrome:
    =======
    CHR DefaultProfile: chagulybuvertainmibile
    CHR HomePage: chagulybuvertainmibile -> hxxp://www.luckysearch123.com?type=hp&ts=1487229756&from=14a10216&uid=toshibaxmq01abf050_z4lkc79ytxxz4lkc79yt&z=049c73437918e7fc6fe3dfegaz7b9m8o9o9t2m2qdg
    CHR StartupUrls: chagulybuvertainmibile -> "hxxp://ivle.nus.edu.sg/","hxxp://hotmail.com/"
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile [2017-03-21] <==== ATTENTION
    CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-15]
    CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-15]
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-15]
    CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-15]
    CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-15]
    CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-15]
    CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-15]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
    CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-15]
    CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09]
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-03-15]
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
    CHR Extension: (Purple flowers(Non-Aero)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apifmdobolibbidmcdlofnnenabonodd [2015-12-21]
    CHR Extension: (Google Cast) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-31]
    CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-12]
    CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-10]
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-09]
    CHR HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
    R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
    R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-14] (AVAST Software s.r.o.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-14] (AVAST Software)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
    S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [80792 2017-01-10] (Dassault Systèmes SolidWorks Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
    R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
    R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
    R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
    R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
    R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [253528 2015-11-09] ()
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-03] (Intel(R) Corporation) [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-24] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-24] (Intel Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
    R2 mitsijm2017; C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-05] (Autodesk, Inc.)
    S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
    R2 Ntp2NetSvc; C:\Program Files (x86)\notepad2\notepad2.exe [2340864 2017-02-16] (Don HO don.h@free.fr) [File not signed]
    S2 Ntp2UpSvc; C:\Program Files (x86)\Common Files\ntp2UpSvc\notepad2.exe [2340864 2017-02-17] (Don HO don.h@free.fr) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
    R2 SoftshieldService; C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe [67848 2017-01-08] (Hewlett-Packard)
    S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-01-10] (SolidWorks) [File not signed]
    R2 TransformService; C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe [73528 2014-07-09] (ASUS)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
    S2 Themes; %SystemRoot%\system32\themeservice.dll [X]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-14] (AVAST Software s.r.o.)
    R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-14] (AVAST Software s.r.o.)
    R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-14] (AVAST Software s.r.o.)
    R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-14] (AVAST Software s.r.o.)
    S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-14] (AVAST Software)
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-14] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-14] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-14] (AVAST Software)
    R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-14] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-14] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-14] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-14] (AVAST Software)
    R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-07-30] (ASUS Corporation)
    S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
    R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
    R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
    R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
    R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-09] (Intel Corporation)
    R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
    R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
    R3 m76usb; C:\Windows\System32\drivers\m76usb.sys [539336 2014-04-29] (Ralink Technology Corp.)
    R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-16] (Malwarebytes)
    R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-16] (Malwarebytes)
    R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-16] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-16] (Malwarebytes)
    R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [92088 2017-03-21] (Malwarebytes)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-24] (Intel Corporation)
    R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
    R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-03-15] ()
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
    R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-03-21 08:22 - 2017-03-21 08:22 - 00001076 _____ C:\Users\User\Desktop\gvh.txt
    2017-03-19 20:31 - 2017-03-19 20:31 - 00998400 _____ C:\Users\User\Downloads\hs-diagramHDstaaende.xls
    2017-03-19 20:02 - 2017-03-19 20:02 - 00262176 _____ C:\Users\User\Downloads\receipt_A2 Draft E09_Group D.pdf
    2017-03-19 19:42 - 2017-03-19 19:42 - 00101376 _____ C:\Users\User\Downloads\F1.ppt
    2017-03-18 20:56 - 2017-03-18 20:56 - 00443263 _____ C:\Users\User\Downloads\Water Scarcity in northwestern Cambodia.pptx.pptx
    2017-03-18 20:55 - 2017-03-18 20:55 - 00106698 _____ C:\Users\User\Downloads\Draft graphic rep.pptx
    2017-03-17 00:04 - 2017-03-17 00:04 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
    2017-03-17 00:04 - 2017-03-17 00:04 - 00000000 ___RD C:\Program Files (x86)\Skype
    2017-03-17 00:04 - 2017-03-17 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2017-03-15 20:59 - 2017-03-15 21:00 - 13364364 _____ C:\Users\User\Downloads\IMG20170314194836.jpg.zip
    2017-03-15 20:59 - 2017-03-15 20:59 - 13586823 _____ C:\Users\User\Downloads\IMG20170314194921.jpg.zip
    2017-03-15 20:59 - 2017-03-15 20:59 - 13378035 _____ C:\Users\User\Downloads\IMG20170314195006.jpg.zip
    2017-03-15 14:27 - 2017-03-21 12:07 - 00092088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
    2017-03-15 14:27 - 2017-03-16 21:37 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2017-03-15 14:27 - 2017-03-16 21:37 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
    2017-03-15 14:27 - 2017-03-16 21:37 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
    2017-03-15 14:27 - 2017-03-16 21:37 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2017-03-15 14:27 - 2017-03-15 14:27 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-03-15 14:27 - 2017-03-15 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-03-15 14:26 - 2017-03-15 14:26 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-03-15 14:26 - 2017-03-15 14:26 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-03-15 14:26 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
    2017-03-15 13:41 - 2017-03-15 13:41 - 00000000 ____D C:\ProgramData\SWCUTemp
    2017-03-15 13:09 - 2017-03-17 23:09 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
    2017-03-15 13:01 - 2017-03-15 14:04 - 00000000 ____D C:\AdwCleaner
    2017-03-15 12:59 - 2017-03-15 12:59 - 00001122 _____ C:\Users\User\Downloads\fixlist.txt
    2017-03-15 10:43 - 2017-03-15 10:43 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2017-03-15 10:42 - 2017-03-15 10:42 - 00000000 ____D C:\ProgramData\RogueKiller
    2017-03-15 10:40 - 2017-03-15 10:40 - 00000872 _____ C:\Users\Public\Desktop\RogueKiller.lnk
    2017-03-15 10:40 - 2017-03-15 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2017-03-15 10:40 - 2017-03-15 10:40 - 00000000 ____D C:\Program Files\RogueKiller
    2017-03-14 20:09 - 2017-03-18 20:10 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
    2017-03-14 20:09 - 2017-03-14 20:06 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
    2017-03-14 20:09 - 2017-03-14 20:06 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
    2017-03-14 20:09 - 2017-03-14 20:06 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
    2017-03-14 20:09 - 2017-03-14 20:06 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
    2017-03-14 20:08 - 2017-03-14 20:08 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2017-03-14 11:49 - 2017-03-14 12:16 - 00198774 _____ C:\Windows\ntbtlog.txt
    2017-03-14 10:37 - 2017-03-21 12:10 - 00000000 ____D C:\FRST
    2017-03-09 22:33 - 2017-03-13 17:24 - 00321487 _____ C:\Users\User\Desktop\Water Scarcity in northwestern Cambodia.pptx
    2017-03-09 09:35 - 2017-03-09 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2017-03-07 22:46 - 2017-03-12 11:59 - 00079052 _____ C:\Users\User\Documents\Microfluidic.bak
    2017-03-07 22:06 - 2017-03-07 22:06 - 00000152 _____ C:\Users\User\Documents\acad.err
    2017-03-07 21:05 - 2017-03-07 21:05 - 00000000 ____D C:\Program Files (x86)\58BEB01D_cacayima
    2017-03-07 20:42 - 2017-03-07 22:06 - 00112680 _____ C:\Users\User\Documents\Drawing1_recover.dwg
    2017-03-07 20:42 - 2017-03-07 20:42 - 00000195 ____H C:\Users\User\Documents\Drawing1.dwl2
    2017-03-07 20:42 - 2017-03-07 20:42 - 00000045 ____H C:\Users\User\Documents\Drawing1.dwl
    2017-03-07 12:03 - 2017-03-19 12:01 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
    2017-03-07 04:50 - 2017-03-07 04:50 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
    2017-03-06 13:38 - 2017-03-12 12:02 - 00078729 _____ C:\Users\User\Documents\Microfluidic.dwg
    2017-03-06 10:08 - 2017-03-06 10:08 - 00002116 _____ C:\Users\Public\Desktop\AutoCAD 2017 - English.lnk
    2017-03-06 10:08 - 2017-03-06 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2017 - English
    2017-03-06 10:07 - 2017-03-06 11:27 - 00000000 ____D C:\Users\User\Documents\Inventor Server SDK ACAD 2017
    2017-03-05 20:25 - 2017-03-05 20:29 - 00000000 ____D C:\Program Files (x86)\MK
    2017-03-05 20:22 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
    2017-03-05 20:22 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
    2017-03-05 20:22 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
    2017-03-05 20:22 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
    2017-03-05 20:22 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
    2017-03-05 20:22 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
    2017-03-05 20:22 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
    2017-03-05 20:22 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
    2017-03-05 20:22 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
    2017-03-05 20:22 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
    2017-03-02 19:25 - 2017-03-15 12:59 - 00023812 _____ C:\Program Files (x86)\metadata
    2017-03-01 20:42 - 2017-03-15 19:54 - 00002148 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2017-03-01 20:42 - 2017-03-14 11:33 - 00000000 ____D C:\Program Files (x86)\58B6C1AE_cacayima
    2017-03-01 20:42 - 2017-03-09 19:39 - 00000000 _____ C:\Windows\SysWOW64\4
    2017-03-01 20:42 - 2017-03-09 19:39 - 00000000 _____ C:\Windows\SysWOW64\3
    2017-03-01 18:21 - 2017-03-01 18:22 - 00000000 ____D C:\Users\User\AppData\Local\WhatsApp
    2017-02-28 17:27 - 2017-02-28 17:33 - 82418960 _____ (WhatsApp) C:\Users\User\Downloads\WhatsAppSetup.exe
    2017-02-27 12:59 - 2017-02-27 12:59 - 00341094 _____ C:\Users\User\Downloads\Final Assignment2.pdf
    2017-02-27 12:11 - 2017-02-27 12:11 - 00063649 _____ C:\Users\User\Downloads\bridge3.159.0_en.html
    2017-02-21 02:39 - 2017-02-21 02:48 - 00000000 ____D C:\Program Files (x86)\dm72nb8v
    2017-02-21 00:55 - 2017-02-21 01:03 - 00000000 ____D C:\Program Files (x86)\r2i2joqg
    2017-02-20 22:39 - 2017-02-20 22:47 - 00000000 ____D C:\Program Files (x86)\ia1cpuc6
    2017-02-20 20:39 - 2017-02-20 20:53 - 00000000 ____D C:\Program Files (x86)\dwyhdf69
    2017-02-20 20:16 - 2017-02-20 20:24 - 00000000 ____D C:\Program Files (x86)\0wbg7wae
    2017-02-20 17:14 - 2017-02-20 17:17 - 00168454 _____ C:\Users\User\Downloads\The Hydrolysis of t-Butyl Chloride updated.doc.crdownload
    2017-02-20 16:39 - 2017-02-20 17:04 - 00000000 ____D C:\Program Files (x86)\lw2zy2ie
    2017-02-20 15:57 - 2017-02-20 16:18 - 00000000 ____D C:\Program Files (x86)\gyzi4t6u
    2017-02-19 23:29 - 2017-02-19 23:31 - 03087864 _____ (Google) C:\Users\User\Downloads\chrome_cleanup_tool.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-03-21 11:53 - 2015-11-09 00:31 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
    2017-03-21 11:39 - 2015-07-13 04:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2017-03-21 08:13 - 2016-08-16 21:48 - 00000554 _____ C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job
    2017-03-21 08:03 - 2015-07-13 09:19 - 00003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{870AB941-DEA7-4AE7-ACD4-F8FC5B4235A8}
    2017-03-19 20:54 - 2015-07-13 03:45 - 00000000 ____D C:\Users\User\AppData\Local\Packages
    2017-03-19 20:47 - 2015-07-13 03:51 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3023424667-1579791547-2771295078-1001
    2017-03-19 12:01 - 2016-09-03 11:25 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
    2017-03-18 21:53 - 2015-11-09 00:31 - 00000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
    2017-03-18 15:29 - 2016-03-07 16:43 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2017-03-17 00:04 - 2014-12-04 00:56 - 00000000 ____D C:\ProgramData\Skype
    2017-03-17 00:03 - 2017-01-10 16:37 - 00000000 ____D C:\ProgramData\Package Cache
    2017-03-16 20:47 - 2015-07-13 09:18 - 00000000 ____D C:\Users\User\OneDrive
    2017-03-16 20:47 - 2014-03-18 17:53 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
    2017-03-16 20:47 - 2013-08-22 21:36 - 00000000 ____D C:\Windows\Inf
    2017-03-16 20:45 - 2015-11-09 00:41 - 00000000 ___RD C:\Users\User\Dropbox
    2017-03-15 20:29 - 2015-07-13 05:59 - 00000000 ____D C:\Program Files (x86)\SogouInput
    2017-03-15 20:13 - 2015-07-13 03:49 - 00000094 _____ C:\Users\User\AppData\Roaming\sp_data.sys
    2017-03-15 20:10 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\system32\NDF
    2017-03-15 20:05 - 2013-08-22 22:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2017-03-15 19:50 - 2015-12-21 09:39 - 00000000 ____D C:\Users\User\AppData\Local\dmcache
    2017-03-15 19:31 - 2017-01-10 16:20 - 00000000 ____D C:\Users\User\AppData\Local\Akamai
    2017-03-15 14:58 - 2016-09-29 08:44 - 00003884 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1475109879
    2017-03-15 14:58 - 2016-09-29 08:44 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
    2017-03-15 14:17 - 2013-08-22 21:25 - 00262144 ___SH C:\Windows\system32\config\BBI
    2017-03-15 14:03 - 2017-01-08 20:37 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-03-15 14:03 - 2016-08-23 23:02 - 00000000 ____D C:\Windows\system32\log
    2017-03-15 13:41 - 2015-12-21 13:39 - 00000000 ____D C:\temp
    2017-03-15 12:52 - 2013-08-22 23:36 - 00000000 ___HD C:\Program Files\WindowsApps
    2017-03-15 12:52 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\AppReadiness
    2017-03-15 12:45 - 2016-08-22 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
    2017-03-15 12:31 - 2013-08-22 23:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
    2017-03-15 04:36 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
    2017-03-14 20:09 - 2015-07-13 05:03 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2017-03-14 20:09 - 2015-07-13 05:03 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
    2017-03-14 20:08 - 2015-07-13 05:03 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148949336453104
    2017-03-14 20:08 - 2015-07-13 05:03 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148949336717106
    2017-03-14 20:08 - 2015-07-13 05:03 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2017-03-14 20:08 - 2015-07-13 05:03 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2017-03-14 20:08 - 2015-07-13 05:03 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2017-03-14 20:08 - 2015-07-13 05:03 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2017-03-14 20:08 - 2015-07-13 05:03 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2017-03-14 20:07 - 2016-09-27 18:10 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
    2017-03-14 20:07 - 2015-07-13 05:03 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2017-03-14 11:34 - 2013-08-22 22:44 - 00616208 _____ C:\Windows\system32\FNTCACHE.DAT
    2017-03-14 11:33 - 2015-11-09 00:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
    2017-03-11 17:45 - 2013-08-22 23:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2017-03-11 17:41 - 2016-08-23 16:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
    2017-03-11 17:13 - 2017-01-10 20:24 - 00000000 ____D C:\Users\Public\Documents\.forever
    2017-03-09 21:43 - 2016-08-19 19:06 - 00000000 ____D C:\Users\User\AppData\Roaming\WhatsApp
    2017-03-09 09:36 - 2015-11-09 00:30 - 00000000 ____D C:\Users\User\AppData\Local\Dropbox
    2017-03-07 16:17 - 2017-01-12 11:10 - 00000000 ____D C:\Users\User\AppData\Local\SolidWorks
    2017-03-07 16:17 - 2017-01-10 21:58 - 00000000 ____D C:\ProgramData\SOLIDWORKS
    2017-03-06 10:14 - 2016-08-18 23:06 - 00000000 ____D C:\ProgramData\Autodesk
    2017-03-06 10:10 - 2016-08-18 23:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
    2017-03-06 10:10 - 2016-08-18 23:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Autodesk
    2017-03-06 10:09 - 2017-01-10 17:59 - 00000000 ____D C:\Program Files (x86)\Autodesk
    2017-03-06 10:08 - 2017-01-10 20:03 - 00000000 ____D C:\Users\Public\Documents\Autodesk
    2017-03-06 10:08 - 2016-08-18 21:34 - 00000000 ____D C:\Users\User\AppData\Local\Autodesk
    2017-03-06 09:48 - 2017-01-10 17:54 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
    2017-03-06 09:44 - 2017-01-10 20:03 - 00000000 ____D C:\Program Files\Autodesk
    2017-03-05 20:13 - 2017-01-10 16:19 - 00000000 ____D C:\Autodesk
    2017-03-02 23:05 - 2017-02-14 22:04 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
    2017-03-02 20:36 - 2017-01-12 11:16 - 00000000 ____D C:\ProgramData\DassaultSystemes
    2017-03-01 18:22 - 2016-08-19 19:06 - 00002174 _____ C:\Users\User\Desktop\WhatsApp.lnk
    2017-03-01 18:22 - 2016-08-19 19:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
    2017-03-01 18:22 - 2016-08-19 19:05 - 00000000 ____D C:\Users\User\AppData\Local\SquirrelTemp
    2017-02-28 20:51 - 2016-12-15 10:01 - 00003162 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
    2017-02-28 20:51 - 2016-08-23 16:24 - 00003170 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3023424667-1579791547-2771295078-1001
    2017-02-28 20:51 - 2016-08-23 16:24 - 00002301 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
    2017-02-27 15:20 - 2017-01-24 08:40 - 00000000 ___HD C:\Users\Public\Documents\.adata
    2017-02-27 15:20 - 2017-01-24 08:39 - 00000000 ____D C:\ProgramData\SofTest
    2017-02-22 00:21 - 2015-07-13 04:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

    ==================== Files in the root of some directories =======

    2017-03-02 19:25 - 2017-03-15 12:59 - 0023812 _____ () C:\Program Files (x86)\metadata
    2015-11-26 22:24 - 2015-11-26 22:24 - 0000000 _____ () C:\Users\User\AppData\Roaming\7C61.tmp
    2015-11-09 01:14 - 2016-08-01 17:46 - 0003072 _____ () C:\Users\User\AppData\Roaming\Photobook Designer Prefsv3
    2015-07-13 03:49 - 2017-03-15 20:13 - 0000094 _____ () C:\Users\User\AppData\Roaming\sp_data.sys
    2015-12-28 09:07 - 2015-11-26 22:24 - 0813056 _____ () C:\Users\User\AppData\Roaming\trz154.tmp
    2015-12-17 14:34 - 2015-12-17 14:34 - 0000047 _____ () C:\Users\User\AppData\Roaming\WB.CFG
    2015-02-09 16:53 - 2015-02-09 16:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2014-12-04 00:56 - 2014-03-27 04:50 - 0000124 _____ () C:\ProgramData\SetStretch.cmd
    2014-12-04 00:56 - 2009-07-22 18:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
    2014-12-04 00:56 - 2012-09-07 19:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

    Some files in TEMP:
    ====================
    2017-03-15 10:42 - 2015-07-16 08:29 - 1735000 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\dllnt_dump.dll

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-03-12 12:20

    ==================== End of FRST.txt ============================
     
  2. 2017/03/20
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
    Ran by User (21-03-2017 12:12:36)
    Running from F:\
    Windows 8.1 Single Language (Update) (X64) (2015-07-12 19:45:04)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3023424667-1579791547-2771295078-500 - Administrator - Disabled)
    Guest (S-1-5-21-3023424667-1579791547-2771295078-501 - Limited - Disabled)
    User (S-1-5-21-3023424667-1579791547-2771295078-1001 - Administrator - Enabled) => C:\Users\User

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
    A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
    ACA & MEP 2017 Object Enabler (Version: 7.9.45.0 - Autodesk) Hidden
    ACAD Private (Version: 21.0.52.0 - Autodesk) Hidden
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
    Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.144 - Adobe Systems Incorporated)
    Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.144 - Adobe Systems Incorporated)
    Akamai NetSession Interface (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
    Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader Driver (x32 Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden
    amuleC (HKLM-x32\...\{0F7B5011-72EC-493D-A7BF-546591047E8E}) (Version: 1.0.2 - amuleC) <==== ATTENTION
    amulesw (HKLM-x32\...\{13D7C2E9-08E7-4889-94FF-87E707184E53}) (Version: 1.0.7 - amules) <==== ATTENTION
    Arduino (HKLM-x32\...\Arduino) (Version: 1.8.1 - Arduino LLC)
    ASUS FlipLock (HKLM\...\{9BF8EF7C-4AA1-4CA7-93DB-8F543EB35F4E}) (Version: 1.0.5 - ASUS)
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
    ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.6 - ASUS)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.19 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
    AutoCAD 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
    AutoCAD 2017 (Version: 21.0.52.0 - Autodesk) Hidden
    AutoCAD 2017 Language Pack - English (Version: 21.0.52.0 - Autodesk) Hidden
    Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
    Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
    Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
    Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
    Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
    Autodesk Configurator 360 addin (HKLM-x32\...\{E3EE083F-6856-44AB-BC82-445E2FFB8C1A}) (Version: 21.0.11700 - Autodesk)
    Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
    Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
    Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
    Autodesk Desktop Connect Service (HKLM\...\{FC772454-BB19-0000-0330-44B459520227}) (Version: 3.30.0 - Autodesk)
    Autodesk DWG TrueView 2017 - English (HKLM\...\DWG TrueView 2017 - English) (Version: 21.0.52.0 - Autodesk)
    Autodesk Featured Apps 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
    Autodesk Fusion 360 (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.2317 - Autodesk, Inc.)
    Autodesk Guided Tutorial Plugin (HKLM\...\{B3AFC608-D811-0003-0330-21FB25B48D6E}) (Version: 3.30.0 - Autodesk)
    Autodesk Inventor Content Center Libraries 2017 (Desktop Content) (HKLM\...\{B46DECD1-2164-4EF1-0000-22D71E81877C}) (Version: 21.0.14200.0000 - Autodesk)
    Autodesk Inventor Electrical Catalog Browser 2017 - English (HKLM\...\Autodesk Inventor Electrical Catalog Browser 2017 - English) (Version: 14.0.57.0 - Autodesk)
    Autodesk Inventor Electrical Catalog Browser 2017 - English (Version: 14.0.57.0 - Autodesk) Hidden
    Autodesk Inventor Electrical Catalog Browser 2017 Language Pack - English (Version: 14.0.57.0 - Autodesk) Hidden
    Autodesk Inventor Professional 2017 - English (HKLM\...\Autodesk Inventor Professional 2017) (Version: 21.0.14200.0000 - Autodesk)
    Autodesk Inventor Professional 2017 (Version: 21.0.14200.0000 - Autodesk) Hidden
    Autodesk Inventor Professional 2017 English Language Pack (Version: 21.0.14200.0000 - Autodesk) Hidden
    Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
    Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
    Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
    Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
    Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
    Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
    Autodesk Revit Interoperability for Inventor 2017 (HKLM\...\Autodesk Revit Interoperability for Inventor 2017) (Version: 17.0.411.0 - Autodesk)
    Autodesk Revit Interoperability for Inventor 2017 (Version: 17.0.411.0 - Autodesk) Hidden
    Autodesk Vault Basic 2017 (Client) (HKLM\...\Autodesk Vault Basic 2017 (Client)) (Version: 22.0.48.0 - Autodesk)
    Autodesk Vault Basic 2017 (Client) (Version: 22.0.48.0 - Autodesk) Hidden
    Autodesk Vault Basic 2017 (Client) English Language Pack (Version: 22.0.48.0 - Autodesk) Hidden
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
    Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.0.1 - Canon Inc.)
    Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
    Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
    DWG TrueView 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
    Eco Materials Adviser for Autodesk Inventor 2017 (64-bit) (HKLM\...\{05D87862-35C9-4CB4-92EC-8A1FC97BFF6C}) (Version: 6.4.9.0 - Granta Design Limited)
    EnVisionSimulation-V2.772 (HKLM-x32\...\{A17D773B-A443-4697-9FBD-41481508C2C4}) (Version: 2.77.2000 - GSE EnVision LLC)
    FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
    Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
    GAMS win32 24.1.1 (HKLM-x32\...\GAMS win32 24.1_is1) (Version: GAMS 24.1.1 - GAMS Development)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
    Graphmatica (HKLM-x32\...\{EB2AE318-0A58-4E3E-A463-3DE071CD9E01}) (Version: 2.4.0.0 - kSoft)
    Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
    Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation)
    Inventor Connected Desktop for A360 (HKLM\...\{1FA52755-1FBC-0001-0330-7CEA1F3736D8}) (Version: 3.30.0 - Autodesk)
    Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
    Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
    MATLAB R2016a (HKLM\...\Matlab R2016a) (Version: 9.0 - MathWorks)
    Mediatek Bluetooth (HKLM\...\{878D7C14-18BD-7A70-9292-C0B3CE374125}) (Version: 11.0.754.0 - Mediatek)
    Mendeley Desktop 1.16.3 (HKLM-x32\...\Mendeley Desktop) (Version: 1.16.3 - Mendeley Ltd.)
    Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
    Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
    Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.7766.2060 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
    Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.7766.2060 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 29.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 en-US)) (Version: 29.0 - Mozilla)
    Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
    Photobook Designer (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Photobook Designer) (Version: Photobook Designer 2015.2.0 - Photobook Worldwide)
    Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.47.0 - Ralink)
    RAR File Open Knife - Free Opener (HKLM-x32\...\RAR File Open Knife - Free Opener) (Version: 6.50 - Philipp Winterberg)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7266 - Realtek Semiconductor Corp.)
    RogueKiller version 12.10.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.0.0 - Adlice Software)
    SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
    SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
    Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
    Social Network Visualizer (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\{c97d1a9d-84b6-4bcc-ad4c-3f133eab5a83}) (Version: 2.0 - dimitris.kalamaras@gmail.com)
    SofTest v11 (HKLM-x32\...\InstallShield_{C1D2914D-1088-4D4C-A743-2F22BD084B24}) (Version: 11.33.207 - Examsoft)
    SofTest v11 (x32 Version: 11.33.207 - Examsoft) Hidden
    Software Catalogue Client 1.2 (HKLM-x32\...\Software Catalogue Client 1.2_is1) (Version: - )
    SOLIDWORKS 2016 x64 Edition SP02 (Version: 24.120.50 - Dassault Systemes SolidWorks Corp) Hidden
    Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 4.0.0.0 - Stellar Information Systems Ltd)
    TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24322 - TeamViewer)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
    WhatsApp (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\WhatsApp) (Version: 0.2.3572 - WhatsApp)
    Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
    WinSnare (HKLM-x32\...\{8AD83541-D15E-47D0-ABB7-6D1A065BFB49}) (Version: 4.2.9 - WinSnare) <==== ATTENTION
    WinZip (HKLM-x32\...\WinZip) (Version: 2.3.4 - Winzipper Pvt Ltd.) <==== ATTENTION
    WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
    搜狗拼音输入法 6.5正式版 (HKLM-x32\...\Sogou Input) (Version: 6.5.0.9181 - Sogou.com)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{32CDFF57-8CBA-4960-89B1-EC3FA58FB17A}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.7\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppDocView.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppDocView.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxTest.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtCp.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\SolidObject.Dll ()
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\SolidObject.Dll ()
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\Inventor.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\User\AppData\Local\Autodesk\webdeploy\production\64cd1225aaecdd36644b12e5453e4d4c995e22b0\NPreview10.dll ()
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\AcInetUI.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
     

  3. to hide this advert.

  4. 2017/03/20
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\InvResc.dll (Autodesk)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\InvTXTStack.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {02494446-6573-4FEF-9668-D74A84CE2A14} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
    Task: {0806D5A1-12B1-4DB1-A4F3-0351905BC14A} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
    Task: {16178547-B6FF-488E-9005-10767F0E7F53} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-28] (ASUSTek Computer Inc.)
    Task: {19F5DDE7-D516-4301-A9E1-06F93F0A0007} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
    Task: {1A7070E6-1A47-4C07-922B-04DE4C09433E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-02-19] (Microsoft Corporation)
    Task: {1CF75DDA-3DB6-4F65-945E-8FF3D501FE5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-08] (Google Inc.)
    Task: {24248C31-0D20-4AF1-A6D0-E860D00DAEAC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-03] (ASUSTek Computer Inc.)
    Task: {30FC0ABD-E183-4CA5-A643-E1CAF55C43A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
    Task: {32FC8434-5DBB-48F2-9133-238BE3C06CF5} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-12] (ASUSTek Computer Inc.)
    Task: {4BF7E1C0-264A-497C-830E-DF22873A3FFA} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
    Task: {5245DDF7-656E-40A1-9202-553FB44CD03C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-08] (Google Inc.)
    Task: {66C9EF2A-71D9-4F04-BBC2-E5F93880A190} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-02-19] (Microsoft Corporation)
    Task: {76EBFC5A-76B5-4661-A520-4E90CFCB5ECC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
    Task: {7B06CD07-9839-4F0D-8E5C-0B207ED136A5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-14] (AVAST Software)
    Task: {8687D5AE-8761-4C0A-8B1C-5026D4FBF2A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
    Task: {94A3671A-77FC-4DF4-9856-2AF104D3FEF7} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-07-30] (AsusTek)
    Task: {9CAD7D46-35EF-4D28-98E6-91F633C34F4D} - System32\Tasks\MATLAB R2016a Startup Accelerator => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe [2015-12-28] ()
    Task: {A421700E-64F8-44B9-B678-60ACFA3B528B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-02-19] (Microsoft Corporation)
    Task: {AB75C051-3F4B-4C66-965D-D5B6B412086B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
    Task: {AC9E483E-EBC3-4454-94A5-40A22969BB5B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-09] (Piriform Ltd)
    Task: {B123AEC7-DC80-450A-9ED2-D0609218AE18} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
    Task: {B44F5164-9614-48C6-8CAC-57AC10A95A1B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-03] (ASUS)
    Task: {C3CC248F-6E8D-4E27-B614-FB1E185583E3} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-06-04] (Realtek Semiconductor)
    Task: {D6F36CC8-7243-41DA-AE3A-A3463EB99019} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26] (Realtek Semiconductor)
    Task: {EB30C87F-1A80-49FD-94BD-59AB75DD0112} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-11] (Adobe Systems Incorporated)
    Task: {F277435F-BF7C-43E9-880E-2556068B5DFB} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
    Task: {F8009B75-F720-425C-A752-2FDC21912DFD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
    Task: {FE244580-70C4-4A38-BD4B-D70AC8781365} - System32\Tasks\SafeZone scheduled Autoupdate 1475109879 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2016-03-07 16:43 - 2015-11-09 13:40 - 00253528 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    2015-12-15 20:42 - 2015-12-15 20:42 - 00165376 _____ () C:\Program Files\Autodesk\Autodesk Sync\qjson_Ad_0.dll
    2015-12-15 20:42 - 2015-12-15 20:42 - 00050176 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
    2015-12-15 20:42 - 2015-12-15 20:42 - 00062464 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
    2015-12-15 20:42 - 2015-12-15 20:42 - 00932864 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
    2017-01-10 21:44 - 2017-01-10 21:44 - 00267672 _____ () C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\sldBodyDiffu.dll
    2016-08-01 10:35 - 2016-08-01 10:35 - 00017920 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
    2017-01-10 21:08 - 2016-07-01 14:39 - 00061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
    2017-01-10 21:08 - 2016-07-01 14:39 - 00110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
    2016-11-18 12:36 - 2016-11-18 12:36 - 00904704 _____ () C:\Program Files (x86)\Examsoft\Softest 11.0\System.Data.SQLite.dll
    2015-02-09 16:47 - 2013-10-24 05:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2014-04-03 06:46 - 2014-04-03 06:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
    2014-04-03 06:46 - 2014-04-03 06:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
    2014-04-03 06:46 - 2014-04-03 06:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
    2014-04-03 06:46 - 2014-04-03 06:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
    2014-11-05 10:42 - 2014-11-05 10:42 - 00308392 _____ () C:\Users\User\AppData\Roaming\Letv\AfterPlay\curllib.dll
    2014-11-05 10:42 - 2014-11-05 10:42 - 00313000 _____ () C:\Users\User\AppData\Roaming\Letv\AfterPlay\CommDll.dll
    2016-09-27 18:08 - 2016-09-27 18:08 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2017-03-14 20:07 - 2017-03-14 20:07 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2017-03-14 20:07 - 2017-03-14 20:07 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
    2017-03-09 09:34 - 2017-03-07 04:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
    2017-03-09 09:35 - 2017-02-09 10:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
    2017-03-09 09:35 - 2017-02-09 10:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
    2017-03-09 09:35 - 2017-02-09 10:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
    2017-03-09 09:35 - 2017-02-09 10:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
    2017-03-09 09:35 - 2017-02-09 10:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
    2017-03-09 09:34 - 2017-02-09 10:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
    2017-03-09 09:34 - 2017-02-09 10:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
    2017-03-09 09:34 - 2017-02-09 10:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
    2017-03-09 09:35 - 2017-02-09 10:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
    2017-03-09 09:34 - 2017-02-09 10:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
    2017-03-09 09:34 - 2017-02-09 10:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
    2017-03-09 09:35 - 2017-02-09 10:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
    2017-03-09 09:35 - 2017-02-09 10:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
    2017-03-09 09:34 - 2017-02-09 10:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
    2017-03-09 09:34 - 2017-03-07 05:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
    2017-03-09 09:34 - 2017-02-09 10:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
    2017-03-09 09:34 - 2017-02-09 10:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
    2017-03-09 09:34 - 2017-03-07 05:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
    2017-03-09 09:35 - 2017-02-09 10:30 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
    2017-01-10 21:08 - 2013-09-24 01:52 - 00043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
    2017-01-10 21:08 - 2015-11-05 20:07 - 00052224 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
    2017-01-10 21:08 - 2015-11-05 20:07 - 00195584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
    2017-01-10 21:08 - 2015-11-05 20:07 - 00742400 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
    2017-01-10 21:08 - 2016-07-01 14:05 - 00285120 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\en-US\AdWingManRes.dll
    2017-01-10 21:08 - 2015-09-08 14:31 - 40640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
    2017-01-10 21:08 - 2014-09-03 08:29 - 00912384 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
    2017-01-10 21:08 - 2014-09-03 08:29 - 00134144 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
    2017-01-10 21:08 - 2014-09-03 08:29 - 00950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
    2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
    2016-08-23 16:37 - 2017-01-29 17:46 - 08929992 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
    2017-03-15 14:26 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
    2017-03-15 14:26 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
    2015-07-15 00:42 - 2015-07-15 00:42 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
    2017-03-14 20:06 - 2017-03-14 20:06 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
    2017-02-18 03:34 - 2017-02-18 03:34 - 22958672 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
    2016-12-24 02:10 - 2016-12-24 02:10 - 00323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
    2016-10-01 07:36 - 2016-10-01 07:36 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [135]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\sharepoint.com -> hxxps://ichatspedu.sharepoint.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Control Panel\Desktop\\Wallpaper -> D:\Study Material\NUS\Sem2\CM1502\Electronegativity chart.jpg
    DNS Servers: 137.132.0.254 - 137.132.0.252
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{A91FCD71-505B-44CA-A6AF-397B6980695D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{4BC64510-64C3-481B-9508-7C04C732E66B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
    FirewallRules: [{1BFCCB6C-0B75-40A2-B6C3-404D0A59F1D5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
    FirewallRules: [{7087BEA1-29DE-4E6F-8379-279D9A611993}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    FirewallRules: [{281BFDD9-AC9F-44D3-A42A-F90BCBD8E8E5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    FirewallRules: [{42D2C929-C773-4334-87E7-7C370B853DD9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{DC7E05DB-FCBA-459E-AFE1-29A9C684C181}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{7BCAEE5B-07B9-4D09-AA04-ED5D4681905C}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{AAF7B55C-F86E-41EA-A57F-388148326B86}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{29421EF0-E5E9-4E36-BCC2-50EBAB393584}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{8F13D6BD-F8DB-47DE-B7EA-B907BEA141E9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{B969658D-F2BE-4CBF-9987-96A398002F60}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{63CC5990-E9E5-45B3-9939-287C688CE3B2}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{C6564E38-E6DA-4D22-BD11-AC0C030A3F94}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{3942351D-AC73-4552-BCEA-326D0E148AB5}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{912D4188-7B43-4B31-9F63-FD95B858B1FB}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{535FCAA4-2F7A-4CAE-934F-4587D0654C7E}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{9E885250-670D-46D5-B759-602B98503435}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{81DAD6B0-AB98-4E03-85B3-009A99B16635}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{638DBFA6-ADFB-4484-9121-2ABE06D26CF9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{8671A947-94DB-4967-B28D-4964A504544C}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{9EE34C8D-69AC-4955-A421-6204F9CFA8B5}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{390E461C-EFF5-402D-A4AF-91B36445A7C2}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{48F80170-46A0-4BE6-B2D7-47F489A0AE50}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{73DAC044-86A1-471E-ABF6-A0F5617E6F65}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{A07E6598-6F53-40CF-8D09-EB4B3EA69D99}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{16492CEB-D723-48D4-960F-A8513ADE97A1}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{63D06C57-7887-4134-89FE-0F57E3553D5B}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{86EA128E-48F6-4855-AE0D-E0CD64FBD677}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{335D9ACB-B888-4367-8EC6-A23027E4D8F2}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{B9A62A92-BCAE-4574-B6BE-149A6715428F}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{3AB4F339-B007-4D7D-9570-7B223B574492}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{7CD29E55-2CF5-400A-9DBA-F5A9DA38E9B2}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{7D1C8BA5-C9F6-4B77-98D4-46DBB618B79E}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{002EC304-73E0-4530-AB5A-63BEE9CE7CAA}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{9C8C1A32-18AA-4D5D-98C9-4B6EBACA8D2A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{C3912C72-EA1B-4420-9114-D79877C4AC8B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{070FB716-5FFD-4A49-962B-C0F4187049CF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{4CB73550-23AD-4237-B1C6-75270803A86A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{08DAE8E2-C484-4506-B5A9-66DF3387D165}] => (Allow) F:\Microsoft Project Pro 2013 SP1 VL x64 en-US[rarbg]\Microsoft Toolkit.exe
    FirewallRules: [{46FE5F7C-60A1-4802-BF77-093332C050C8}] => (Allow) F:\Microsoft Project Pro 2013 SP1 VL x64 en-US[rarbg]\Microsoft Toolkit.exe
    FirewallRules: [{DF5C156F-D606-446F-BE41-AE4D27E37917}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{6BB98E9B-FF97-4FB8-853A-E4FAF3CD75EA}] => (Allow) LPort=2869
    FirewallRules: [{35BC7EA6-18C8-40B8-A616-8F8D2EA9DA67}] => (Allow) LPort=1900
    FirewallRules: [{1AA79CEC-A987-4C13-9286-6CB3BDB92C1C}] => (Allow) C:\Users\User\AppData\Local\Doyo\drvdown\download\MiniThunderPlatform.exe
    FirewallRules: [{501B833C-BFF1-45A8-849F-9EB93F30B64E}] => (Allow) C:\Users\User\AppData\Local\Doyo\DYService.exe
    FirewallRules: [{1C45797D-99A6-4473-AC81-0B9344D30C42}] => (Allow) C:\Users\User\AppData\Local\Doyo\MiniDown\download\MiniThunderPlatform.exe
    FirewallRules: [TCP Query User{236AA815-3ECE-4088-AC83-D9A7BDD458F0}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{6D033F11-FCC1-48B9-865F-A51930F7A13D}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [TCP Query User{D10F3954-6E4C-4410-8C17-A3DBB85B5F85}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{5F1CDCA3-467B-4C13-AC12-E5A97DF00513}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [{ADE451A1-F205-4F9F-92AA-7E97E78B1E54}] => (Allow) C:\Program Files (x86)\Letv\letv360.exe
    FirewallRules: [{B62BC3CF-E0E8-4992-9FA8-CA23A2425946}] => (Allow) C:\Program Files (x86)\Letv\letv360.exe
    FirewallRules: [TCP Query User{24EFC1E4-521F-4156-9A0C-5E46278A96D2}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
    FirewallRules: [UDP Query User{99C1BA46-1307-483D-A3C2-CBE133BAEF1F}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
    FirewallRules: [TCP Query User{BE98410B-1DB2-401A-A005-F43591F48FAD}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
    FirewallRules: [UDP Query User{7BB5EB2B-3E2E-4A34-9467-8109B84522DC}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
    FirewallRules: [{CCD60465-B3BE-4D20-BA81-1215F826EAF2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{CA185C25-38C3-4860-B2FC-C3B886107148}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{F0DCADC8-5D99-410F-8F31-8ABF7EC57576}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
    FirewallRules: [{3BF4294A-3D72-4D79-A690-3F9264E10BC8}] => (Allow) C:\ProgramData\Newjob\Newjob.exe
    FirewallRules: [{38AF029C-111C-40CE-8715-10F8E25BF8B0}] => (Allow) C:\ProgramData\Fishlose\Fishlose.exe
    FirewallRules: [TCP Query User{0C58AB5F-FDCA-48A5-B80F-B7BB63622B8F}C:\program files (x86)\willjob\application\chrome.exe] => (Block) C:\program files (x86)\willjob\application\chrome.exe
    FirewallRules: [UDP Query User{B59628BC-5522-4897-B55F-17D8366A34BF}C:\program files (x86)\willjob\application\chrome.exe] => (Block) C:\program files (x86)\willjob\application\chrome.exe
    FirewallRules: [{4369E5B7-E538-40A9-A691-A15DED59467A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{19216B93-2C52-4240-8DE7-D979AD777B37}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [TCP Query User{984AB920-991F-477B-BDD3-A9B9E37EDB95}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{BB5DA6FF-9238-42C0-84EE-B555F60BF522}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
    FirewallRules: [{2A8EA24B-1E67-4455-8B7D-EDB22664E77A}] => (Allow) LPort=62947
    FirewallRules: [{3D124470-659E-4198-89AA-895781A1A9E2}] => (Allow) LPort=5000
    FirewallRules: [{20BB0891-91E7-48D5-90E2-6675C0944F37}] => (Allow) C:\Program Files\Autodesk\Desktop Connect\forever\node.exe
    FirewallRules: [TCP Query User{A64E9BB1-FD6C-4601-A408-BBD85F1DA260}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
    FirewallRules: [UDP Query User{BD916DEB-A0BD-43ED-BC9D-9A82A257D448}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
    FirewallRules: [TCP Query User{1416CFD7-F9D5-4E0E-84EF-146BA124BE85}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{76B3ED28-9682-4CE7-84CD-FF2A34126127}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
    FirewallRules: [{F4A75FD3-5D08-4356-A88B-FBE0706F8AD4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{AAC41570-4409-4667-80A6-B8370BE240C0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{1F6B3AE6-4B36-4513-B924-60E69C3327A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{3488D9B9-7413-4DE7-BE27-CE14F35F2DA0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{28FE39AB-BA90-4443-9C45-3B681ADC3A3D}] => (Allow) C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
    FirewallRules: [{3367616B-0118-4E66-B0C0-6F4304503A8C}] => (Allow) C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
    FirewallRules: [{189ECFAF-6F03-4CB0-8CE7-E442B2C53D6F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{33625DDE-F026-4450-AB57-8A5DDFBF7992}] => (Allow) C:\Program Files (x86)\Stancine\Application\chrome.exe
    FirewallRules: [{1D645050-C3E8-4D28-A304-11654B7505ED}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
    FirewallRules: [{E7C9FA44-0E65-49D4-A4FC-41C4E7D276E1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    FirewallRules: [{701D2324-E8EA-41DB-9242-3D84AFF64950}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
    FirewallRules: [{7D998B99-D647-4C48-98D1-9D00777F229D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
    StandardProfile\AuthorizedApplications: [C:\Users\User\AppData\Local\Doyo\DYService.exe] => Enabled:¶ºÓÎÏÂÔØ·þÎñ

    ==================== Restore Points =========================

    15-03-2017 20:25:47 JRT Pre-Junkware Removal
    15-03-2017 20:26:43 JRT Pre-Junkware Removal
    16-03-2017 23:59:30 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
    17-03-2017 00:01:57 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506

    ==================== Faulty Device Manager Devices =============

    Name:
    Description:
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (03/21/2017 08:15:40 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (03/21/2017 07:59:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 6297

    Error: (03/21/2017 07:59:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 6297

    Error: (03/21/2017 07:59:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (03/21/2017 07:59:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5156

    Error: (03/21/2017 07:59:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5156

    Error: (03/21/2017 07:59:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (03/21/2017 07:59:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3797

    Error: (03/21/2017 07:59:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 3797

    Error: (03/21/2017 07:59:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    System errors:
    =============
    Error: (03/21/2017 08:31:25 AM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.177.252.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/21/2017 08:01:29 AM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :20" could not be registered on the interface with IP address 172.23.177.252.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/21/2017 08:01:29 AM) (Source: Server) (EventID: 2505) (User: )
    Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF} because another computer on the network has the same name. The server could not start.

    Error: (03/21/2017 08:00:03 AM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.177.252.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/21/2017 08:00:02 AM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.177.252.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/21/2017 08:00:02 AM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :20" could not be registered on the interface with IP address 172.23.177.252.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/21/2017 08:00:01 AM) (Source: Server) (EventID: 2505) (User: )
    Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF} because another computer on the network has the same name. The server could not start.

    Error: (03/20/2017 04:34:48 PM) (Source: DCOM) (EventID: 10010) (User: ASUS)
    Description: The server Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.1 did not register with DCOM within the required timeout.

    Error: (03/20/2017 04:30:10 PM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :20" could not be registered on the interface with IP address 172.23.63.81.
    The computer with the IP address 137.132.4.25 did not allow the name to be claimed by
    this computer.

    Error: (03/20/2017 04:30:10 PM) (Source: Server) (EventID: 2505) (User: )
    Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF} because another computer on the network has the same name. The server could not start.


    CodeIntegrity:
    ===================================
    Date: 2017-03-15 12:40:24.737
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-15 12:40:03.899
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-15 11:11:39.379
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-15 11:11:35.648
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-15 10:43:12.874
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-15 10:42:38.343
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-14 19:06:55.115
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-14 19:06:54.989
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-14 19:06:54.981
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-14 18:41:54.067
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
    Percentage of memory in use: 77%
    Total physical RAM: 3979.43 MB
    Available physical RAM: 907.38 MB
    Total Virtual: 9099.43 MB
    Available Virtual: 4974.88 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:70.56 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (Data) (Fixed) (Total:263.35 GB) (Free:199.7 GB) NTFS
    Drive e: (flash it) (Removable) (Total:0.04 GB) (Free:0.04 GB) FAT
    Drive f: () (Removable) (Total:3.71 GB) (Free:3.6 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: A60BBD6E)

    Partition: GPT.

    ========================================================
    Disk: 1 (Size: 38 MB) (Disk ID: 00000000)

    Partition: GPT.

    ========================================================
    Disk: 2 (Size: 3.7 GB) (Disk ID: 2C6B7369)
    No partition Table on disk 2.

    ==================== End of Addition.txt ============================
     
  5. 2017/03/21
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,483
    Likes Received:
    103
    Trophy Points:
    843
    Location:
    Daly City, CA
    Computer Experience:
    Experienced
    [​IMG] Uninstall following unwanted programs:

    amuleC
    amulesw
    WinSnare
    WinZip


    [​IMG]
    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

  6. 2017/03/23
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
    Ran by User (administrator) on ASUS (23-03-2017 13:03:14)
    Running from C:\Users\User\Downloads
    Loaded Profiles: User (Available Profiles: User)
    Platform: Windows 8.1 Single Language (Update) (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
    (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
    (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
    () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
    (Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Don HO don.h@free.fr) C:\Program Files (x86)\notepad2\notepad2.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Hewlett-Packard) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe
    (Examsoft Worldwide Inc.) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.SoftShield.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    (ASUS) C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
    (VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    () C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe

    ==================== Registry (Whitelisted) ====================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
    HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-18] (Oracle Corporation)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-14] (AVAST Software)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-07] (Dropbox, Inc.)
    HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.)
    HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-09] (Piriform Ltd)
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Loader] => C:\Program Files (x86)\Letv\LeTVLoader.exe #min
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [AfterPlayMonitor] => C:\Users\User\AppData\Roaming\Letv\AfterPlay\AfterPlayMonitor.ex
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Policies\Explorer: []
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\MountPoints2: {494ea61c-2e4f-11e6-828d-acd1b84b0fa0} - "E:\Setup.exe" /s
    HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
    ShellIconOverlayIdentifiers: [0DoyoShell] -> {D655C2B6-46A7-408B-8745-AE81AFC1FDD2} => C:\Users\User\AppData\Local\Doyo\DyShellIcon64.dll [2015-04-27] (Doyo.cn)
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Fast Start.lnk [2017-01-11]
    ShortcutTarget: SOLIDWORKS 2016 Fast Start.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 137.132.0.254 137.132.0.252
    Tcpip\..\Interfaces\{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF}: [DhcpNameServer] 137.132.0.254 137.132.0.252

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
    SearchScopes: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-07-13] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-14] (AVAST Software)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-07-13] (Oracle Corporation)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-14] (AVAST Software)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xt4h78mw.default [2017-03-22]
    FF Extension: (No Name) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xt4h78mw.default\extensions\arthurj8283@gmail.com [not found]
    FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-27]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-27]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_144.dll [2016-05-10] ()
    FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-07-13] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-07-13] (Oracle Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_144.dll [2016-05-10] ()
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-19] ()
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-19] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-24] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-24] (Intel Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-29] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-08] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-08] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-24] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-24] (Adobe Systems Inc.)
    StartMenuInternet: FIREFOX.EXE - firefox.exe

    Chrome:
    =======
    CHR DefaultProfile: chagulybuvertainmibile
    CHR HomePage: chagulybuvertainmibile -> hxxp://www.luckysearch123.com?type=hp&ts=1487229756&from=14a10216&uid=toshibaxmq01abf050_z4lkc79ytxxz4lkc79yt&z=049c73437918e7fc6fe3dfegaz7b9m8o9o9t2m2qdg
    CHR StartupUrls: chagulybuvertainmibile -> "hxxp://ivle.nus.edu.sg/","hxxp://hotmail.com/"
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile [2017-03-22] <==== ATTENTION
    CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-15]
    CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-15]
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-15]
    CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-15]
    CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-15]
    CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-15]
    CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-15]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
    CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-15]
    CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09]
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-03-15]
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
    CHR Extension: (Purple flowers(Non-Aero)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apifmdobolibbidmcdlofnnenabonodd [2015-12-21]
    CHR Extension: (Google Cast) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-31]
    CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-12]
    CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-10]
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-09]
    CHR HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
    R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
    R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-14] (AVAST Software s.r.o.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-14] (AVAST Software)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
    S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [80792 2017-01-10] (Dassault Systèmes SolidWorks Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
    R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
    R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
    R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
    R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
    R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [253528 2015-11-09] ()
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-03] (Intel(R) Corporation) [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-24] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-24] (Intel Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
    R2 mitsijm2017; C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-05] (Autodesk, Inc.)
    S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
    R2 Ntp2NetSvc; C:\Program Files (x86)\notepad2\notepad2.exe [2340864 2017-02-16] (Don HO don.h@free.fr) [File not signed]
    S2 Ntp2UpSvc; C:\Program Files (x86)\Common Files\ntp2UpSvc\notepad2.exe [2340864 2017-02-17] (Don HO don.h@free.fr) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
    R2 SoftshieldService; C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe [67848 2017-01-08] (Hewlett-Packard)
    S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-01-10] (SolidWorks) [File not signed]
    R2 TransformService; C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe [73528 2014-07-09] (ASUS)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
    S2 Themes; %SystemRoot%\system32\themeservice.dll [X]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-14] (AVAST Software s.r.o.)
    R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-14] (AVAST Software s.r.o.)
    R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-14] (AVAST Software s.r.o.)
    R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-14] (AVAST Software s.r.o.)
    S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-14] (AVAST Software)
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-14] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-14] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-14] (AVAST Software)
    R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-14] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-14] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-14] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-14] (AVAST Software)
    R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-07-30] (ASUS Corporation)
    S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
    R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
    R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
    R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
    R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-09] (Intel Corporation)
    R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
    R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
    R3 m76usb; C:\Windows\System32\drivers\m76usb.sys [539336 2014-04-29] (Ralink Technology Corp.)
    R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-16] (Malwarebytes)
    R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-16] (Malwarebytes)
    R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-16] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-16] (Malwarebytes)
    R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [92088 2017-03-22] (Malwarebytes)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-24] (Intel Corporation)
    R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
    R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-03-15] ()
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
    R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-03-22 13:03 - 2017-03-22 13:07 - 00031015 _____ C:\Users\User\Downloads\FRST.txt
    2017-03-22 12:58 - 2017-03-22 12:59 - 02424832 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
    2017-03-22 12:53 - 2017-03-22 12:53 - 00000040 _____ C:\Program Files (x86)\settings.dat
    2017-03-22 12:53 - 2017-03-22 12:53 - 00000000 ____D C:\Program Files (x86)\reports
    2017-03-22 11:57 - 2017-03-22 11:57 - 00000000 ____D C:\Users\User\AppData\Local\VS Revo Group
    2017-03-22 11:56 - 2017-03-22 11:56 - 00001095 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
    2017-03-22 11:56 - 2017-03-22 11:56 - 00000000 ____D C:\ProgramData\VS Revo Group
    2017-03-22 11:56 - 2017-03-22 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
    2017-03-22 11:56 - 2017-03-22 11:56 - 00000000 ____D C:\Program Files\VS Revo Group
    2017-03-22 11:56 - 2016-12-21 14:52 - 00040240 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
    2017-03-22 11:52 - 2017-03-22 11:53 - 11523496 _____ (VS Revo Group ) C:\Users\User\Downloads\RevoUninProSetup.exe
    2017-03-22 11:32 - 2017-03-22 11:34 - 16413877 _____ C:\Users\User\Downloads\Re%3a_PCS_Visit_on_10th_March.zip
    2017-03-22 09:22 - 2017-03-22 09:22 - 07958528 _____ C:\Users\User\Downloads\chapter-08.ppt
    2017-03-22 09:10 - 2017-03-22 09:10 - 01131157 _____ C:\Users\User\Downloads\CM1502_Tutorial_3_answer.pptx
    2017-03-22 09:09 - 2017-03-22 09:10 - 183538300 _____ C:\Users\User\Downloads\Chemistry The Molecular Nature Of Matter And Change Fourth Edition.pdf
    2017-03-21 21:53 - 2017-03-21 21:53 - 00117452 _____ C:\Users\User\Downloads\Answers to PT3.pdf
    2017-03-21 17:45 - 2017-03-21 23:03 - 00107278 _____ C:\Users\User\Desktop\Book1.xlsx
    2017-03-21 08:22 - 2017-03-21 08:22 - 00001076 _____ C:\Users\User\Desktop\gvh.txt
    2017-03-19 20:31 - 2017-03-19 20:31 - 00998400 _____ C:\Users\User\Downloads\hs-diagramHDstaaende.xls
    2017-03-19 19:42 - 2017-03-19 19:42 - 00101376 _____ C:\Users\User\Downloads\F1.ppt
    2017-03-18 20:56 - 2017-03-18 20:56 - 00443263 _____ C:\Users\User\Downloads\Water Scarcity in northwestern Cambodia.pptx.pptx
    2017-03-18 20:55 - 2017-03-18 20:55 - 00106698 _____ C:\Users\User\Downloads\Draft graphic rep.pptx
    2017-03-17 00:04 - 2017-03-17 00:04 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
    2017-03-17 00:04 - 2017-03-17 00:04 - 00000000 ___RD C:\Program Files (x86)\Skype
    2017-03-17 00:04 - 2017-03-17 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2017-03-15 20:59 - 2017-03-15 21:00 - 13364364 _____ C:\Users\User\Downloads\IMG20170314194836.jpg.zip
    2017-03-15 20:59 - 2017-03-15 20:59 - 13586823 _____ C:\Users\User\Downloads\IMG20170314194921.jpg.zip
    2017-03-15 20:59 - 2017-03-15 20:59 - 13378035 _____ C:\Users\User\Downloads\IMG20170314195006.jpg.zip
    2017-03-15 14:27 - 2017-03-22 09:04 - 00092088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
    2017-03-15 14:27 - 2017-03-16 21:37 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2017-03-15 14:27 - 2017-03-16 21:37 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
    2017-03-15 14:27 - 2017-03-16 21:37 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
    2017-03-15 14:27 - 2017-03-16 21:37 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2017-03-15 14:27 - 2017-03-15 14:27 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-03-15 14:27 - 2017-03-15 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-03-15 14:26 - 2017-03-15 14:26 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-03-15 14:26 - 2017-03-15 14:26 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-03-15 14:26 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
    2017-03-15 13:09 - 2017-03-17 23:09 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
    2017-03-15 13:01 - 2017-03-15 14:04 - 00000000 ____D C:\AdwCleaner
    2017-03-15 12:59 - 2017-03-15 12:59 - 00001122 _____ C:\Users\User\Downloads\fixlist.txt
    2017-03-15 10:43 - 2017-03-15 10:43 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2017-03-15 10:42 - 2017-03-15 10:42 - 00000000 ____D C:\ProgramData\RogueKiller
    2017-03-15 10:40 - 2017-03-15 10:40 - 00000872 _____ C:\Users\Public\Desktop\RogueKiller.lnk
    2017-03-15 10:40 - 2017-03-15 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2017-03-15 10:40 - 2017-03-15 10:40 - 00000000 ____D C:\Program Files\RogueKiller
    2017-03-14 20:09 - 2017-03-18 20:10 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
    2017-03-14 20:09 - 2017-03-14 20:06 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
    2017-03-14 20:09 - 2017-03-14 20:06 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
    2017-03-14 20:09 - 2017-03-14 20:06 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
    2017-03-14 20:09 - 2017-03-14 20:06 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
    2017-03-14 20:08 - 2017-03-14 20:08 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2017-03-14 11:49 - 2017-03-14 12:16 - 00198774 _____ C:\Windows\ntbtlog.txt
    2017-03-14 10:37 - 2017-03-22 13:03 - 00000000 ____D C:\FRST
    2017-03-09 22:33 - 2017-03-13 17:24 - 00321487 _____ C:\Users\User\Desktop\Water Scarcity in northwestern Cambodia.pptx
    2017-03-09 09:35 - 2017-03-09 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2017-03-07 22:46 - 2017-03-12 11:59 - 00079052 _____ C:\Users\User\Documents\Microfluidic.bak
    2017-03-07 22:06 - 2017-03-07 22:06 - 00000152 _____ C:\Users\User\Documents\acad.err
    2017-03-07 21:05 - 2017-03-07 21:05 - 00000000 ____D C:\Program Files (x86)\58BEB01D_cacayima
    2017-03-07 20:42 - 2017-03-07 22:06 - 00112680 _____ C:\Users\User\Documents\Drawing1_recover.dwg
    2017-03-07 20:42 - 2017-03-07 20:42 - 00000195 ____H C:\Users\User\Documents\Drawing1.dwl2
    2017-03-07 20:42 - 2017-03-07 20:42 - 00000045 ____H C:\Users\User\Documents\Drawing1.dwl
    2017-03-07 12:03 - 2017-03-19 12:01 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
    2017-03-07 04:50 - 2017-03-07 04:50 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
    2017-03-06 13:38 - 2017-03-12 12:02 - 00078729 _____ C:\Users\User\Documents\Microfluidic.dwg
    2017-03-06 10:08 - 2017-03-06 10:08 - 00002116 _____ C:\Users\Public\Desktop\AutoCAD 2017 - English.lnk
    2017-03-06 10:08 - 2017-03-06 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2017 - English
    2017-03-06 10:07 - 2017-03-06 11:27 - 00000000 ____D C:\Users\User\Documents\Inventor Server SDK ACAD 2017
    2017-03-05 20:25 - 2017-03-05 20:29 - 00000000 ____D C:\Program Files (x86)\MK
    2017-03-05 20:22 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
    2017-03-05 20:22 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
    2017-03-05 20:22 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
    2017-03-05 20:22 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
    2017-03-05 20:22 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
    2017-03-05 20:22 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
    2017-03-05 20:22 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
    2017-03-05 20:22 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
    2017-03-05 20:22 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
    2017-03-05 20:22 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
    2017-03-05 20:22 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
    2017-03-02 19:25 - 2017-03-15 12:59 - 00023812 _____ C:\Program Files (x86)\metadata
    2017-03-01 20:42 - 2017-03-15 19:54 - 00002148 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2017-03-01 20:42 - 2017-03-14 11:33 - 00000000 ____D C:\Program Files (x86)\58B6C1AE_cacayima
    2017-03-01 20:42 - 2017-03-09 19:39 - 00000000 _____ C:\Windows\SysWOW64\4
    2017-03-01 20:42 - 2017-03-09 19:39 - 00000000 _____ C:\Windows\SysWOW64\3
    2017-03-01 18:21 - 2017-03-01 18:22 - 00000000 ____D C:\Users\User\AppData\Local\WhatsApp
    2017-02-28 17:27 - 2017-02-28 17:33 - 82418960 _____ (WhatsApp) C:\Users\User\Downloads\WhatsAppSetup.exe
    2017-02-27 12:59 - 2017-02-27 12:59 - 00341094 _____ C:\Users\User\Downloads\Final Assignment2.pdf
    2017-02-27 12:11 - 2017-02-27 12:11 - 00063649 _____ C:\Users\User\Downloads\bridge3.159.0_en.html
    2017-02-21 02:39 - 2017-02-21 02:48 - 00000000 ____D C:\Program Files (x86)\dm72nb8v
    2017-02-21 00:55 - 2017-02-21 01:03 - 00000000 ____D C:\Program Files (x86)\r2i2joqg
    2017-02-20 22:39 - 2017-02-20 22:47 - 00000000 ____D C:\Program Files (x86)\ia1cpuc6
    2017-02-20 20:39 - 2017-02-20 20:53 - 00000000 ____D C:\Program Files (x86)\dwyhdf69
    2017-02-20 20:16 - 2017-02-20 20:24 - 00000000 ____D C:\Program Files (x86)\0wbg7wae
    2017-02-20 17:14 - 2017-02-20 17:17 - 00168454 _____ C:\Users\User\Downloads\The Hydrolysis of t-Butyl Chloride updated.doc.crdownload
    2017-02-20 16:39 - 2017-02-20 17:04 - 00000000 ____D C:\Program Files (x86)\lw2zy2ie
    2017-02-20 15:57 - 2017-02-20 16:18 - 00000000 ____D C:\Program Files (x86)\gyzi4t6u

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-03-22 13:03 - 2016-08-16 21:48 - 00000554 _____ C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job
    2017-03-22 12:58 - 2015-07-13 03:45 - 00000000 ____D C:\Users\User\AppData\Local\Packages
    2017-03-22 12:53 - 2015-11-09 00:31 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
    2017-03-22 12:44 - 2015-07-13 03:51 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3023424667-1579791547-2771295078-1001
    2017-03-22 11:39 - 2015-07-13 04:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2017-03-22 09:12 - 2015-07-13 09:19 - 00003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{870AB941-DEA7-4AE7-ACD4-F8FC5B4235A8}
    2017-03-21 21:53 - 2015-11-09 00:31 - 00000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
    2017-03-21 13:15 - 2015-07-15 03:43 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Help
    2017-03-21 13:05 - 2015-07-13 06:02 - 00000000 ____D C:\ProgramData\AVAST Software
    2017-03-19 12:01 - 2016-09-03 11:25 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
    2017-03-18 15:29 - 2016-03-07 16:43 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2017-03-17 00:04 - 2014-12-04 00:56 - 00000000 ____D C:\ProgramData\Skype
    2017-03-17 00:03 - 2017-01-10 16:37 - 00000000 ____D C:\ProgramData\Package Cache
    2017-03-16 20:47 - 2015-07-13 09:18 - 00000000 ____D C:\Users\User\OneDrive
    2017-03-16 20:47 - 2014-03-18 17:53 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
    2017-03-16 20:47 - 2013-08-22 21:36 - 00000000 ____D C:\Windows\Inf
    2017-03-16 20:45 - 2015-11-09 00:41 - 00000000 ___RD C:\Users\User\Dropbox
    2017-03-15 20:29 - 2015-07-13 05:59 - 00000000 ____D C:\Program Files (x86)\SogouInput
    2017-03-15 20:13 - 2015-07-13 03:49 - 00000094 _____ C:\Users\User\AppData\Roaming\sp_data.sys
    2017-03-15 20:10 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\system32\NDF
    2017-03-15 20:05 - 2013-08-22 22:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2017-03-15 19:50 - 2015-12-21 09:39 - 00000000 ____D C:\Users\User\AppData\Local\dmcache
    2017-03-15 19:31 - 2017-01-10 16:20 - 00000000 ____D C:\Users\User\AppData\Local\Akamai
    2017-03-15 14:58 - 2016-09-29 08:44 - 00003884 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1475109879
    2017-03-15 14:58 - 2016-09-29 08:44 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
    2017-03-15 14:17 - 2013-08-22 21:25 - 00262144 ___SH C:\Windows\system32\config\BBI
    2017-03-15 14:03 - 2017-01-08 20:37 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-03-15 14:03 - 2016-08-23 23:02 - 00000000 ____D C:\Windows\system32\log
    2017-03-15 13:41 - 2015-12-21 13:39 - 00000000 ____D C:\temp
    2017-03-15 12:52 - 2013-08-22 23:36 - 00000000 ___HD C:\Program Files\WindowsApps
    2017-03-15 12:52 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\AppReadiness
    2017-03-15 12:45 - 2016-08-22 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
    2017-03-15 12:31 - 2013-08-22 23:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
    2017-03-15 04:36 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
    2017-03-14 20:09 - 2015-07-13 05:03 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2017-03-14 20:09 - 2015-07-13 05:03 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
    2017-03-14 20:08 - 2015-07-13 05:03 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148949336453104
    2017-03-14 20:08 - 2015-07-13 05:03 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148949336717106
    2017-03-14 20:08 - 2015-07-13 05:03 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2017-03-14 20:08 - 2015-07-13 05:03 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2017-03-14 20:08 - 2015-07-13 05:03 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2017-03-14 20:08 - 2015-07-13 05:03 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2017-03-14 20:08 - 2015-07-13 05:03 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2017-03-14 20:07 - 2016-09-27 18:10 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
    2017-03-14 20:07 - 2015-07-13 05:03 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2017-03-14 11:34 - 2013-08-22 22:44 - 00616208 _____ C:\Windows\system32\FNTCACHE.DAT
    2017-03-14 11:33 - 2015-11-09 00:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
    2017-03-11 17:45 - 2013-08-22 23:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2017-03-11 17:41 - 2016-08-23 16:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
    2017-03-11 17:13 - 2017-01-10 20:24 - 00000000 ____D C:\Users\Public\Documents\.forever
    2017-03-09 21:43 - 2016-08-19 19:06 - 00000000 ____D C:\Users\User\AppData\Roaming\WhatsApp
    2017-03-09 09:36 - 2015-11-09 00:30 - 00000000 ____D C:\Users\User\AppData\Local\Dropbox
    2017-03-07 16:17 - 2017-01-12 11:10 - 00000000 ____D C:\Users\User\AppData\Local\SolidWorks
    2017-03-07 16:17 - 2017-01-10 21:58 - 00000000 ____D C:\ProgramData\SOLIDWORKS
    2017-03-06 10:14 - 2016-08-18 23:06 - 00000000 ____D C:\ProgramData\Autodesk
    2017-03-06 10:10 - 2016-08-18 23:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
    2017-03-06 10:10 - 2016-08-18 23:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Autodesk
    2017-03-06 10:09 - 2017-01-10 17:59 - 00000000 ____D C:\Program Files (x86)\Autodesk
    2017-03-06 10:08 - 2017-01-10 20:03 - 00000000 ____D C:\Users\Public\Documents\Autodesk
    2017-03-06 10:08 - 2016-08-18 21:34 - 00000000 ____D C:\Users\User\AppData\Local\Autodesk
    2017-03-06 09:48 - 2017-01-10 17:54 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
    2017-03-06 09:44 - 2017-01-10 20:03 - 00000000 ____D C:\Program Files\Autodesk
    2017-03-05 20:13 - 2017-01-10 16:19 - 00000000 ____D C:\Autodesk
    2017-03-02 23:05 - 2017-02-14 22:04 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
    2017-03-02 20:36 - 2017-01-12 11:16 - 00000000 ____D C:\ProgramData\DassaultSystemes
    2017-03-01 18:22 - 2016-08-19 19:06 - 00002174 _____ C:\Users\User\Desktop\WhatsApp.lnk
    2017-03-01 18:22 - 2016-08-19 19:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
    2017-03-01 18:22 - 2016-08-19 19:05 - 00000000 ____D C:\Users\User\AppData\Local\SquirrelTemp
    2017-02-28 20:51 - 2016-12-15 10:01 - 00003162 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
    2017-02-28 20:51 - 2016-08-23 16:24 - 00003170 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3023424667-1579791547-2771295078-1001
    2017-02-28 20:51 - 2016-08-23 16:24 - 00002301 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
    2017-02-27 15:20 - 2017-01-24 08:40 - 00000000 ___HD C:\Users\Public\Documents\.adata
    2017-02-27 15:20 - 2017-01-24 08:39 - 00000000 ____D C:\ProgramData\SofTest
    2017-02-22 00:21 - 2015-07-13 04:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

    ==================== Files in the root of some directories =======

    2017-03-02 19:25 - 2017-03-15 12:59 - 0023812 _____ () C:\Program Files (x86)\metadata
    2017-03-22 12:53 - 2017-03-22 12:53 - 0000040 _____ () C:\Program Files (x86)\settings.dat
    2015-11-26 22:24 - 2015-11-26 22:24 - 0000000 _____ () C:\Users\User\AppData\Roaming\7C61.tmp
    2015-11-09 01:14 - 2016-08-01 17:46 - 0003072 _____ () C:\Users\User\AppData\Roaming\Photobook Designer Prefsv3
    2015-07-13 03:49 - 2017-03-15 20:13 - 0000094 _____ () C:\Users\User\AppData\Roaming\sp_data.sys
    2015-12-28 09:07 - 2015-11-26 22:24 - 0813056 _____ () C:\Users\User\AppData\Roaming\trz154.tmp
    2015-12-17 14:34 - 2015-12-17 14:34 - 0000047 _____ () C:\Users\User\AppData\Roaming\WB.CFG
    2015-02-09 16:53 - 2015-02-09 16:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2014-12-04 00:56 - 2014-03-27 04:50 - 0000124 _____ () C:\ProgramData\SetStretch.cmd
    2014-12-04 00:56 - 2009-07-22 18:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
    2014-12-04 00:56 - 2012-09-07 19:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

    Some files in TEMP:
    ====================
    2017-03-15 10:42 - 2015-07-16 08:29 - 1735000 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\dllnt_dump.dll

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-03-12 12:20

    ==================== End of FRST.txt ============================
     
  7. 2017/03/23
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
    Ran by User (2-03-2017 13:08:49)
    Running from C:\Users\User\Downloads
    Windows 8.1 Single Language (Update) (X64) (2015-07-12 19:45:04)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3023424667-1579791547-2771295078-500 - Administrator - Disabled)
    Guest (S-1-5-21-3023424667-1579791547-2771295078-501 - Limited - Disabled)
    User (S-1-5-21-3023424667-1579791547-2771295078-1001 - Administrator - Enabled) => C:\Users\User

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
    A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
    ACA & MEP 2017 Object Enabler (Version: 7.9.45.0 - Autodesk) Hidden
    ACAD Private (Version: 21.0.52.0 - Autodesk) Hidden
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
    Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.144 - Adobe Systems Incorporated)
    Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.144 - Adobe Systems Incorporated)
    Akamai NetSession Interface (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
    Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader Driver (x32 Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden
    amuleC (HKLM-x32\...\{0F7B5011-72EC-493D-A7BF-546591047E8E}) (Version: 1.0.2 - amuleC) <==== ATTENTION
    amulesw (HKLM-x32\...\{13D7C2E9-08E7-4889-94FF-87E707184E53}) (Version: 1.0.7 - amules) <==== ATTENTION
    Arduino (HKLM-x32\...\Arduino) (Version: 1.8.1 - Arduino LLC)
    ASUS FlipLock (HKLM\...\{9BF8EF7C-4AA1-4CA7-93DB-8F543EB35F4E}) (Version: 1.0.5 - ASUS)
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
    ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.6 - ASUS)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.19 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
    AutoCAD 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
    AutoCAD 2017 (Version: 21.0.52.0 - Autodesk) Hidden
    AutoCAD 2017 Language Pack - English (Version: 21.0.52.0 - Autodesk) Hidden
    Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
    Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
    Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
    Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
    Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
    Autodesk Configurator 360 addin (HKLM-x32\...\{E3EE083F-6856-44AB-BC82-445E2FFB8C1A}) (Version: 21.0.11700 - Autodesk)
    Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
    Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
    Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
    Autodesk Desktop Connect Service (HKLM\...\{FC772454-BB19-0000-0330-44B459520227}) (Version: 3.30.0 - Autodesk)
    Autodesk DWG TrueView 2017 - English (HKLM\...\DWG TrueView 2017 - English) (Version: 21.0.52.0 - Autodesk)
    Autodesk Featured Apps 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
    Autodesk Fusion 360 (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.2317 - Autodesk, Inc.)
    Autodesk Guided Tutorial Plugin (HKLM\...\{B3AFC608-D811-0003-0330-21FB25B48D6E}) (Version: 3.30.0 - Autodesk)
    Autodesk Inventor Content Center Libraries 2017 (Desktop Content) (HKLM\...\{B46DECD1-2164-4EF1-0000-22D71E81877C}) (Version: 21.0.14200.0000 - Autodesk)
    Autodesk Inventor Electrical Catalog Browser 2017 - English (HKLM\...\Autodesk Inventor Electrical Catalog Browser 2017 - English) (Version: 14.0.57.0 - Autodesk)
    Autodesk Inventor Electrical Catalog Browser 2017 - English (Version: 14.0.57.0 - Autodesk) Hidden
    Autodesk Inventor Electrical Catalog Browser 2017 Language Pack - English (Version: 14.0.57.0 - Autodesk) Hidden
    Autodesk Inventor Professional 2017 - English (HKLM\...\Autodesk Inventor Professional 2017) (Version: 21.0.14200.0000 - Autodesk)
    Autodesk Inventor Professional 2017 (Version: 21.0.14200.0000 - Autodesk) Hidden
    Autodesk Inventor Professional 2017 English Language Pack (Version: 21.0.14200.0000 - Autodesk) Hidden
    Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
    Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
    Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
    Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
    Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
    Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
    Autodesk Revit Interoperability for Inventor 2017 (HKLM\...\Autodesk Revit Interoperability for Inventor 2017) (Version: 17.0.411.0 - Autodesk)
    Autodesk Revit Interoperability for Inventor 2017 (Version: 17.0.411.0 - Autodesk) Hidden
    Autodesk Vault Basic 2017 (Client) (HKLM\...\Autodesk Vault Basic 2017 (Client)) (Version: 22.0.48.0 - Autodesk)
    Autodesk Vault Basic 2017 (Client) (Version: 22.0.48.0 - Autodesk) Hidden
    Autodesk Vault Basic 2017 (Client) English Language Pack (Version: 22.0.48.0 - Autodesk) Hidden
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
    Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.0.1 - Canon Inc.)
    Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
    Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
    DWG TrueView 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
    Eco Materials Adviser for Autodesk Inventor 2017 (64-bit) (HKLM\...\{05D87862-35C9-4CB4-92EC-8A1FC97BFF6C}) (Version: 6.4.9.0 - Granta Design Limited)
    EnVisionSimulation-V2.772 (HKLM-x32\...\{A17D773B-A443-4697-9FBD-41481508C2C4}) (Version: 2.77.2000 - GSE EnVision LLC)
    FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
    Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
    GAMS win32 24.1.1 (HKLM-x32\...\GAMS win32 24.1_is1) (Version: GAMS 24.1.1 - GAMS Development)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
    Graphmatica (HKLM-x32\...\{EB2AE318-0A58-4E3E-A463-3DE071CD9E01}) (Version: 2.4.0.0 - kSoft)
    Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
    Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation)
    Inventor Connected Desktop for A360 (HKLM\...\{1FA52755-1FBC-0001-0330-7CEA1F3736D8}) (Version: 3.30.0 - Autodesk)
    Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
    Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
    MATLAB R2016a (HKLM\...\Matlab R2016a) (Version: 9.0 - MathWorks)
    Mediatek Bluetooth (HKLM\...\{878D7C14-18BD-7A70-9292-C0B3CE374125}) (Version: 11.0.754.0 - Mediatek)
    Mendeley Desktop 1.16.3 (HKLM-x32\...\Mendeley Desktop) (Version: 1.16.3 - Mendeley Ltd.)
    Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
    Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
    Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.7766.2060 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
    Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.7766.2060 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 29.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 en-US)) (Version: 29.0 - Mozilla)
    Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
    Photobook Designer (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Photobook Designer) (Version: Photobook Designer 2015.2.0 - Photobook Worldwide)
    Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.47.0 - Ralink)
    RAR File Open Knife - Free Opener (HKLM-x32\...\RAR File Open Knife - Free Opener) (Version: 6.50 - Philipp Winterberg)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7266 - Realtek Semiconductor Corp.)
    Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
    RogueKiller version 12.10.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.0.0 - Adlice Software)
    SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
    SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
    Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
    Social Network Visualizer (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\{c97d1a9d-84b6-4bcc-ad4c-3f133eab5a83}) (Version: 2.0 - dimitris.kalamaras@gmail.com)
    SofTest v11 (HKLM-x32\...\InstallShield_{C1D2914D-1088-4D4C-A743-2F22BD084B24}) (Version: 11.33.207 - Examsoft)
    SofTest v11 (x32 Version: 11.33.207 - Examsoft) Hidden
    Software Catalogue Client 1.2 (HKLM-x32\...\Software Catalogue Client 1.2_is1) (Version: - )
    SOLIDWORKS 2016 x64 Edition SP02 (Version: 24.120.50 - Dassault Systemes SolidWorks Corp) Hidden
    Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 4.0.0.0 - Stellar Information Systems Ltd)
    TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24322 - TeamViewer)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
    WhatsApp (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\WhatsApp) (Version: 0.2.3572 - WhatsApp)
    Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
    WinSnare (HKLM-x32\...\{8AD83541-D15E-47D0-ABB7-6D1A065BFB49}) (Version: 4.2.9 - WinSnare) <==== ATTENTION
    WinZip (HKLM-x32\...\WinZip) (Version: 2.3.4 - Winzipper Pvt Ltd.) <==== ATTENTION
    WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
    搜狗拼音输入法 6.5正式版 (HKLM-x32\...\Sogou Input) (Version: 6.5.0.9181 - Sogou.com)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{32CDFF57-8CBA-4960-89B1-EC3FA58FB17A}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.7\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppDocView.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppDocView.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxTest.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtCp.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\SolidObject.Dll ()
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\SolidObject.Dll ()
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
     
  8. 2017/03/23
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\Inventor.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\User\AppData\Local\Autodesk\webdeploy\production\64cd1225aaecdd36644b12e5453e4d4c995e22b0\NPreview10.dll ()
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\AcInetUI.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\InvResc.dll (Autodesk)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\InvTXTStack.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {02494446-6573-4FEF-9668-D74A84CE2A14} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
    Task: {0806D5A1-12B1-4DB1-A4F3-0351905BC14A} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
    Task: {0982DF7C-97B7-45A0-B59B-03CE152D9D00} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-02-19] (Microsoft Corporation)
    Task: {16178547-B6FF-488E-9005-10767F0E7F53} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-28] (ASUSTek Computer Inc.)
    Task: {19F5DDE7-D516-4301-A9E1-06F93F0A0007} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
    Task: {1A7070E6-1A47-4C07-922B-04DE4C09433E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-02-19] (Microsoft Corporation)
    Task: {1CF75DDA-3DB6-4F65-945E-8FF3D501FE5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-08] (Google Inc.)
    Task: {24248C31-0D20-4AF1-A6D0-E860D00DAEAC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-03] (ASUSTek Computer Inc.)
    Task: {30FC0ABD-E183-4CA5-A643-E1CAF55C43A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
    Task: {32FC8434-5DBB-48F2-9133-238BE3C06CF5} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-12] (ASUSTek Computer Inc.)
    Task: {4BF7E1C0-264A-497C-830E-DF22873A3FFA} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
    Task: {5245DDF7-656E-40A1-9202-553FB44CD03C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-08] (Google Inc.)
    Task: {66C9EF2A-71D9-4F04-BBC2-E5F93880A190} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-02-19] (Microsoft Corporation)
    Task: {76EBFC5A-76B5-4661-A520-4E90CFCB5ECC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
    Task: {7B06CD07-9839-4F0D-8E5C-0B207ED136A5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-14] (AVAST Software)
    Task: {8687D5AE-8761-4C0A-8B1C-5026D4FBF2A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
    Task: {94A3671A-77FC-4DF4-9856-2AF104D3FEF7} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-07-30] (AsusTek)
    Task: {9CAD7D46-35EF-4D28-98E6-91F633C34F4D} - System32\Tasks\MATLAB R2016a Startup Accelerator => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe [2015-12-28] ()
    Task: {AB75C051-3F4B-4C66-965D-D5B6B412086B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
    Task: {AC9E483E-EBC3-4454-94A5-40A22969BB5B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-09] (Piriform Ltd)
    Task: {B123AEC7-DC80-450A-9ED2-D0609218AE18} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
    Task: {B44F5164-9614-48C6-8CAC-57AC10A95A1B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-03] (ASUS)
    Task: {C3CC248F-6E8D-4E27-B614-FB1E185583E3} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-06-04] (Realtek Semiconductor)
    Task: {D6F36CC8-7243-41DA-AE3A-A3463EB99019} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26] (Realtek Semiconductor)
    Task: {EB30C87F-1A80-49FD-94BD-59AB75DD0112} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-11] (Adobe Systems Incorporated)
    Task: {F277435F-BF7C-43E9-880E-2556068B5DFB} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
    Task: {F8009B75-F720-425C-A752-2FDC21912DFD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
    Task: {FE244580-70C4-4A38-BD4B-D70AC8781365} - System32\Tasks\SafeZone scheduled Autoupdate 1475109879 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2016-03-07 16:43 - 2015-11-09 13:40 - 00253528 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    2017-03-15 14:26 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
    2017-03-15 14:26 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
    2016-08-01 10:35 - 2016-08-01 10:35 - 00017920 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
    2016-08-23 16:37 - 2017-01-29 21:55 - 08930504 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
    2017-02-08 14:50 - 2017-02-01 17:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
    2017-02-08 14:50 - 2017-02-01 17:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
    2016-08-16 21:10 - 2015-12-28 15:26 - 00044544 _____ () C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe
    2017-01-10 21:08 - 2016-07-01 14:39 - 00061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
    2017-01-10 21:08 - 2016-07-01 14:39 - 00110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
    2017-03-14 20:07 - 2017-03-14 20:07 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2016-09-27 18:08 - 2016-09-27 18:08 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2017-03-14 20:06 - 2017-03-14 20:06 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
    2017-03-14 20:07 - 2017-03-14 20:07 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
    2016-11-18 12:36 - 2016-11-18 12:36 - 00904704 _____ () C:\Program Files (x86)\Examsoft\Softest 11.0\System.Data.SQLite.dll
    2015-02-09 16:47 - 2013-10-24 05:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2017-03-09 09:34 - 2017-03-07 04:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
    2017-03-09 09:35 - 2017-02-09 10:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
    2017-03-09 09:35 - 2017-02-09 10:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
    2017-03-09 09:35 - 2017-02-09 10:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
    2017-03-09 09:35 - 2017-02-09 10:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
    2017-03-09 09:35 - 2017-02-09 10:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
    2017-03-09 09:34 - 2017-02-09 10:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
    2017-03-09 09:34 - 2017-02-09 10:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
    2017-03-09 09:34 - 2017-02-09 10:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
    2017-03-09 09:35 - 2017-02-09 10:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
    2017-03-09 09:34 - 2017-02-09 10:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
    2017-03-09 09:34 - 2017-02-09 10:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
    2017-03-09 09:35 - 2017-02-09 10:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
    2017-03-09 09:35 - 2017-02-09 10:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
    2017-03-09 09:34 - 2017-02-09 10:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
    2017-03-09 09:34 - 2017-03-07 05:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
    2017-03-09 09:34 - 2017-02-09 10:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
    2017-03-09 09:34 - 2017-02-09 10:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
    2017-03-09 09:34 - 2017-03-07 05:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
    2017-03-09 09:35 - 2017-02-09 10:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
    2017-03-09 09:35 - 2017-03-07 05:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
    2017-03-09 09:34 - 2017-03-07 05:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
    2017-03-09 09:35 - 2017-02-09 10:30 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
    2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
    2017-02-18 03:34 - 2017-02-18 03:34 - 22958672 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
    2016-12-24 02:10 - 2016-12-24 02:10 - 00323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
    2016-10-01 07:36 - 2016-10-01 07:36 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
     
  9. 2017/03/23
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [135]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\sharepoint.com -> hxxps://ichatspedu.sharepoint.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Control Panel\Desktop\\Wallpaper -> D:\Study Material\NUS\Sem2\CM1502\Electronegativity chart.jpg
    DNS Servers: 137.132.0.254 - 137.132.0.252
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{A91FCD71-505B-44CA-A6AF-397B6980695D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{4BC64510-64C3-481B-9508-7C04C732E66B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
    FirewallRules: [{1BFCCB6C-0B75-40A2-B6C3-404D0A59F1D5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
    FirewallRules: [{7087BEA1-29DE-4E6F-8379-279D9A611993}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    FirewallRules: [{281BFDD9-AC9F-44D3-A42A-F90BCBD8E8E5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    FirewallRules: [{42D2C929-C773-4334-87E7-7C370B853DD9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{DC7E05DB-FCBA-459E-AFE1-29A9C684C181}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{7BCAEE5B-07B9-4D09-AA04-ED5D4681905C}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{AAF7B55C-F86E-41EA-A57F-388148326B86}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{29421EF0-E5E9-4E36-BCC2-50EBAB393584}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{8F13D6BD-F8DB-47DE-B7EA-B907BEA141E9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
    FirewallRules: [{B969658D-F2BE-4CBF-9987-96A398002F60}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{63CC5990-E9E5-45B3-9939-287C688CE3B2}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{C6564E38-E6DA-4D22-BD11-AC0C030A3F94}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{3942351D-AC73-4552-BCEA-326D0E148AB5}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{912D4188-7B43-4B31-9F63-FD95B858B1FB}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{535FCAA4-2F7A-4CAE-934F-4587D0654C7E}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
    FirewallRules: [{9E885250-670D-46D5-B759-602B98503435}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{81DAD6B0-AB98-4E03-85B3-009A99B16635}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{638DBFA6-ADFB-4484-9121-2ABE06D26CF9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{8671A947-94DB-4967-B28D-4964A504544C}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{9EE34C8D-69AC-4955-A421-6204F9CFA8B5}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{390E461C-EFF5-402D-A4AF-91B36445A7C2}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
    FirewallRules: [{48F80170-46A0-4BE6-B2D7-47F489A0AE50}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{73DAC044-86A1-471E-ABF6-A0F5617E6F65}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{A07E6598-6F53-40CF-8D09-EB4B3EA69D99}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{16492CEB-D723-48D4-960F-A8513ADE97A1}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{63D06C57-7887-4134-89FE-0F57E3553D5B}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{86EA128E-48F6-4855-AE0D-E0CD64FBD677}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
    FirewallRules: [{335D9ACB-B888-4367-8EC6-A23027E4D8F2}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{B9A62A92-BCAE-4574-B6BE-149A6715428F}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{3AB4F339-B007-4D7D-9570-7B223B574492}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{7CD29E55-2CF5-400A-9DBA-F5A9DA38E9B2}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{7D1C8BA5-C9F6-4B77-98D4-46DBB618B79E}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{002EC304-73E0-4530-AB5A-63BEE9CE7CAA}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
    FirewallRules: [{9C8C1A32-18AA-4D5D-98C9-4B6EBACA8D2A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{C3912C72-EA1B-4420-9114-D79877C4AC8B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{070FB716-5FFD-4A49-962B-C0F4187049CF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{4CB73550-23AD-4237-B1C6-75270803A86A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{08DAE8E2-C484-4506-B5A9-66DF3387D165}] => (Allow) F:\Microsoft Project Pro 2013 SP1 VL x64 en-US[rarbg]\Microsoft Toolkit.exe
    FirewallRules: [{46FE5F7C-60A1-4802-BF77-093332C050C8}] => (Allow) F:\Microsoft Project Pro 2013 SP1 VL x64 en-US[rarbg]\Microsoft Toolkit.exe
    FirewallRules: [{DF5C156F-D606-446F-BE41-AE4D27E37917}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{6BB98E9B-FF97-4FB8-853A-E4FAF3CD75EA}] => (Allow) LPort=2869
    FirewallRules: [{35BC7EA6-18C8-40B8-A616-8F8D2EA9DA67}] => (Allow) LPort=1900
    FirewallRules: [{1AA79CEC-A987-4C13-9286-6CB3BDB92C1C}] => (Allow) C:\Users\User\AppData\Local\Doyo\drvdown\download\MiniThunderPlatform.exe
    FirewallRules: [{501B833C-BFF1-45A8-849F-9EB93F30B64E}] => (Allow) C:\Users\User\AppData\Local\Doyo\DYService.exe
    FirewallRules: [{1C45797D-99A6-4473-AC81-0B9344D30C42}] => (Allow) C:\Users\User\AppData\Local\Doyo\MiniDown\download\MiniThunderPlatform.exe
    FirewallRules: [TCP Query User{236AA815-3ECE-4088-AC83-D9A7BDD458F0}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{6D033F11-FCC1-48B9-865F-A51930F7A13D}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [TCP Query User{D10F3954-6E4C-4410-8C17-A3DBB85B5F85}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{5F1CDCA3-467B-4C13-AC12-E5A97DF00513}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [{ADE451A1-F205-4F9F-92AA-7E97E78B1E54}] => (Allow) C:\Program Files (x86)\Letv\letv360.exe
    FirewallRules: [{B62BC3CF-E0E8-4992-9FA8-CA23A2425946}] => (Allow) C:\Program Files (x86)\Letv\letv360.exe
    FirewallRules: [TCP Query User{24EFC1E4-521F-4156-9A0C-5E46278A96D2}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
    FirewallRules: [UDP Query User{99C1BA46-1307-483D-A3C2-CBE133BAEF1F}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
    FirewallRules: [TCP Query User{BE98410B-1DB2-401A-A005-F43591F48FAD}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
    FirewallRules: [UDP Query User{7BB5EB2B-3E2E-4A34-9467-8109B84522DC}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
    FirewallRules: [{CCD60465-B3BE-4D20-BA81-1215F826EAF2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{CA185C25-38C3-4860-B2FC-C3B886107148}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{F0DCADC8-5D99-410F-8F31-8ABF7EC57576}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
    FirewallRules: [{3BF4294A-3D72-4D79-A690-3F9264E10BC8}] => (Allow) C:\ProgramData\Newjob\Newjob.exe
    FirewallRules: [{38AF029C-111C-40CE-8715-10F8E25BF8B0}] => (Allow) C:\ProgramData\Fishlose\Fishlose.exe
    FirewallRules: [TCP Query User{0C58AB5F-FDCA-48A5-B80F-B7BB63622B8F}C:\program files (x86)\willjob\application\chrome.exe] => (Block) C:\program files (x86)\willjob\application\chrome.exe
    FirewallRules: [UDP Query User{B59628BC-5522-4897-B55F-17D8366A34BF}C:\program files (x86)\willjob\application\chrome.exe] => (Block) C:\program files (x86)\willjob\application\chrome.exe
    FirewallRules: [{4369E5B7-E538-40A9-A691-A15DED59467A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{19216B93-2C52-4240-8DE7-D979AD777B37}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [TCP Query User{984AB920-991F-477B-BDD3-A9B9E37EDB95}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{BB5DA6FF-9238-42C0-84EE-B555F60BF522}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
    FirewallRules: [{2A8EA24B-1E67-4455-8B7D-EDB22664E77A}] => (Allow) LPort=62947
    FirewallRules: [{3D124470-659E-4198-89AA-895781A1A9E2}] => (Allow) LPort=5000
    FirewallRules: [{20BB0891-91E7-48D5-90E2-6675C0944F37}] => (Allow) C:\Program Files\Autodesk\Desktop Connect\forever\node.exe
    FirewallRules: [TCP Query User{A64E9BB1-FD6C-4601-A408-BBD85F1DA260}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
    FirewallRules: [UDP Query User{BD916DEB-A0BD-43ED-BC9D-9A82A257D448}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
    FirewallRules: [TCP Query User{1416CFD7-F9D5-4E0E-84EF-146BA124BE85}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{76B3ED28-9682-4CE7-84CD-FF2A34126127}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
    FirewallRules: [{F4A75FD3-5D08-4356-A88B-FBE0706F8AD4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{AAC41570-4409-4667-80A6-B8370BE240C0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{1F6B3AE6-4B36-4513-B924-60E69C3327A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{3488D9B9-7413-4DE7-BE27-CE14F35F2DA0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{28FE39AB-BA90-4443-9C45-3B681ADC3A3D}] => (Allow) C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
    FirewallRules: [{3367616B-0118-4E66-B0C0-6F4304503A8C}] => (Allow) C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
    FirewallRules: [{189ECFAF-6F03-4CB0-8CE7-E442B2C53D6F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{33625DDE-F026-4450-AB57-8A5DDFBF7992}] => (Allow) C:\Program Files (x86)\Stancine\Application\chrome.exe
    FirewallRules: [{1D645050-C3E8-4D28-A304-11654B7505ED}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
    FirewallRules: [{E7C9FA44-0E65-49D4-A4FC-41C4E7D276E1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    FirewallRules: [{701D2324-E8EA-41DB-9242-3D84AFF64950}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
    FirewallRules: [{7D998B99-D647-4C48-98D1-9D00777F229D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
    StandardProfile\AuthorizedApplications: [C:\Users\User\AppData\Local\Doyo\DYService.exe] => Enabled:¶ºÓÎÏÂÔØ·þÎñ

    ==================== Restore Points =========================

    15-03-2017 20:25:47 JRT Pre-Junkware Removal
    15-03-2017 20:26:43 JRT Pre-Junkware Removal
    16-03-2017 23:59:30 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
    17-03-2017 00:01:57 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
    22-03-2017 13:06:41 Revo Uninstaller Pro's restore point - amulesw

    ==================== Faulty Device Manager Devices =============

    Name:
    Description:
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (03/22/2017 01:09:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: b54

    Start Time: 01d2a2c9c84f4116

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: bd56fcda-0ebd-11e7-82bf-acd1b84b0fa0

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (03/22/2017 12:45:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1dcc

    Start Time: 01d2a2c0513adcdf

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 46391290-0eba-11e7-82bf-acd1b84b0fa0

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (03/22/2017 12:44:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1109

    Error: (03/22/2017 12:44:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1109

    Error: (03/22/2017 12:01:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (03/22/2017 11:48:56 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: STSensorInfoApp.exe, version: 0.0.0.0, time stamp: 0x531fca82
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17936, time stamp: 0x55a68dd1
    Exception code: 0xc0000142
    Fault offset: 0x0009d4f2
    Faulting process id: 0xb00
    Faulting application start time: 0x01d2a2bf35ac2bff
    Faulting application path: C:\Program Files\ASUS\ASUS FlipLock\STSensorInfoApp.exe
    Faulting module path: KERNELBASE.dll
    Report Id: 793fae29-0eb2-11e7-82bf-acd1b84b0fa0
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (03/22/2017 09:33:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1140

    Error: (03/22/2017 09:33:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1140

    Error: (03/22/2017 09:33:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (03/22/2017 09:04:54 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: STSensorInfoApp.exe, version: 0.0.0.0, time stamp: 0x531fca82
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17936, time stamp: 0x55a68dd1
    Exception code: 0xc0000142
    Fault offset: 0x0009d4f2
    Faulting process id: 0xfc0
    Faulting application start time: 0x01d2a2a84982f515
    Faulting application path: C:\Program Files\ASUS\ASUS FlipLock\STSensorInfoApp.exe
    Faulting module path: KERNELBASE.dll
    Report Id: 8ec38a6b-0e9b-11e7-82bf-acd1b84b0fa0
    Faulting package full name:
    Faulting package-relative application ID:


    System errors:
    =============
    Error: (03/22/2017 12:47:07 PM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.63.222.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/22/2017 12:47:03 PM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.63.222.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/22/2017 12:47:00 PM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :20" could not be registered on the interface with IP address 172.23.63.222.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/22/2017 12:47:00 PM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.63.222.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/22/2017 12:47:00 PM) (Source: Server) (EventID: 2505) (User: )
    Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF} because another computer on the network has the same name. The server could not start.

    Error: (03/22/2017 11:37:02 AM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :20" could not be registered on the interface with IP address 172.23.179.114.
    The computer with the IP address 137.132.4.25 did not allow the name to be claimed by
    this computer.

    Error: (03/22/2017 11:20:04 AM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.179.114.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/22/2017 11:20:04 AM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.179.114.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/22/2017 11:20:04 AM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.179.114.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.

    Error: (03/22/2017 11:20:00 AM) (Source: NetBT) (EventID: 4321) (User: )
    Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.179.114.
    The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
    this computer.


    CodeIntegrity:
    ===================================
    Date: 2017-03-15 12:40:24.737
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-15 12:40:03.899
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-15 11:11:39.379
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-15 11:11:35.648
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-15 10:43:12.874
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-15 10:42:38.343
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-14 19:06:55.115
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-14 19:06:54.989
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-14 19:06:54.981
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

    Date: 2017-03-14 18:41:54.067
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
    Percentage of memory in use: 79%
    Total physical RAM: 3979.43 MB
    Available physical RAM: 805.48 MB
    Total Virtual: 9099.43 MB
    Available Virtual: 3924.85 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:69.5 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (Data) (Fixed) (Total:263.35 GB) (Free:199.64 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: A60BBD6E)

    Partition: GPT.

    ==================== End of Addition.txt ============================
     
  10. 2017/03/23
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,483
    Likes Received:
    103
    Trophy Points:
    843
    Location:
    Daly City, CA
    Computer Experience:
    Experienced
    That's incorrect.
    You were supposed to run fix not a scan.
    Re-read my previous reply.
     
  11. 2017/03/30
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    Hey broni, sorry for the late reply. I was busy in these few days and wasn't able to get online/ Can you give 3 more days to this because my friend's laptop isn't with me right now. Thank you.
     
  12. 2017/03/31
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,483
    Likes Received:
    103
    Trophy Points:
    843
    Location:
    Daly City, CA
    Computer Experience:
    Experienced
    No problem :)
     
  13. 2017/04/03
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    Sorry that recently too busy with academic stuff. The following is the fixlog:

    Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
    Ran by User (23-03-2017 13:01:36) Run:2
    Running from C:\Users\User\Downloads
    Loaded Profiles: User (Available Profiles: User)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    GroupPolicy: Restriction <======= ATTENTION
    S3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [567808 2016-12-09] () <==== ATTENTION
    C:\Program Files (x86)\Common Files\Services\iThemes.dll
    S2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-10-28] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION
    C:\Windows\system32\themeservice.dll
    S2 WinSnare; C:\Users\User\AppData\Roaming\WinSnare\WinSnare.dll [776704 2017-03-12] (InterSect Alliance Pty Ltd) <==== ATTENTION
    S2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1254960 2016-08-29] (ExWzp Pvt Ltd.) <==== ATTENTION
    S2 ed2kidle; "C:\Program Files (x86)\amuleC\ed2k.exe" -downloadwhenidle [X] <==== ATTENTION
    C:\Users\User\AppData\Roaming\WinSnare\WinSnare.dll
    S2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe
    S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
    S3 dbx; system32\DRIVERS\dbx.sys [X]
    S0 msahci; system32\drivers\msahci.sys [X]
    C:\ProgramData\RefreshReg.vbs
    C:\ProgramData\Google Chrome.lnk.bat
    C:\ProgramData\Mozilla Firefox.lnk.bat


    *****************

    C:\Windows\system32\GroupPolicy\Machine => moved successfully
    iThemes5 => service not found.
    "C:\Program Files (x86)\Common Files\Services\iThemes.dll" => not found.
    HKLM\System\CurrentControlSet\Services\Themes\\DependOnService => value not found.
    "C:\Windows\system32\themeservice.dll" => not found.
    WinSnare => service not found.
    winzipersvc => service not found.
    ed2kidle => service not found.
    "C:\Users\User\AppData\Roaming\WinSnare\WinSnare.dll" => not found.
    winzipersvc => service not found.
    aswHdsKe => service not found.
    dbx => service not found.
    msahci => service not found.
    "C:\ProgramData\RefreshReg.vbs" => not found.
    "C:\ProgramData\Google Chrome.lnk.bat" => not found.
    "C:\ProgramData\Mozilla Firefox.lnk.bat" => not found.


    The system needed a reboot.

    ==== End of Fixlog 13:01:37 ====
     
  14. 2017/04/03
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,483
    Likes Received:
    103
    Trophy Points:
    843
    Location:
    Daly City, CA
    Computer Experience:
    Experienced
    Last scans...

    [​IMG] Download Security Check from here or here and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
    NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
    NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


    [​IMG] Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services

    Press "Scan".
    It will create a log (FSS.txt) in the same directory the tool is run.
    Please copy and paste the log to your reply.


    [​IMG] Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    [​IMG] Download Sophos Free Virus Removal Tool and save it to your desktop.
    • Double click the icon and select Run
    • Click Next
    • Select I accept the terms in this license agreement, then click Next twice
    • Click Install
    • Click Finish to launch the program
    • Once the virus database has been updated click Start Scanning
    • If any threats are found click Details, then View log file... (bottom left hand corner)
    • Copy and paste the results in your reply
    • Close the Notepad document, close the Threat Details screen, then click Start cleanup
    • Click Exit to close the program
     
  15. 2017/04/05
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    Today when I look for some files in my local disk C I saw a lot of empty folder with weird name which can't be deleted =(
    It is shown in the following link:

    http://i66.tinypic.com/2ivihr7.jpg
     
  16. 2017/04/05
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,483
    Likes Received:
    103
    Trophy Points:
    843
    Location:
    Daly City, CA
    Computer Experience:
    Experienced
    Since they're empty, most likely safe to delete.
     
  17. 2017/04/11
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    Results of screen317's Security Check version 1.014 --- 12/23/15
    x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Avast Antivirus
    Windows Defender
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Java version 32-bit out of Date!
    Adobe Flash Player 22.0.0.144
    Mozilla Firefox 29.0 Firefox out of Date!
    Google Chrome (57.0.2987.133)
    Google Chrome (SetupMetrics...)
    Google Chrome (temp...)
    ````````Process Check: objlist.exe by Laurent````````
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````
     
  18. 2017/04/11
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    Farbar Service Scanner Version: 27-01-2016
    Ran by User (administrator) on 11-04-2017 at 22:39:12
    Running from "C:\Users\User\Downloads"
    Microsoft Windows 8.1 Single Language (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.
     
  19. 2017/04/11
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,483
    Likes Received:
    103
    Trophy Points:
    843
    Location:
    Daly City, CA
    Computer Experience:
    Experienced
    FSS log is incomplete.
     
  20. 2017/04/11
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    2017-04-11 14:50:11.010 Sophos Virus Removal Tool version 2.5.6
    2017-04-11 14:50:11.010 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

    2017-04-11 14:50:11.010 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

    2017-04-11 14:50:11.010 Windows version 6.2 SP 0.0 build 9200 SM=0x300 PT=0x1 WOW64
    2017-04-11 14:50:11.010 Checking for updates...
    2017-04-11 14:50:11.525 Update progress: proxy server not available
    2017-04-11 14:50:23.885 Option all = no
    2017-04-11 14:50:24.323 Option recurse = yes
    2017-04-11 14:50:24.323 Option archive = no
    2017-04-11 14:50:24.323 Option service = yes
    2017-04-11 14:50:24.323 Option confirm = yes
    2017-04-11 14:50:24.323 Option sxl = yes
    2017-04-11 14:50:24.323 Option max-data-age = 35
    2017-04-11 14:50:24.323 Option vdl-logging = yes
    2017-04-11 14:50:24.323 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2017-04-11 14:50:24.323 Machine ID: a4db2b960d954b1aa26948cadfca7a0a
    2017-04-11 14:50:24.323 Component SVRTcli.exe version 2.5.6
    2017-04-11 14:50:24.323 Component control.dll version 2.5.6
    2017-04-11 14:50:24.323 Component SVRTservice.exe version 2.5.6
    2017-04-11 14:50:24.323 Component engine\osdp.dll version 1.44.1.2281
    2017-04-11 14:50:24.323 Component engine\veex.dll version 3.68.1.2281
    2017-04-11 14:50:24.323 Component engine\savi.dll version 9.0.7.2281
    2017-04-11 14:50:24.526 Component rkdisk.dll version 1.5.31.1
    2017-04-11 14:50:24.526 Version info: Product version 2.5.6
    2017-04-11 14:50:24.526 Version info: Detection engine 3.68.1
    2017-04-11 14:50:24.526 Version info: Detection data 5.38
    2017-04-11 14:50:24.526 Version info: Build date 4/4/2017
    2017-04-11 14:50:24.526 Version info: Data files added 184
    2017-04-11 14:50:24.526 Version info: Last successful update (not yet updated)
    2017-04-11 14:51:02.268 Downloading updates...
    2017-04-11 14:51:02.273 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
    2017-04-11 14:51:02.273 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-04-11 14:51:02.273 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-04-11 14:51:02.273 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
    2017-04-11 14:51:02.273 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
    2017-04-11 14:51:02.273 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
    2017-04-11 14:51:02.273 Update progress: [I49502] sdds.data0910.xml: found supplement IDE539 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
    2017-04-11 14:51:02.273 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE539 LATEST path=
    2017-04-11 14:51:02.273 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE539 LATEST path=
    2017-04-11 14:51:02.273 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product IDE539 LATEST path=]
    2017-04-11 14:51:02.273 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
    2017-04-11 14:51:02.273 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
    2017-04-11 14:51:02.273 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
    2017-04-11 14:51:02.273 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
    2017-04-11 14:51:02.273 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
    2017-04-11 14:51:02.273 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-04-11 14:51:04.097 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
    2017-04-11 14:51:04.097 Update progress: [I19463] Product download size 162626989 bytes
    2017-04-11 14:52:47.220 Update progress: [I19463] Syncing product IDE539 LATEST path=
    2017-04-11 14:52:47.220 Update progress: [I19463] Product download size 2453408 bytes
    2017-04-11 14:52:47.775 Update progress: [I19463] Syncing product IDE540 LATEST path=
    2017-04-11 14:52:47.775 Update progress: [I19463] Product download size 448391 bytes
    2017-04-11 14:52:47.962 Update progress: [I19463] Syncing product IDE541 LATEST path=
    2017-04-11 14:52:48.056 Installing updates...
    2017-04-11 14:52:48.884 Error level 1
    2017-04-11 14:53:53.937 Update successful
    2017-04-11 14:54:06.602 Option all = no
    2017-04-11 14:54:06.602 Option recurse = yes
    2017-04-11 14:54:06.602 Option archive = no
    2017-04-11 14:54:06.602 Option service = yes
    2017-04-11 14:54:06.602 Option confirm = yes
    2017-04-11 14:54:06.602 Option sxl = yes
    2017-04-11 14:54:06.602 Option max-data-age = 35
    2017-04-11 14:54:06.602 Option vdl-logging = yes
    2017-04-11 14:54:06.602 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2017-04-11 14:54:06.602 Machine ID: a4db2b960d954b1aa26948cadfca7a0a
    2017-04-11 14:54:06.617 Component SVRTcli.exe version 2.5.6
    2017-04-11 14:54:06.617 Component control.dll version 2.5.6
    2017-04-11 14:54:06.617 Component SVRTservice.exe version 2.5.6
    2017-04-11 14:54:06.617 Component engine\osdp.dll version 1.44.1.2281
    2017-04-11 14:54:06.617 Component engine\veex.dll version 3.68.1.2281
    2017-04-11 14:54:06.617 Component engine\savi.dll version 9.0.7.2281
    2017-04-11 14:54:06.617 Component rkdisk.dll version 1.5.31.1
    2017-04-11 14:54:06.617 Version info: Product version 2.5.6
    2017-04-11 14:54:06.617 Version info: Detection engine 3.68.1
    2017-04-11 14:54:06.617 Version info: Detection data 5.38
    2017-04-11 14:54:06.617 Version info: Build date 4/4/2017
    2017-04-11 14:54:06.617 Version info: Data files added 185
    2017-04-11 14:54:06.617 Version info: Last successful update 4/11/2017 10:53:53 PM

    2017-04-11 16:12:20.408 >>> Virus 'Troj/SupTab-E' found in file C:\AdwCleaner\quarantine\files\afnttqeyzwgjxbrvngpeiomkvtixzmvn\wpm.exe
    2017-04-11 16:12:20.502 >>> Virus 'Troj/SupTab-E' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
    2017-04-11 16:12:20.502 >>> Virus 'Troj/SupTab-E' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
    2017-04-11 16:18:20.864 >>> Virus 'Mal/Generic-S' found in file C:\AdwCleaner\quarantine\files\ovaequlpmkogwabfkcgnqrihbuebisuw\WinSnare.dll
    2017-04-11 16:18:20.864 >>> Virus 'Mal/Generic-S' found in file C:\AdwCleaner\quarantine\files\ovaequlpmkogwabfkcgnqrihbuebisuw\WinSnare.dll
    2017-04-11 16:18:20.864 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
    2017-04-11 16:18:20.864 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
    2017-04-11 16:55:07.118 Password protected file C:\GAMS\win32\24.1\testlib_ml\gdxxrw5.xls
    2017-04-11 16:55:09.944 Could not open C:\hiberfil.sys
    2017-04-11 16:55:10.077 Could not open C:\pagefile.sys
    2017-04-11 18:06:48.223 Could not open C:\ProgramData\Autodesk\SDS\SecureDataStorage.sds\LOCK
    2017-04-11 18:08:50.417 Could not open C:\swapfile.sys
    2017-04-11 18:08:50.635 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{128459FE-5F66-418C-8259-AA8736960B8D}
    2017-04-11 18:08:50.635 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{5DF13915-009A-4991-AF76-18E6038AC6C3}
    2017-04-11 18:08:50.635 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{6134CBEF-C144-42E8-8B28-9BCD87FABE9E}
    2017-04-11 18:08:50.635 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{75466759-49C7-4E2B-B21B-4F9BE6C63221}
    2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{79C38FF3-174A-4AA6-95A8-395ED6E1B7B0}
    2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{80DAD8D2-D4C6-4088-BB69-66B8C17965D0}
    2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{94D3D50C-B200-44E1-B427-B571D8E9DA95}
    2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B9ACFCA3-E76A-46BE-A23A-A6CE04473708}
    2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C22406F4-C692-4BB3-8481-F18752E7C595}
    2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C50CCC70-1A66-4A83-8C26-BE88521EA78E}
    2017-04-11 18:08:50.698 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{E519D707-5528-4DB2-9661-491963EE0F55}
    2017-04-11 18:08:50.698 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{F4A87986-9432-4AE8-98F1-D417D9CAC9CC}
    2017-04-11 18:08:50.839 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
    2017-04-11 18:08:50.839 Could not open C:\System Volume Information\{3a6a38a3-18dd-11e7-82c2-bf96870608fb}{3808876b-c176-4e48-b7ae-04046e6cc752}
    2017-04-11 18:08:50.839 Could not open C:\System Volume Information\{48989069-1e7e-11e7-82c2-bf96870608fb}{3808876b-c176-4e48-b7ae-04046e6cc752}
    2017-04-11 18:16:58.889 Could not open C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Current Session
    2017-04-11 18:16:58.889 Could not open C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Current Tabs
    2017-04-11 18:59:57.829 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
    2017-04-11 18:59:57.847 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
    2017-04-11 19:00:09.101 Could not open C:\Windows\System32\config\BBI
    2017-04-11 19:00:09.119 Could not open C:\Windows\System32\config\COMPONENTS
    2017-04-11 19:00:09.251 Could not open C:\Windows\System32\config\RegBack\DEFAULT
    2017-04-11 19:00:09.251 Could not open C:\Windows\System32\config\RegBack\SAM
    2017-04-11 19:00:09.251 Could not open C:\Windows\System32\config\RegBack\SECURITY
    2017-04-11 19:00:09.251 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
    2017-04-11 19:00:09.255 Could not open C:\Windows\System32\config\RegBack\SYSTEM
    2017-04-11 19:50:36.214 The following items will be cleaned up:
    2017-04-11 19:50:36.252 Troj/SupTab-E
    2017-04-11 19:50:36.252 Mal/Generic-S
     
  21. 2017/04/11
    scgoh123

    scgoh123 Well-Known Member Thread Starter

    Joined:
    2009/09/04
    Messages:
    352
    Likes Received:
    2
    Trophy Points:
    233
    Location:
    Singapore
    Computer Experience:
    Still Improving
    Farbar Service Scanner Version: 27-01-2016
    Ran by User (administrator) on 12-04-2017 at 12:16:59
    Running from "C:\Users\User\Downloads"
    Microsoft Windows 8.1 Single Language (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Policy:
    ========================


    Action Center:
    ============


    Windows Update:
    ============
    wuauserv Service is not running. Checking service configuration:
    The start type of wuauserv service is set to Demand. The default start type is Auto.
    The ImagePath of wuauserv service is OK.
    The ServiceDll of wuauserv service is OK.


    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============
    WinDefend Service is not running. Checking service configuration:
    The start type of WinDefend service is set to Demand. The default start type is Auto.
    The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


    Windows Defender Disabled Policy:
    ==========================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware"=DWORD:1


    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => File is digitally signed
    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
    C:\Windows\System32\dhcpcore.dll => File is digitally signed
    C:\Windows\System32\drivers\afd.sys => File is digitally signed
    C:\Windows\System32\drivers\tdx.sys => File is digitally signed
    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
    C:\Windows\System32\dnsrslvr.dll => File is digitally signed
    C:\Windows\System32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\System32\mpssvc.dll => File is digitally signed
    C:\Windows\System32\bfe.dll => File is digitally signed
    C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
    C:\Windows\System32\wscsvc.dll => File is digitally signed
    C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
    C:\Windows\System32\wuaueng.dll => File is digitally signed
    C:\Windows\System32\qmgr.dll => File is digitally signed
    C:\Windows\System32\es.dll => File is digitally signed
    C:\Windows\System32\cryptsvc.dll => File is digitally signed
    C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
    C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
    C:\Windows\System32\ipnathlp.dll => File is digitally signed
    C:\Windows\System32\iphlpsvc.dll => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed


    **** End of log ****
     

Share This Page