Solved Extremely High Disk Activity with various virus infections

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by User (administrator) on ASUS (21-03-2017 12:10:46)
Running from F:\
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 8.1 Single Language (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\notepad2\notepad2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe
(Examsoft Worldwide Inc.) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.SoftShield.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(ASUS) C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-18] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-14] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-09] (Piriform Ltd)
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Loader] => C:\Program Files (x86)\Letv\LeTVLoader.exe #min
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [AfterPlayMonitor] => C:\Users\User\AppData\Roaming\Letv\AfterPlay\AfterPlayMonitor.ex
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\MountPoints2: {494ea61c-2e4f-11e6-828d-acd1b84b0fa0} - "E:\Setup.exe" /s
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
ShellIconOverlayIdentifiers: [0DoyoShell] -> {D655C2B6-46A7-408B-8745-AE81AFC1FDD2} => C:\Users\User\AppData\Local\Doyo\DyShellIcon64.dll [2015-04-27] (Doyo.cn)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Fast Start.lnk [2017-01-11]
ShortcutTarget: SOLIDWORKS 2016 Fast Start.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 137.132.0.254 137.132.0.252
Tcpip\..\Interfaces\{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF}: [DhcpNameServer] 137.132.0.254 137.132.0.252

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-07-13] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-14] (AVAST Software)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-07-13] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-14] (AVAST Software)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xt4h78mw.default [2017-03-21]
FF Extension: (No Name) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xt4h78mw.default\extensions\arthurj8283@gmail.com [not found]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_144.dll [2016-05-10] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-07-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-07-13] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_144.dll [2016-05-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-19] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-08] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-24] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultProfile: chagulybuvertainmibile
CHR HomePage: chagulybuvertainmibile -> hxxp://www.luckysearch123.com?type=hp&ts=1487229756&from=14a10216&uid=toshibaxmq01abf050_z4lkc79ytxxz4lkc79yt&z=049c73437918e7fc6fe3dfegaz7b9m8o9o9t2m2qdg
CHR StartupUrls: chagulybuvertainmibile -> "hxxp://ivle.nus.edu.sg/","hxxp://hotmail.com/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile [2017-03-21] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-15]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-15]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-15]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-15]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-15]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-15]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-15]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-03-15]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (Purple flowers(Non-Aero)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apifmdobolibbidmcdlofnnenabonodd [2015-12-21]
CHR Extension: (Google Cast) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-31]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-12]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-10]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-09]
CHR HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-14] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-14] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [80792 2017-01-10] (Dassault Systèmes SolidWorks Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [253528 2015-11-09] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-03] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-24] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 mitsijm2017; C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-05] (Autodesk, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Ntp2NetSvc; C:\Program Files (x86)\notepad2\notepad2.exe [2340864 2017-02-16] (Don HO don.h@free.fr) [File not signed]
S2 Ntp2UpSvc; C:\Program Files (x86)\Common Files\ntp2UpSvc\notepad2.exe [2340864 2017-02-17] (Don HO don.h@free.fr) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 SoftshieldService; C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe [67848 2017-01-08] (Hewlett-Packard)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-01-10] (SolidWorks) [File not signed]
R2 TransformService; C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe [73528 2014-07-09] (ASUS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 Themes; %SystemRoot%\system32\themeservice.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-14] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-14] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-14] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-14] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-14] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-14] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-14] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-07-30] (ASUS Corporation)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-09] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 m76usb; C:\Windows\System32\drivers\m76usb.sys [539336 2014-04-29] (Ralink Technology Corp.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-16] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-16] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-16] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-16] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [92088 2017-03-21] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-24] (Intel Corporation)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-03-15] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-21 08:22 - 2017-03-21 08:22 - 00001076 _____ C:\Users\User\Desktop\gvh.txt
2017-03-19 20:31 - 2017-03-19 20:31 - 00998400 _____ C:\Users\User\Downloads\hs-diagramHDstaaende.xls
2017-03-19 20:02 - 2017-03-19 20:02 - 00262176 _____ C:\Users\User\Downloads\receipt_A2 Draft E09_Group D.pdf
2017-03-19 19:42 - 2017-03-19 19:42 - 00101376 _____ C:\Users\User\Downloads\F1.ppt
2017-03-18 20:56 - 2017-03-18 20:56 - 00443263 _____ C:\Users\User\Downloads\Water Scarcity in northwestern Cambodia.pptx.pptx
2017-03-18 20:55 - 2017-03-18 20:55 - 00106698 _____ C:\Users\User\Downloads\Draft graphic rep.pptx
2017-03-17 00:04 - 2017-03-17 00:04 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2017-03-17 00:04 - 2017-03-17 00:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-17 00:04 - 2017-03-17 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-15 20:59 - 2017-03-15 21:00 - 13364364 _____ C:\Users\User\Downloads\IMG20170314194836.jpg.zip
2017-03-15 20:59 - 2017-03-15 20:59 - 13586823 _____ C:\Users\User\Downloads\IMG20170314194921.jpg.zip
2017-03-15 20:59 - 2017-03-15 20:59 - 13378035 _____ C:\Users\User\Downloads\IMG20170314195006.jpg.zip
2017-03-15 14:27 - 2017-03-21 12:07 - 00092088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-03-15 14:27 - 2017-03-16 21:37 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-15 14:27 - 2017-03-16 21:37 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-03-15 14:27 - 2017-03-16 21:37 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-03-15 14:27 - 2017-03-16 21:37 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-15 14:27 - 2017-03-15 14:27 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-15 14:27 - 2017-03-15 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-15 14:26 - 2017-03-15 14:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-15 14:26 - 2017-03-15 14:26 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-15 14:26 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-15 13:41 - 2017-03-15 13:41 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-15 13:09 - 2017-03-17 23:09 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2017-03-15 13:01 - 2017-03-15 14:04 - 00000000 ____D C:\AdwCleaner
2017-03-15 12:59 - 2017-03-15 12:59 - 00001122 _____ C:\Users\User\Downloads\fixlist.txt
2017-03-15 10:43 - 2017-03-15 10:43 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-03-15 10:42 - 2017-03-15 10:42 - 00000000 ____D C:\ProgramData\RogueKiller
2017-03-15 10:40 - 2017-03-15 10:40 - 00000872 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-03-15 10:40 - 2017-03-15 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-03-15 10:40 - 2017-03-15 10:40 - 00000000 ____D C:\Program Files\RogueKiller
2017-03-14 20:09 - 2017-03-18 20:10 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-14 20:09 - 2017-03-14 20:06 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-14 20:09 - 2017-03-14 20:06 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-14 20:09 - 2017-03-14 20:06 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-14 20:09 - 2017-03-14 20:06 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-14 20:08 - 2017-03-14 20:08 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-14 11:49 - 2017-03-14 12:16 - 00198774 _____ C:\Windows\ntbtlog.txt
2017-03-14 10:37 - 2017-03-21 12:10 - 00000000 ____D C:\FRST
2017-03-09 22:33 - 2017-03-13 17:24 - 00321487 _____ C:\Users\User\Desktop\Water Scarcity in northwestern Cambodia.pptx
2017-03-09 09:35 - 2017-03-09 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-07 22:46 - 2017-03-12 11:59 - 00079052 _____ C:\Users\User\Documents\Microfluidic.bak
2017-03-07 22:06 - 2017-03-07 22:06 - 00000152 _____ C:\Users\User\Documents\acad.err
2017-03-07 21:05 - 2017-03-07 21:05 - 00000000 ____D C:\Program Files (x86)\58BEB01D_cacayima
2017-03-07 20:42 - 2017-03-07 22:06 - 00112680 _____ C:\Users\User\Documents\Drawing1_recover.dwg
2017-03-07 20:42 - 2017-03-07 20:42 - 00000195 ____H C:\Users\User\Documents\Drawing1.dwl2
2017-03-07 20:42 - 2017-03-07 20:42 - 00000045 ____H C:\Users\User\Documents\Drawing1.dwl
2017-03-07 12:03 - 2017-03-19 12:01 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-03-07 04:50 - 2017-03-07 04:50 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-03-06 13:38 - 2017-03-12 12:02 - 00078729 _____ C:\Users\User\Documents\Microfluidic.dwg
2017-03-06 10:08 - 2017-03-06 10:08 - 00002116 _____ C:\Users\Public\Desktop\AutoCAD 2017 - English.lnk
2017-03-06 10:08 - 2017-03-06 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2017 - English
2017-03-06 10:07 - 2017-03-06 11:27 - 00000000 ____D C:\Users\User\Documents\Inventor Server SDK ACAD 2017
2017-03-05 20:25 - 2017-03-05 20:29 - 00000000 ____D C:\Program Files (x86)\MK
2017-03-05 20:22 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2017-03-05 20:22 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-03-05 20:22 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-03-05 20:22 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2017-03-05 20:22 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2017-03-05 20:22 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2017-03-05 20:22 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2017-03-05 20:22 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2017-03-05 20:22 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2017-03-05 20:22 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2017-03-02 19:25 - 2017-03-15 12:59 - 00023812 _____ C:\Program Files (x86)\metadata
2017-03-01 20:42 - 2017-03-15 19:54 - 00002148 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-01 20:42 - 2017-03-14 11:33 - 00000000 ____D C:\Program Files (x86)\58B6C1AE_cacayima
2017-03-01 20:42 - 2017-03-09 19:39 - 00000000 _____ C:\Windows\SysWOW64\4
2017-03-01 20:42 - 2017-03-09 19:39 - 00000000 _____ C:\Windows\SysWOW64\3
2017-03-01 18:21 - 2017-03-01 18:22 - 00000000 ____D C:\Users\User\AppData\Local\WhatsApp
2017-02-28 17:27 - 2017-02-28 17:33 - 82418960 _____ (WhatsApp) C:\Users\User\Downloads\WhatsAppSetup.exe
2017-02-27 12:59 - 2017-02-27 12:59 - 00341094 _____ C:\Users\User\Downloads\Final Assignment2.pdf
2017-02-27 12:11 - 2017-02-27 12:11 - 00063649 _____ C:\Users\User\Downloads\bridge3.159.0_en.html
2017-02-21 02:39 - 2017-02-21 02:48 - 00000000 ____D C:\Program Files (x86)\dm72nb8v
2017-02-21 00:55 - 2017-02-21 01:03 - 00000000 ____D C:\Program Files (x86)\r2i2joqg
2017-02-20 22:39 - 2017-02-20 22:47 - 00000000 ____D C:\Program Files (x86)\ia1cpuc6
2017-02-20 20:39 - 2017-02-20 20:53 - 00000000 ____D C:\Program Files (x86)\dwyhdf69
2017-02-20 20:16 - 2017-02-20 20:24 - 00000000 ____D C:\Program Files (x86)\0wbg7wae
2017-02-20 17:14 - 2017-02-20 17:17 - 00168454 _____ C:\Users\User\Downloads\The Hydrolysis of t-Butyl Chloride updated.doc.crdownload
2017-02-20 16:39 - 2017-02-20 17:04 - 00000000 ____D C:\Program Files (x86)\lw2zy2ie
2017-02-20 15:57 - 2017-02-20 16:18 - 00000000 ____D C:\Program Files (x86)\gyzi4t6u
2017-02-19 23:29 - 2017-02-19 23:31 - 03087864 _____ (Google) C:\Users\User\Downloads\chrome_cleanup_tool.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-21 11:53 - 2015-11-09 00:31 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-03-21 11:39 - 2015-07-13 04:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-21 08:13 - 2016-08-16 21:48 - 00000554 _____ C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job
2017-03-21 08:03 - 2015-07-13 09:19 - 00003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{870AB941-DEA7-4AE7-ACD4-F8FC5B4235A8}
2017-03-19 20:54 - 2015-07-13 03:45 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2017-03-19 20:47 - 2015-07-13 03:51 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3023424667-1579791547-2771295078-1001
2017-03-19 12:01 - 2016-09-03 11:25 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-03-18 21:53 - 2015-11-09 00:31 - 00000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-03-18 15:29 - 2016-03-07 16:43 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-03-17 00:04 - 2014-12-04 00:56 - 00000000 ____D C:\ProgramData\Skype
2017-03-17 00:03 - 2017-01-10 16:37 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-16 20:47 - 2015-07-13 09:18 - 00000000 ____D C:\Users\User\OneDrive
2017-03-16 20:47 - 2014-03-18 17:53 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-16 20:47 - 2013-08-22 21:36 - 00000000 ____D C:\Windows\Inf
2017-03-16 20:45 - 2015-11-09 00:41 - 00000000 ___RD C:\Users\User\Dropbox
2017-03-15 20:29 - 2015-07-13 05:59 - 00000000 ____D C:\Program Files (x86)\SogouInput
2017-03-15 20:13 - 2015-07-13 03:49 - 00000094 _____ C:\Users\User\AppData\Roaming\sp_data.sys
2017-03-15 20:10 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-15 20:05 - 2013-08-22 22:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-15 19:50 - 2015-12-21 09:39 - 00000000 ____D C:\Users\User\AppData\Local\dmcache
2017-03-15 19:31 - 2017-01-10 16:20 - 00000000 ____D C:\Users\User\AppData\Local\Akamai
2017-03-15 14:58 - 2016-09-29 08:44 - 00003884 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1475109879
2017-03-15 14:58 - 2016-09-29 08:44 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-15 14:17 - 2013-08-22 21:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-15 14:03 - 2017-01-08 20:37 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-15 14:03 - 2016-08-23 23:02 - 00000000 ____D C:\Windows\system32\log
2017-03-15 13:41 - 2015-12-21 13:39 - 00000000 ____D C:\temp
2017-03-15 12:52 - 2013-08-22 23:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 12:52 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\AppReadiness
2017-03-15 12:45 - 2016-08-22 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2017-03-15 12:31 - 2013-08-22 23:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-03-15 04:36 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-03-14 20:09 - 2015-07-13 05:03 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-14 20:09 - 2015-07-13 05:03 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 20:08 - 2015-07-13 05:03 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148949336453104
2017-03-14 20:08 - 2015-07-13 05:03 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148949336717106
2017-03-14 20:08 - 2015-07-13 05:03 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-14 20:08 - 2015-07-13 05:03 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-14 20:08 - 2015-07-13 05:03 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-14 20:08 - 2015-07-13 05:03 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-14 20:08 - 2015-07-13 05:03 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-14 20:07 - 2016-09-27 18:10 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-14 20:07 - 2015-07-13 05:03 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-14 11:34 - 2013-08-22 22:44 - 00616208 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-14 11:33 - 2015-11-09 00:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-11 17:45 - 2013-08-22 23:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-11 17:41 - 2016-08-23 16:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-11 17:13 - 2017-01-10 20:24 - 00000000 ____D C:\Users\Public\Documents\.forever
2017-03-09 21:43 - 2016-08-19 19:06 - 00000000 ____D C:\Users\User\AppData\Roaming\WhatsApp
2017-03-09 09:36 - 2015-11-09 00:30 - 00000000 ____D C:\Users\User\AppData\Local\Dropbox
2017-03-07 16:17 - 2017-01-12 11:10 - 00000000 ____D C:\Users\User\AppData\Local\SolidWorks
2017-03-07 16:17 - 2017-01-10 21:58 - 00000000 ____D C:\ProgramData\SOLIDWORKS
2017-03-06 10:14 - 2016-08-18 23:06 - 00000000 ____D C:\ProgramData\Autodesk
2017-03-06 10:10 - 2016-08-18 23:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-03-06 10:10 - 2016-08-18 23:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Autodesk
2017-03-06 10:09 - 2017-01-10 17:59 - 00000000 ____D C:\Program Files (x86)\Autodesk
2017-03-06 10:08 - 2017-01-10 20:03 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2017-03-06 10:08 - 2016-08-18 21:34 - 00000000 ____D C:\Users\User\AppData\Local\Autodesk
2017-03-06 09:48 - 2017-01-10 17:54 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-03-06 09:44 - 2017-01-10 20:03 - 00000000 ____D C:\Program Files\Autodesk
2017-03-05 20:13 - 2017-01-10 16:19 - 00000000 ____D C:\Autodesk
2017-03-02 23:05 - 2017-02-14 22:04 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2017-03-02 20:36 - 2017-01-12 11:16 - 00000000 ____D C:\ProgramData\DassaultSystemes
2017-03-01 18:22 - 2016-08-19 19:06 - 00002174 _____ C:\Users\User\Desktop\WhatsApp.lnk
2017-03-01 18:22 - 2016-08-19 19:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-03-01 18:22 - 2016-08-19 19:05 - 00000000 ____D C:\Users\User\AppData\Local\SquirrelTemp
2017-02-28 20:51 - 2016-12-15 10:01 - 00003162 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 20:51 - 2016-08-23 16:24 - 00003170 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3023424667-1579791547-2771295078-1001
2017-02-28 20:51 - 2016-08-23 16:24 - 00002301 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-02-27 15:20 - 2017-01-24 08:40 - 00000000 ___HD C:\Users\Public\Documents\.adata
2017-02-27 15:20 - 2017-01-24 08:39 - 00000000 ____D C:\ProgramData\SofTest
2017-02-22 00:21 - 2015-07-13 04:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2017-03-02 19:25 - 2017-03-15 12:59 - 0023812 _____ () C:\Program Files (x86)\metadata
2015-11-26 22:24 - 2015-11-26 22:24 - 0000000 _____ () C:\Users\User\AppData\Roaming\7C61.tmp
2015-11-09 01:14 - 2016-08-01 17:46 - 0003072 _____ () C:\Users\User\AppData\Roaming\Photobook Designer Prefsv3
2015-07-13 03:49 - 2017-03-15 20:13 - 0000094 _____ () C:\Users\User\AppData\Roaming\sp_data.sys
2015-12-28 09:07 - 2015-11-26 22:24 - 0813056 _____ () C:\Users\User\AppData\Roaming\trz154.tmp
2015-12-17 14:34 - 2015-12-17 14:34 - 0000047 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2015-02-09 16:53 - 2015-02-09 16:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-04 00:56 - 2014-03-27 04:50 - 0000124 _____ () C:\ProgramData\SetStretch.cmd
2014-12-04 00:56 - 2009-07-22 18:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-12-04 00:56 - 2012-09-07 19:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Some files in TEMP:
====================
2017-03-15 10:42 - 2015-07-16 08:29 - 1735000 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-12 12:20

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by User (21-03-2017 12:12:36)
Running from F:\
Windows 8.1 Single Language (Update) (X64) (2015-07-12 19:45:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3023424667-1579791547-2771295078-500 - Administrator - Disabled)
Guest (S-1-5-21-3023424667-1579791547-2771295078-501 - Limited - Disabled)
User (S-1-5-21-3023424667-1579791547-2771295078-1001 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.144 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden
amuleC (HKLM-x32\...\{0F7B5011-72EC-493D-A7BF-546591047E8E}) (Version: 1.0.2 - amuleC) <==== ATTENTION
amulesw (HKLM-x32\...\{13D7C2E9-08E7-4889-94FF-87E707184E53}) (Version: 1.0.7 - amules) <==== ATTENTION
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.1 - Arduino LLC)
ASUS FlipLock (HKLM\...\{9BF8EF7C-4AA1-4CA7-93DB-8F543EB35F4E}) (Version: 1.0.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.6 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.19 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AutoCAD 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk Configurator 360 addin (HKLM-x32\...\{E3EE083F-6856-44AB-BC82-445E2FFB8C1A}) (Version: 21.0.11700 - Autodesk)
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Autodesk Desktop Connect Service (HKLM\...\{FC772454-BB19-0000-0330-44B459520227}) (Version: 3.30.0 - Autodesk)
Autodesk DWG TrueView 2017 - English (HKLM\...\DWG TrueView 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk Featured Apps 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.2317 - Autodesk, Inc.)
Autodesk Guided Tutorial Plugin (HKLM\...\{B3AFC608-D811-0003-0330-21FB25B48D6E}) (Version: 3.30.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2017 (Desktop Content) (HKLM\...\{B46DECD1-2164-4EF1-0000-22D71E81877C}) (Version: 21.0.14200.0000 - Autodesk)
Autodesk Inventor Electrical Catalog Browser 2017 - English (HKLM\...\Autodesk Inventor Electrical Catalog Browser 2017 - English) (Version: 14.0.57.0 - Autodesk)
Autodesk Inventor Electrical Catalog Browser 2017 - English (Version: 14.0.57.0 - Autodesk) Hidden
Autodesk Inventor Electrical Catalog Browser 2017 Language Pack - English (Version: 14.0.57.0 - Autodesk) Hidden
Autodesk Inventor Professional 2017 - English (HKLM\...\Autodesk Inventor Professional 2017) (Version: 21.0.14200.0000 - Autodesk)
Autodesk Inventor Professional 2017 (Version: 21.0.14200.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2017 English Language Pack (Version: 21.0.14200.0000 - Autodesk) Hidden
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2017 (HKLM\...\Autodesk Revit Interoperability for Inventor 2017) (Version: 17.0.411.0 - Autodesk)
Autodesk Revit Interoperability for Inventor 2017 (Version: 17.0.411.0 - Autodesk) Hidden
Autodesk Vault Basic 2017 (Client) (HKLM\...\Autodesk Vault Basic 2017 (Client)) (Version: 22.0.48.0 - Autodesk)
Autodesk Vault Basic 2017 (Client) (Version: 22.0.48.0 - Autodesk) Hidden
Autodesk Vault Basic 2017 (Client) English Language Pack (Version: 22.0.48.0 - Autodesk) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.0.1 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DWG TrueView 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2017 (64-bit) (HKLM\...\{05D87862-35C9-4CB4-92EC-8A1FC97BFF6C}) (Version: 6.4.9.0 - Granta Design Limited)
EnVisionSimulation-V2.772 (HKLM-x32\...\{A17D773B-A443-4697-9FBD-41481508C2C4}) (Version: 2.77.2000 - GSE EnVision LLC)
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
GAMS win32 24.1.1 (HKLM-x32\...\GAMS win32 24.1_is1) (Version: GAMS 24.1.1 - GAMS Development)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Graphmatica (HKLM-x32\...\{EB2AE318-0A58-4E3E-A463-3DE071CD9E01}) (Version: 2.4.0.0 - kSoft)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation)
Inventor Connected Desktop for A360 (HKLM\...\{1FA52755-1FBC-0001-0330-7CEA1F3736D8}) (Version: 3.30.0 - Autodesk)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MATLAB R2016a (HKLM\...\Matlab R2016a) (Version: 9.0 - MathWorks)
Mediatek Bluetooth (HKLM\...\{878D7C14-18BD-7A70-9292-C0B3CE374125}) (Version: 11.0.754.0 - Mediatek)
Mendeley Desktop 1.16.3 (HKLM-x32\...\Mendeley Desktop) (Version: 1.16.3 - Mendeley Ltd.)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 en-US)) (Version: 29.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Photobook Designer (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Photobook Designer) (Version: Photobook Designer 2015.2.0 - Photobook Worldwide)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.47.0 - Ralink)
RAR File Open Knife - Free Opener (HKLM-x32\...\RAR File Open Knife - Free Opener) (Version: 6.50 - Philipp Winterberg)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7266 - Realtek Semiconductor Corp.)
RogueKiller version 12.10.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.0.0 - Adlice Software)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Social Network Visualizer (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\{c97d1a9d-84b6-4bcc-ad4c-3f133eab5a83}) (Version: 2.0 - dimitris.kalamaras@gmail.com)
SofTest v11 (HKLM-x32\...\InstallShield_{C1D2914D-1088-4D4C-A743-2F22BD084B24}) (Version: 11.33.207 - Examsoft)
SofTest v11 (x32 Version: 11.33.207 - Examsoft) Hidden
Software Catalogue Client 1.2 (HKLM-x32\...\Software Catalogue Client 1.2_is1) (Version: - )
SOLIDWORKS 2016 x64 Edition SP02 (Version: 24.120.50 - Dassault Systemes SolidWorks Corp) Hidden
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 4.0.0.0 - Stellar Information Systems Ltd)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24322 - TeamViewer)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WhatsApp (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\WhatsApp) (Version: 0.2.3572 - WhatsApp)
Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinSnare (HKLM-x32\...\{8AD83541-D15E-47D0-ABB7-6D1A065BFB49}) (Version: 4.2.9 - WinSnare) <==== ATTENTION
WinZip (HKLM-x32\...\WinZip) (Version: 2.3.4 - Winzipper Pvt Ltd.) <==== ATTENTION
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
搜狗拼音输入法 6.5正式版 (HKLM-x32\...\Sogou Input) (Version: 6.5.0.9181 - Sogou.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{32CDFF57-8CBA-4960-89B1-EC3FA58FB17A}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\User\AppData\Local\Autodesk\webdeploy\production\64cd1225aaecdd36644b12e5453e4d4c995e22b0\NPreview10.dll ()
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)

 

CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02494446-6573-4FEF-9668-D74A84CE2A14} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {0806D5A1-12B1-4DB1-A4F3-0351905BC14A} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {16178547-B6FF-488E-9005-10767F0E7F53} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-28] (ASUSTek Computer Inc.)
Task: {19F5DDE7-D516-4301-A9E1-06F93F0A0007} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {1A7070E6-1A47-4C07-922B-04DE4C09433E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-02-19] (Microsoft Corporation)
Task: {1CF75DDA-3DB6-4F65-945E-8FF3D501FE5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-08] (Google Inc.)
Task: {24248C31-0D20-4AF1-A6D0-E860D00DAEAC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-03] (ASUSTek Computer Inc.)
Task: {30FC0ABD-E183-4CA5-A643-E1CAF55C43A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {32FC8434-5DBB-48F2-9133-238BE3C06CF5} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-12] (ASUSTek Computer Inc.)
Task: {4BF7E1C0-264A-497C-830E-DF22873A3FFA} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {5245DDF7-656E-40A1-9202-553FB44CD03C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-08] (Google Inc.)
Task: {66C9EF2A-71D9-4F04-BBC2-E5F93880A190} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-02-19] (Microsoft Corporation)
Task: {76EBFC5A-76B5-4661-A520-4E90CFCB5ECC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {7B06CD07-9839-4F0D-8E5C-0B207ED136A5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-14] (AVAST Software)
Task: {8687D5AE-8761-4C0A-8B1C-5026D4FBF2A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {94A3671A-77FC-4DF4-9856-2AF104D3FEF7} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-07-30] (AsusTek)
Task: {9CAD7D46-35EF-4D28-98E6-91F633C34F4D} - System32\Tasks\MATLAB R2016a Startup Accelerator => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe [2015-12-28] ()
Task: {A421700E-64F8-44B9-B678-60ACFA3B528B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-02-19] (Microsoft Corporation)
Task: {AB75C051-3F4B-4C66-965D-D5B6B412086B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {AC9E483E-EBC3-4454-94A5-40A22969BB5B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-09] (Piriform Ltd)
Task: {B123AEC7-DC80-450A-9ED2-D0609218AE18} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {B44F5164-9614-48C6-8CAC-57AC10A95A1B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-03] (ASUS)
Task: {C3CC248F-6E8D-4E27-B614-FB1E185583E3} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-06-04] (Realtek Semiconductor)
Task: {D6F36CC8-7243-41DA-AE3A-A3463EB99019} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26] (Realtek Semiconductor)
Task: {EB30C87F-1A80-49FD-94BD-59AB75DD0112} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-11] (Adobe Systems Incorporated)
Task: {F277435F-BF7C-43E9-880E-2556068B5DFB} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {F8009B75-F720-425C-A752-2FDC21912DFD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {FE244580-70C4-4A38-BD4B-D70AC8781365} - System32\Tasks\SafeZone scheduled Autoupdate 1475109879 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-03-07 16:43 - 2015-11-09 13:40 - 00253528 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-12-15 20:42 - 2015-12-15 20:42 - 00165376 _____ () C:\Program Files\Autodesk\Autodesk Sync\qjson_Ad_0.dll
2015-12-15 20:42 - 2015-12-15 20:42 - 00050176 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2015-12-15 20:42 - 2015-12-15 20:42 - 00062464 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2015-12-15 20:42 - 2015-12-15 20:42 - 00932864 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2017-01-10 21:44 - 2017-01-10 21:44 - 00267672 _____ () C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\sldBodyDiffu.dll
2016-08-01 10:35 - 2016-08-01 10:35 - 00017920 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
2017-01-10 21:08 - 2016-07-01 14:39 - 00061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2017-01-10 21:08 - 2016-07-01 14:39 - 00110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2016-11-18 12:36 - 2016-11-18 12:36 - 00904704 _____ () C:\Program Files (x86)\Examsoft\Softest 11.0\System.Data.SQLite.dll
2015-02-09 16:47 - 2013-10-24 05:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-04-03 06:46 - 2014-04-03 06:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-03 06:46 - 2014-04-03 06:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-03 06:46 - 2014-04-03 06:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-03 06:46 - 2014-04-03 06:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2014-11-05 10:42 - 2014-11-05 10:42 - 00308392 _____ () C:\Users\User\AppData\Roaming\Letv\AfterPlay\curllib.dll
2014-11-05 10:42 - 2014-11-05 10:42 - 00313000 _____ () C:\Users\User\AppData\Roaming\Letv\AfterPlay\CommDll.dll
2016-09-27 18:08 - 2016-09-27 18:08 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-14 20:07 - 2017-03-14 20:07 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-14 20:07 - 2017-03-14 20:07 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-09 09:34 - 2017-03-07 04:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-03-09 09:35 - 2017-02-09 10:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-03-09 09:35 - 2017-02-09 10:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-03-09 09:35 - 2017-02-09 10:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-03-09 09:35 - 2017-02-09 10:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-03-09 09:35 - 2017-02-09 10:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-09 09:34 - 2017-02-09 10:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-09 09:34 - 2017-02-09 10:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-09 09:34 - 2017-02-09 10:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-03-09 09:35 - 2017-02-09 10:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-09 09:34 - 2017-02-09 10:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-09 09:34 - 2017-02-09 10:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-03-09 09:35 - 2017-02-09 10:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-03-09 09:35 - 2017-02-09 10:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 09:34 - 2017-02-09 10:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-09 09:34 - 2017-03-07 05:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-09 09:34 - 2017-02-09 10:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-09 09:34 - 2017-02-09 10:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-09 09:34 - 2017-03-07 05:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-03-09 09:35 - 2017-02-09 10:30 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-01-10 21:08 - 2013-09-24 01:52 - 00043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2017-01-10 21:08 - 2015-11-05 20:07 - 00052224 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2017-01-10 21:08 - 2015-11-05 20:07 - 00195584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2017-01-10 21:08 - 2015-11-05 20:07 - 00742400 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2017-01-10 21:08 - 2016-07-01 14:05 - 00285120 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\en-US\AdWingManRes.dll
2017-01-10 21:08 - 2015-09-08 14:31 - 40640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2017-01-10 21:08 - 2014-09-03 08:29 - 00912384 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2017-01-10 21:08 - 2014-09-03 08:29 - 00134144 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2017-01-10 21:08 - 2014-09-03 08:29 - 00950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2016-08-23 16:37 - 2017-01-29 17:46 - 08929992 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2017-03-15 14:26 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-15 14:26 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-07-15 00:42 - 2015-07-15 00:42 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2017-03-14 20:06 - 2017-03-14 20:06 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-02-18 03:34 - 2017-02-18 03:34 - 22958672 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-12-24 02:10 - 2016-12-24 02:10 - 00323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2016-10-01 07:36 - 2016-10-01 07:36 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [135]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\sharepoint.com -> hxxps://ichatspedu.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Control Panel\Desktop\\Wallpaper -> D:\Study Material\NUS\Sem2\CM1502\Electronegativity chart.jpg
DNS Servers: 137.132.0.254 - 137.132.0.252
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A91FCD71-505B-44CA-A6AF-397B6980695D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4BC64510-64C3-481B-9508-7C04C732E66B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{1BFCCB6C-0B75-40A2-B6C3-404D0A59F1D5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{7087BEA1-29DE-4E6F-8379-279D9A611993}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{281BFDD9-AC9F-44D3-A42A-F90BCBD8E8E5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{42D2C929-C773-4334-87E7-7C370B853DD9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{DC7E05DB-FCBA-459E-AFE1-29A9C684C181}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{7BCAEE5B-07B9-4D09-AA04-ED5D4681905C}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{AAF7B55C-F86E-41EA-A57F-388148326B86}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{29421EF0-E5E9-4E36-BCC2-50EBAB393584}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{8F13D6BD-F8DB-47DE-B7EA-B907BEA141E9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{B969658D-F2BE-4CBF-9987-96A398002F60}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{63CC5990-E9E5-45B3-9939-287C688CE3B2}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{C6564E38-E6DA-4D22-BD11-AC0C030A3F94}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{3942351D-AC73-4552-BCEA-326D0E148AB5}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{912D4188-7B43-4B31-9F63-FD95B858B1FB}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{535FCAA4-2F7A-4CAE-934F-4587D0654C7E}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{9E885250-670D-46D5-B759-602B98503435}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{81DAD6B0-AB98-4E03-85B3-009A99B16635}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{638DBFA6-ADFB-4484-9121-2ABE06D26CF9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{8671A947-94DB-4967-B28D-4964A504544C}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{9EE34C8D-69AC-4955-A421-6204F9CFA8B5}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{390E461C-EFF5-402D-A4AF-91B36445A7C2}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{48F80170-46A0-4BE6-B2D7-47F489A0AE50}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{73DAC044-86A1-471E-ABF6-A0F5617E6F65}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{A07E6598-6F53-40CF-8D09-EB4B3EA69D99}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{16492CEB-D723-48D4-960F-A8513ADE97A1}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{63D06C57-7887-4134-89FE-0F57E3553D5B}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{86EA128E-48F6-4855-AE0D-E0CD64FBD677}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{335D9ACB-B888-4367-8EC6-A23027E4D8F2}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{B9A62A92-BCAE-4574-B6BE-149A6715428F}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{3AB4F339-B007-4D7D-9570-7B223B574492}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{7CD29E55-2CF5-400A-9DBA-F5A9DA38E9B2}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{7D1C8BA5-C9F6-4B77-98D4-46DBB618B79E}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{002EC304-73E0-4530-AB5A-63BEE9CE7CAA}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{9C8C1A32-18AA-4D5D-98C9-4B6EBACA8D2A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C3912C72-EA1B-4420-9114-D79877C4AC8B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{070FB716-5FFD-4A49-962B-C0F4187049CF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4CB73550-23AD-4237-B1C6-75270803A86A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{08DAE8E2-C484-4506-B5A9-66DF3387D165}] => (Allow) F:\Microsoft Project Pro 2013 SP1 VL x64 en-US[rarbg]\Microsoft Toolkit.exe
FirewallRules: [{46FE5F7C-60A1-4802-BF77-093332C050C8}] => (Allow) F:\Microsoft Project Pro 2013 SP1 VL x64 en-US[rarbg]\Microsoft Toolkit.exe
FirewallRules: [{DF5C156F-D606-446F-BE41-AE4D27E37917}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6BB98E9B-FF97-4FB8-853A-E4FAF3CD75EA}] => (Allow) LPort=2869
FirewallRules: [{35BC7EA6-18C8-40B8-A616-8F8D2EA9DA67}] => (Allow) LPort=1900
FirewallRules: [{1AA79CEC-A987-4C13-9286-6CB3BDB92C1C}] => (Allow) C:\Users\User\AppData\Local\Doyo\drvdown\download\MiniThunderPlatform.exe
FirewallRules: [{501B833C-BFF1-45A8-849F-9EB93F30B64E}] => (Allow) C:\Users\User\AppData\Local\Doyo\DYService.exe
FirewallRules: [{1C45797D-99A6-4473-AC81-0B9344D30C42}] => (Allow) C:\Users\User\AppData\Local\Doyo\MiniDown\download\MiniThunderPlatform.exe
FirewallRules: [TCP Query User{236AA815-3ECE-4088-AC83-D9A7BDD458F0}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{6D033F11-FCC1-48B9-865F-A51930F7A13D}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{D10F3954-6E4C-4410-8C17-A3DBB85B5F85}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{5F1CDCA3-467B-4C13-AC12-E5A97DF00513}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{ADE451A1-F205-4F9F-92AA-7E97E78B1E54}] => (Allow) C:\Program Files (x86)\Letv\letv360.exe
FirewallRules: [{B62BC3CF-E0E8-4992-9FA8-CA23A2425946}] => (Allow) C:\Program Files (x86)\Letv\letv360.exe
FirewallRules: [TCP Query User{24EFC1E4-521F-4156-9A0C-5E46278A96D2}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{99C1BA46-1307-483D-A3C2-CBE133BAEF1F}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{BE98410B-1DB2-401A-A005-F43591F48FAD}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{7BB5EB2B-3E2E-4A34-9467-8109B84522DC}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [{CCD60465-B3BE-4D20-BA81-1215F826EAF2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{CA185C25-38C3-4860-B2FC-C3B886107148}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{F0DCADC8-5D99-410F-8F31-8ABF7EC57576}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{3BF4294A-3D72-4D79-A690-3F9264E10BC8}] => (Allow) C:\ProgramData\Newjob\Newjob.exe
FirewallRules: [{38AF029C-111C-40CE-8715-10F8E25BF8B0}] => (Allow) C:\ProgramData\Fishlose\Fishlose.exe
FirewallRules: [TCP Query User{0C58AB5F-FDCA-48A5-B80F-B7BB63622B8F}C:\program files (x86)\willjob\application\chrome.exe] => (Block) C:\program files (x86)\willjob\application\chrome.exe
FirewallRules: [UDP Query User{B59628BC-5522-4897-B55F-17D8366A34BF}C:\program files (x86)\willjob\application\chrome.exe] => (Block) C:\program files (x86)\willjob\application\chrome.exe
FirewallRules: [{4369E5B7-E538-40A9-A691-A15DED59467A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{19216B93-2C52-4240-8DE7-D979AD777B37}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{984AB920-991F-477B-BDD3-A9B9E37EDB95}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{BB5DA6FF-9238-42C0-84EE-B555F60BF522}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2A8EA24B-1E67-4455-8B7D-EDB22664E77A}] => (Allow) LPort=62947
FirewallRules: [{3D124470-659E-4198-89AA-895781A1A9E2}] => (Allow) LPort=5000
FirewallRules: [{20BB0891-91E7-48D5-90E2-6675C0944F37}] => (Allow) C:\Program Files\Autodesk\Desktop Connect\forever\node.exe
FirewallRules: [TCP Query User{A64E9BB1-FD6C-4601-A408-BBD85F1DA260}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{BD916DEB-A0BD-43ED-BC9D-9A82A257D448}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{1416CFD7-F9D5-4E0E-84EF-146BA124BE85}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{76B3ED28-9682-4CE7-84CD-FF2A34126127}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F4A75FD3-5D08-4356-A88B-FBE0706F8AD4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAC41570-4409-4667-80A6-B8370BE240C0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1F6B3AE6-4B36-4513-B924-60E69C3327A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3488D9B9-7413-4DE7-BE27-CE14F35F2DA0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{28FE39AB-BA90-4443-9C45-3B681ADC3A3D}] => (Allow) C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{3367616B-0118-4E66-B0C0-6F4304503A8C}] => (Allow) C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{189ECFAF-6F03-4CB0-8CE7-E442B2C53D6F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{33625DDE-F026-4450-AB57-8A5DDFBF7992}] => (Allow) C:\Program Files (x86)\Stancine\Application\chrome.exe
FirewallRules: [{1D645050-C3E8-4D28-A304-11654B7505ED}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{E7C9FA44-0E65-49D4-A4FC-41C4E7D276E1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{701D2324-E8EA-41DB-9242-3D84AFF64950}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{7D998B99-D647-4C48-98D1-9D00777F229D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
StandardProfile\AuthorizedApplications: [C:\Users\User\AppData\Local\Doyo\DYService.exe] => Enabled:¶ºÓÎÏÂÔØ·þÎñ

==================== Restore Points =========================

15-03-2017 20:25:47 JRT Pre-Junkware Removal
15-03-2017 20:26:43 JRT Pre-Junkware Removal
16-03-2017 23:59:30 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
17-03-2017 00:01:57 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/21/2017 08:15:40 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/21/2017 07:59:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6297

Error: (03/21/2017 07:59:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6297

Error: (03/21/2017 07:59:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/21/2017 07:59:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5156

Error: (03/21/2017 07:59:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5156

Error: (03/21/2017 07:59:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/21/2017 07:59:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3797

Error: (03/21/2017 07:59:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3797

Error: (03/21/2017 07:59:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/21/2017 08:31:25 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.177.252.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/21/2017 08:01:29 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :20" could not be registered on the interface with IP address 172.23.177.252.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/21/2017 08:01:29 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF} because another computer on the network has the same name. The server could not start.

Error: (03/21/2017 08:00:03 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.177.252.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/21/2017 08:00:02 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.177.252.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/21/2017 08:00:02 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :20" could not be registered on the interface with IP address 172.23.177.252.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/21/2017 08:00:01 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF} because another computer on the network has the same name. The server could not start.

Error: (03/20/2017 04:34:48 PM) (Source: DCOM) (EventID: 10010) (User: ASUS)
Description: The server Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.1 did not register with DCOM within the required timeout.

Error: (03/20/2017 04:30:10 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :20" could not be registered on the interface with IP address 172.23.63.81.
The computer with the IP address 137.132.4.25 did not allow the name to be claimed by
this computer.

Error: (03/20/2017 04:30:10 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF} because another computer on the network has the same name. The server could not start.


CodeIntegrity:
===================================
Date: 2017-03-15 12:40:24.737
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-15 12:40:03.899
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-15 11:11:39.379
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-15 11:11:35.648
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-15 10:43:12.874
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-15 10:42:38.343
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-14 19:06:55.115
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-14 19:06:54.989
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-14 19:06:54.981
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-14 18:41:54.067
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 77%
Total physical RAM: 3979.43 MB
Available physical RAM: 907.38 MB
Total Virtual: 9099.43 MB
Available Virtual: 4974.88 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:70.56 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:263.35 GB) (Free:199.7 GB) NTFS
Drive e: (flash it) (Removable) (Total:0.04 GB) (Free:0.04 GB) FAT
Drive f: () (Removable) (Total:3.71 GB) (Free:3.6 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A60BBD6E)

Partition: GPT.

========================================================
Disk: 1 (Size: 38 MB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Size: 3.7 GB) (Disk ID: 2C6B7369)
No partition Table on disk 2.

==================== End of Addition.txt ============================

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by User (administrator) on ASUS (23-03-2017 13:03:14)
Running from C:\Users\User\Downloads
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 8.1 Single Language (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\notepad2\notepad2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe
(Examsoft Worldwide Inc.) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.SoftShield.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(ASUS) C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-18] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-14] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-09] (Piriform Ltd)
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Loader] => C:\Program Files (x86)\Letv\LeTVLoader.exe #min
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [AfterPlayMonitor] => C:\Users\User\AppData\Roaming\Letv\AfterPlay\AfterPlayMonitor.ex
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\MountPoints2: {494ea61c-2e4f-11e6-828d-acd1b84b0fa0} - "E:\Setup.exe" /s
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
ShellIconOverlayIdentifiers: [0DoyoShell] -> {D655C2B6-46A7-408B-8745-AE81AFC1FDD2} => C:\Users\User\AppData\Local\Doyo\DyShellIcon64.dll [2015-04-27] (Doyo.cn)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-07] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Fast Start.lnk [2017-01-11]
ShortcutTarget: SOLIDWORKS 2016 Fast Start.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 137.132.0.254 137.132.0.252
Tcpip\..\Interfaces\{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF}: [DhcpNameServer] 137.132.0.254 137.132.0.252

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-07-13] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-14] (AVAST Software)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-07-13] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-14] (AVAST Software)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xt4h78mw.default [2017-03-22]
FF Extension: (No Name) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xt4h78mw.default\extensions\arthurj8283@gmail.com [not found]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_144.dll [2016-05-10] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-07-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-07-13] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_144.dll [2016-05-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-19] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-08] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-24] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultProfile: chagulybuvertainmibile
CHR HomePage: chagulybuvertainmibile -> hxxp://www.luckysearch123.com?type=hp&ts=1487229756&from=14a10216&uid=toshibaxmq01abf050_z4lkc79ytxxz4lkc79yt&z=049c73437918e7fc6fe3dfegaz7b9m8o9o9t2m2qdg
CHR StartupUrls: chagulybuvertainmibile -> "hxxp://ivle.nus.edu.sg/","hxxp://hotmail.com/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile [2017-03-22] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-15]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-15]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-15]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-15]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-15]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-15]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-15]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-03-15]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (Purple flowers(Non-Aero)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apifmdobolibbidmcdlofnnenabonodd [2015-12-21]
CHR Extension: (Google Cast) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-31]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-12]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-10]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-09]
CHR HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-14] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-14] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [80792 2017-01-10] (Dassault Systèmes SolidWorks Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [253528 2015-11-09] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-03] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-24] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 mitsijm2017; C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-05] (Autodesk, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Ntp2NetSvc; C:\Program Files (x86)\notepad2\notepad2.exe [2340864 2017-02-16] (Don HO don.h@free.fr) [File not signed]
S2 Ntp2UpSvc; C:\Program Files (x86)\Common Files\ntp2UpSvc\notepad2.exe [2340864 2017-02-17] (Don HO don.h@free.fr) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 SoftshieldService; C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe [67848 2017-01-08] (Hewlett-Packard)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-01-10] (SolidWorks) [File not signed]
R2 TransformService; C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe [73528 2014-07-09] (ASUS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 Themes; %SystemRoot%\system32\themeservice.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-14] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-14] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-14] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-14] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-14] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-14] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-14] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-07-30] (ASUS Corporation)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-09] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 m76usb; C:\Windows\System32\drivers\m76usb.sys [539336 2014-04-29] (Ralink Technology Corp.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-16] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-16] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-16] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-16] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [92088 2017-03-22] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-24] (Intel Corporation)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-03-15] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-22 13:03 - 2017-03-22 13:07 - 00031015 _____ C:\Users\User\Downloads\FRST.txt
2017-03-22 12:58 - 2017-03-22 12:59 - 02424832 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2017-03-22 12:53 - 2017-03-22 12:53 - 00000040 _____ C:\Program Files (x86)\settings.dat
2017-03-22 12:53 - 2017-03-22 12:53 - 00000000 ____D C:\Program Files (x86)\reports
2017-03-22 11:57 - 2017-03-22 11:57 - 00000000 ____D C:\Users\User\AppData\Local\VS Revo Group
2017-03-22 11:56 - 2017-03-22 11:56 - 00001095 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2017-03-22 11:56 - 2017-03-22 11:56 - 00000000 ____D C:\ProgramData\VS Revo Group
2017-03-22 11:56 - 2017-03-22 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2017-03-22 11:56 - 2017-03-22 11:56 - 00000000 ____D C:\Program Files\VS Revo Group
2017-03-22 11:56 - 2016-12-21 14:52 - 00040240 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2017-03-22 11:52 - 2017-03-22 11:53 - 11523496 _____ (VS Revo Group ) C:\Users\User\Downloads\RevoUninProSetup.exe
2017-03-22 11:32 - 2017-03-22 11:34 - 16413877 _____ C:\Users\User\Downloads\Re%3a_PCS_Visit_on_10th_March.zip
2017-03-22 09:22 - 2017-03-22 09:22 - 07958528 _____ C:\Users\User\Downloads\chapter-08.ppt
2017-03-22 09:10 - 2017-03-22 09:10 - 01131157 _____ C:\Users\User\Downloads\CM1502_Tutorial_3_answer.pptx
2017-03-22 09:09 - 2017-03-22 09:10 - 183538300 _____ C:\Users\User\Downloads\Chemistry The Molecular Nature Of Matter And Change Fourth Edition.pdf
2017-03-21 21:53 - 2017-03-21 21:53 - 00117452 _____ C:\Users\User\Downloads\Answers to PT3.pdf
2017-03-21 17:45 - 2017-03-21 23:03 - 00107278 _____ C:\Users\User\Desktop\Book1.xlsx
2017-03-21 08:22 - 2017-03-21 08:22 - 00001076 _____ C:\Users\User\Desktop\gvh.txt
2017-03-19 20:31 - 2017-03-19 20:31 - 00998400 _____ C:\Users\User\Downloads\hs-diagramHDstaaende.xls
2017-03-19 19:42 - 2017-03-19 19:42 - 00101376 _____ C:\Users\User\Downloads\F1.ppt
2017-03-18 20:56 - 2017-03-18 20:56 - 00443263 _____ C:\Users\User\Downloads\Water Scarcity in northwestern Cambodia.pptx.pptx
2017-03-18 20:55 - 2017-03-18 20:55 - 00106698 _____ C:\Users\User\Downloads\Draft graphic rep.pptx
2017-03-17 00:04 - 2017-03-17 00:04 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2017-03-17 00:04 - 2017-03-17 00:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-17 00:04 - 2017-03-17 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-15 20:59 - 2017-03-15 21:00 - 13364364 _____ C:\Users\User\Downloads\IMG20170314194836.jpg.zip
2017-03-15 20:59 - 2017-03-15 20:59 - 13586823 _____ C:\Users\User\Downloads\IMG20170314194921.jpg.zip
2017-03-15 20:59 - 2017-03-15 20:59 - 13378035 _____ C:\Users\User\Downloads\IMG20170314195006.jpg.zip
2017-03-15 14:27 - 2017-03-22 09:04 - 00092088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-03-15 14:27 - 2017-03-16 21:37 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-15 14:27 - 2017-03-16 21:37 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-03-15 14:27 - 2017-03-16 21:37 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-03-15 14:27 - 2017-03-16 21:37 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-15 14:27 - 2017-03-15 14:27 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-15 14:27 - 2017-03-15 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-15 14:26 - 2017-03-15 14:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-15 14:26 - 2017-03-15 14:26 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-15 14:26 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-15 13:09 - 2017-03-17 23:09 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2017-03-15 13:01 - 2017-03-15 14:04 - 00000000 ____D C:\AdwCleaner
2017-03-15 12:59 - 2017-03-15 12:59 - 00001122 _____ C:\Users\User\Downloads\fixlist.txt
2017-03-15 10:43 - 2017-03-15 10:43 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-03-15 10:42 - 2017-03-15 10:42 - 00000000 ____D C:\ProgramData\RogueKiller
2017-03-15 10:40 - 2017-03-15 10:40 - 00000872 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-03-15 10:40 - 2017-03-15 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-03-15 10:40 - 2017-03-15 10:40 - 00000000 ____D C:\Program Files\RogueKiller
2017-03-14 20:09 - 2017-03-18 20:10 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-14 20:09 - 2017-03-14 20:06 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-14 20:09 - 2017-03-14 20:06 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-14 20:09 - 2017-03-14 20:06 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-14 20:09 - 2017-03-14 20:06 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-14 20:08 - 2017-03-14 20:08 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-14 11:49 - 2017-03-14 12:16 - 00198774 _____ C:\Windows\ntbtlog.txt
2017-03-14 10:37 - 2017-03-22 13:03 - 00000000 ____D C:\FRST
2017-03-09 22:33 - 2017-03-13 17:24 - 00321487 _____ C:\Users\User\Desktop\Water Scarcity in northwestern Cambodia.pptx
2017-03-09 09:35 - 2017-03-09 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-07 22:46 - 2017-03-12 11:59 - 00079052 _____ C:\Users\User\Documents\Microfluidic.bak
2017-03-07 22:06 - 2017-03-07 22:06 - 00000152 _____ C:\Users\User\Documents\acad.err
2017-03-07 21:05 - 2017-03-07 21:05 - 00000000 ____D C:\Program Files (x86)\58BEB01D_cacayima
2017-03-07 20:42 - 2017-03-07 22:06 - 00112680 _____ C:\Users\User\Documents\Drawing1_recover.dwg
2017-03-07 20:42 - 2017-03-07 20:42 - 00000195 ____H C:\Users\User\Documents\Drawing1.dwl2
2017-03-07 20:42 - 2017-03-07 20:42 - 00000045 ____H C:\Users\User\Documents\Drawing1.dwl
2017-03-07 12:03 - 2017-03-19 12:01 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-03-07 04:50 - 2017-03-07 04:50 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-03-06 13:38 - 2017-03-12 12:02 - 00078729 _____ C:\Users\User\Documents\Microfluidic.dwg
2017-03-06 10:08 - 2017-03-06 10:08 - 00002116 _____ C:\Users\Public\Desktop\AutoCAD 2017 - English.lnk
2017-03-06 10:08 - 2017-03-06 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2017 - English
2017-03-06 10:07 - 2017-03-06 11:27 - 00000000 ____D C:\Users\User\Documents\Inventor Server SDK ACAD 2017
2017-03-05 20:25 - 2017-03-05 20:29 - 00000000 ____D C:\Program Files (x86)\MK
2017-03-05 20:22 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2017-03-05 20:22 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-03-05 20:22 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-03-05 20:22 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-03-05 20:22 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2017-03-05 20:22 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2017-03-05 20:22 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2017-03-05 20:22 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2017-03-05 20:22 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2017-03-05 20:22 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2017-03-05 20:22 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2017-03-02 19:25 - 2017-03-15 12:59 - 00023812 _____ C:\Program Files (x86)\metadata
2017-03-01 20:42 - 2017-03-15 19:54 - 00002148 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-01 20:42 - 2017-03-14 11:33 - 00000000 ____D C:\Program Files (x86)\58B6C1AE_cacayima
2017-03-01 20:42 - 2017-03-09 19:39 - 00000000 _____ C:\Windows\SysWOW64\4
2017-03-01 20:42 - 2017-03-09 19:39 - 00000000 _____ C:\Windows\SysWOW64\3
2017-03-01 18:21 - 2017-03-01 18:22 - 00000000 ____D C:\Users\User\AppData\Local\WhatsApp
2017-02-28 17:27 - 2017-02-28 17:33 - 82418960 _____ (WhatsApp) C:\Users\User\Downloads\WhatsAppSetup.exe
2017-02-27 12:59 - 2017-02-27 12:59 - 00341094 _____ C:\Users\User\Downloads\Final Assignment2.pdf
2017-02-27 12:11 - 2017-02-27 12:11 - 00063649 _____ C:\Users\User\Downloads\bridge3.159.0_en.html
2017-02-21 02:39 - 2017-02-21 02:48 - 00000000 ____D C:\Program Files (x86)\dm72nb8v
2017-02-21 00:55 - 2017-02-21 01:03 - 00000000 ____D C:\Program Files (x86)\r2i2joqg
2017-02-20 22:39 - 2017-02-20 22:47 - 00000000 ____D C:\Program Files (x86)\ia1cpuc6
2017-02-20 20:39 - 2017-02-20 20:53 - 00000000 ____D C:\Program Files (x86)\dwyhdf69
2017-02-20 20:16 - 2017-02-20 20:24 - 00000000 ____D C:\Program Files (x86)\0wbg7wae
2017-02-20 17:14 - 2017-02-20 17:17 - 00168454 _____ C:\Users\User\Downloads\The Hydrolysis of t-Butyl Chloride updated.doc.crdownload
2017-02-20 16:39 - 2017-02-20 17:04 - 00000000 ____D C:\Program Files (x86)\lw2zy2ie
2017-02-20 15:57 - 2017-02-20 16:18 - 00000000 ____D C:\Program Files (x86)\gyzi4t6u

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-22 13:03 - 2016-08-16 21:48 - 00000554 _____ C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job
2017-03-22 12:58 - 2015-07-13 03:45 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2017-03-22 12:53 - 2015-11-09 00:31 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-03-22 12:44 - 2015-07-13 03:51 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3023424667-1579791547-2771295078-1001
2017-03-22 11:39 - 2015-07-13 04:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-22 09:12 - 2015-07-13 09:19 - 00003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{870AB941-DEA7-4AE7-ACD4-F8FC5B4235A8}
2017-03-21 21:53 - 2015-11-09 00:31 - 00000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-03-21 13:15 - 2015-07-15 03:43 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Help
2017-03-21 13:05 - 2015-07-13 06:02 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-19 12:01 - 2016-09-03 11:25 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-03-18 15:29 - 2016-03-07 16:43 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-03-17 00:04 - 2014-12-04 00:56 - 00000000 ____D C:\ProgramData\Skype
2017-03-17 00:03 - 2017-01-10 16:37 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-16 20:47 - 2015-07-13 09:18 - 00000000 ____D C:\Users\User\OneDrive
2017-03-16 20:47 - 2014-03-18 17:53 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-16 20:47 - 2013-08-22 21:36 - 00000000 ____D C:\Windows\Inf
2017-03-16 20:45 - 2015-11-09 00:41 - 00000000 ___RD C:\Users\User\Dropbox
2017-03-15 20:29 - 2015-07-13 05:59 - 00000000 ____D C:\Program Files (x86)\SogouInput
2017-03-15 20:13 - 2015-07-13 03:49 - 00000094 _____ C:\Users\User\AppData\Roaming\sp_data.sys
2017-03-15 20:10 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-15 20:05 - 2013-08-22 22:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-15 19:50 - 2015-12-21 09:39 - 00000000 ____D C:\Users\User\AppData\Local\dmcache
2017-03-15 19:31 - 2017-01-10 16:20 - 00000000 ____D C:\Users\User\AppData\Local\Akamai
2017-03-15 14:58 - 2016-09-29 08:44 - 00003884 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1475109879
2017-03-15 14:58 - 2016-09-29 08:44 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-15 14:17 - 2013-08-22 21:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-15 14:03 - 2017-01-08 20:37 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-15 14:03 - 2016-08-23 23:02 - 00000000 ____D C:\Windows\system32\log
2017-03-15 13:41 - 2015-12-21 13:39 - 00000000 ____D C:\temp
2017-03-15 12:52 - 2013-08-22 23:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 12:52 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\AppReadiness
2017-03-15 12:45 - 2016-08-22 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2017-03-15 12:31 - 2013-08-22 23:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-03-15 04:36 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-03-14 20:09 - 2015-07-13 05:03 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-14 20:09 - 2015-07-13 05:03 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 20:08 - 2015-07-13 05:03 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148949336453104
2017-03-14 20:08 - 2015-07-13 05:03 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148949336717106
2017-03-14 20:08 - 2015-07-13 05:03 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-14 20:08 - 2015-07-13 05:03 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-14 20:08 - 2015-07-13 05:03 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-14 20:08 - 2015-07-13 05:03 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-14 20:08 - 2015-07-13 05:03 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-14 20:07 - 2016-09-27 18:10 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-14 20:07 - 2015-07-13 05:03 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-14 11:34 - 2013-08-22 22:44 - 00616208 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-14 11:33 - 2015-11-09 00:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-11 17:45 - 2013-08-22 23:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-11 17:41 - 2016-08-23 16:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-11 17:13 - 2017-01-10 20:24 - 00000000 ____D C:\Users\Public\Documents\.forever
2017-03-09 21:43 - 2016-08-19 19:06 - 00000000 ____D C:\Users\User\AppData\Roaming\WhatsApp
2017-03-09 09:36 - 2015-11-09 00:30 - 00000000 ____D C:\Users\User\AppData\Local\Dropbox
2017-03-07 16:17 - 2017-01-12 11:10 - 00000000 ____D C:\Users\User\AppData\Local\SolidWorks
2017-03-07 16:17 - 2017-01-10 21:58 - 00000000 ____D C:\ProgramData\SOLIDWORKS
2017-03-06 10:14 - 2016-08-18 23:06 - 00000000 ____D C:\ProgramData\Autodesk
2017-03-06 10:10 - 2016-08-18 23:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-03-06 10:10 - 2016-08-18 23:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Autodesk
2017-03-06 10:09 - 2017-01-10 17:59 - 00000000 ____D C:\Program Files (x86)\Autodesk
2017-03-06 10:08 - 2017-01-10 20:03 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2017-03-06 10:08 - 2016-08-18 21:34 - 00000000 ____D C:\Users\User\AppData\Local\Autodesk
2017-03-06 09:48 - 2017-01-10 17:54 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-03-06 09:44 - 2017-01-10 20:03 - 00000000 ____D C:\Program Files\Autodesk
2017-03-05 20:13 - 2017-01-10 16:19 - 00000000 ____D C:\Autodesk
2017-03-02 23:05 - 2017-02-14 22:04 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2017-03-02 20:36 - 2017-01-12 11:16 - 00000000 ____D C:\ProgramData\DassaultSystemes
2017-03-01 18:22 - 2016-08-19 19:06 - 00002174 _____ C:\Users\User\Desktop\WhatsApp.lnk
2017-03-01 18:22 - 2016-08-19 19:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-03-01 18:22 - 2016-08-19 19:05 - 00000000 ____D C:\Users\User\AppData\Local\SquirrelTemp
2017-02-28 20:51 - 2016-12-15 10:01 - 00003162 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 20:51 - 2016-08-23 16:24 - 00003170 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3023424667-1579791547-2771295078-1001
2017-02-28 20:51 - 2016-08-23 16:24 - 00002301 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-02-27 15:20 - 2017-01-24 08:40 - 00000000 ___HD C:\Users\Public\Documents\.adata
2017-02-27 15:20 - 2017-01-24 08:39 - 00000000 ____D C:\ProgramData\SofTest
2017-02-22 00:21 - 2015-07-13 04:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2017-03-02 19:25 - 2017-03-15 12:59 - 0023812 _____ () C:\Program Files (x86)\metadata
2017-03-22 12:53 - 2017-03-22 12:53 - 0000040 _____ () C:\Program Files (x86)\settings.dat
2015-11-26 22:24 - 2015-11-26 22:24 - 0000000 _____ () C:\Users\User\AppData\Roaming\7C61.tmp
2015-11-09 01:14 - 2016-08-01 17:46 - 0003072 _____ () C:\Users\User\AppData\Roaming\Photobook Designer Prefsv3
2015-07-13 03:49 - 2017-03-15 20:13 - 0000094 _____ () C:\Users\User\AppData\Roaming\sp_data.sys
2015-12-28 09:07 - 2015-11-26 22:24 - 0813056 _____ () C:\Users\User\AppData\Roaming\trz154.tmp
2015-12-17 14:34 - 2015-12-17 14:34 - 0000047 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2015-02-09 16:53 - 2015-02-09 16:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-04 00:56 - 2014-03-27 04:50 - 0000124 _____ () C:\ProgramData\SetStretch.cmd
2014-12-04 00:56 - 2009-07-22 18:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-12-04 00:56 - 2012-09-07 19:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Some files in TEMP:
====================
2017-03-15 10:42 - 2015-07-16 08:29 - 1735000 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-12 12:20

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by User (2-03-2017 13:08:49)
Running from C:\Users\User\Downloads
Windows 8.1 Single Language (Update) (X64) (2015-07-12 19:45:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3023424667-1579791547-2771295078-500 - Administrator - Disabled)
Guest (S-1-5-21-3023424667-1579791547-2771295078-501 - Limited - Disabled)
User (S-1-5-21-3023424667-1579791547-2771295078-1001 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.144 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden
amuleC (HKLM-x32\...\{0F7B5011-72EC-493D-A7BF-546591047E8E}) (Version: 1.0.2 - amuleC) <==== ATTENTION
amulesw (HKLM-x32\...\{13D7C2E9-08E7-4889-94FF-87E707184E53}) (Version: 1.0.7 - amules) <==== ATTENTION
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.1 - Arduino LLC)
ASUS FlipLock (HKLM\...\{9BF8EF7C-4AA1-4CA7-93DB-8F543EB35F4E}) (Version: 1.0.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.6 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.19 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AutoCAD 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk Configurator 360 addin (HKLM-x32\...\{E3EE083F-6856-44AB-BC82-445E2FFB8C1A}) (Version: 21.0.11700 - Autodesk)
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Autodesk Desktop Connect Service (HKLM\...\{FC772454-BB19-0000-0330-44B459520227}) (Version: 3.30.0 - Autodesk)
Autodesk DWG TrueView 2017 - English (HKLM\...\DWG TrueView 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk Featured Apps 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.2317 - Autodesk, Inc.)
Autodesk Guided Tutorial Plugin (HKLM\...\{B3AFC608-D811-0003-0330-21FB25B48D6E}) (Version: 3.30.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2017 (Desktop Content) (HKLM\...\{B46DECD1-2164-4EF1-0000-22D71E81877C}) (Version: 21.0.14200.0000 - Autodesk)
Autodesk Inventor Electrical Catalog Browser 2017 - English (HKLM\...\Autodesk Inventor Electrical Catalog Browser 2017 - English) (Version: 14.0.57.0 - Autodesk)
Autodesk Inventor Electrical Catalog Browser 2017 - English (Version: 14.0.57.0 - Autodesk) Hidden
Autodesk Inventor Electrical Catalog Browser 2017 Language Pack - English (Version: 14.0.57.0 - Autodesk) Hidden
Autodesk Inventor Professional 2017 - English (HKLM\...\Autodesk Inventor Professional 2017) (Version: 21.0.14200.0000 - Autodesk)
Autodesk Inventor Professional 2017 (Version: 21.0.14200.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2017 English Language Pack (Version: 21.0.14200.0000 - Autodesk) Hidden
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2017 (HKLM\...\Autodesk Revit Interoperability for Inventor 2017) (Version: 17.0.411.0 - Autodesk)
Autodesk Revit Interoperability for Inventor 2017 (Version: 17.0.411.0 - Autodesk) Hidden
Autodesk Vault Basic 2017 (Client) (HKLM\...\Autodesk Vault Basic 2017 (Client)) (Version: 22.0.48.0 - Autodesk)
Autodesk Vault Basic 2017 (Client) (Version: 22.0.48.0 - Autodesk) Hidden
Autodesk Vault Basic 2017 (Client) English Language Pack (Version: 22.0.48.0 - Autodesk) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.0.1 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DWG TrueView 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2017 (64-bit) (HKLM\...\{05D87862-35C9-4CB4-92EC-8A1FC97BFF6C}) (Version: 6.4.9.0 - Granta Design Limited)
EnVisionSimulation-V2.772 (HKLM-x32\...\{A17D773B-A443-4697-9FBD-41481508C2C4}) (Version: 2.77.2000 - GSE EnVision LLC)
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
GAMS win32 24.1.1 (HKLM-x32\...\GAMS win32 24.1_is1) (Version: GAMS 24.1.1 - GAMS Development)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Graphmatica (HKLM-x32\...\{EB2AE318-0A58-4E3E-A463-3DE071CD9E01}) (Version: 2.4.0.0 - kSoft)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation)
Inventor Connected Desktop for A360 (HKLM\...\{1FA52755-1FBC-0001-0330-7CEA1F3736D8}) (Version: 3.30.0 - Autodesk)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MATLAB R2016a (HKLM\...\Matlab R2016a) (Version: 9.0 - MathWorks)
Mediatek Bluetooth (HKLM\...\{878D7C14-18BD-7A70-9292-C0B3CE374125}) (Version: 11.0.754.0 - Mediatek)
Mendeley Desktop 1.16.3 (HKLM-x32\...\Mendeley Desktop) (Version: 1.16.3 - Mendeley Ltd.)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 en-US)) (Version: 29.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Photobook Designer (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\Photobook Designer) (Version: Photobook Designer 2015.2.0 - Photobook Worldwide)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.47.0 - Ralink)
RAR File Open Knife - Free Opener (HKLM-x32\...\RAR File Open Knife - Free Opener) (Version: 6.50 - Philipp Winterberg)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7266 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
RogueKiller version 12.10.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.0.0 - Adlice Software)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Social Network Visualizer (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\{c97d1a9d-84b6-4bcc-ad4c-3f133eab5a83}) (Version: 2.0 - dimitris.kalamaras@gmail.com)
SofTest v11 (HKLM-x32\...\InstallShield_{C1D2914D-1088-4D4C-A743-2F22BD084B24}) (Version: 11.33.207 - Examsoft)
SofTest v11 (x32 Version: 11.33.207 - Examsoft) Hidden
Software Catalogue Client 1.2 (HKLM-x32\...\Software Catalogue Client 1.2_is1) (Version: - )
SOLIDWORKS 2016 x64 Edition SP02 (Version: 24.120.50 - Dassault Systemes SolidWorks Corp) Hidden
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 4.0.0.0 - Stellar Information Systems Ltd)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24322 - TeamViewer)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WhatsApp (HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\WhatsApp) (Version: 0.2.3572 - WhatsApp)
Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinSnare (HKLM-x32\...\{8AD83541-D15E-47D0-ABB7-6D1A065BFB49}) (Version: 4.2.9 - WinSnare) <==== ATTENTION
WinZip (HKLM-x32\...\WinZip) (Version: 2.3.4 - Winzipper Pvt Ltd.) <==== ATTENTION
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
搜狗拼音输入法 6.5正式版 (HKLM-x32\...\Sogou Input) (Version: 6.5.0.9181 - Sogou.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{32CDFF57-8CBA-4960-89B1-EC3FA58FB17A}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File

 

CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\User\AppData\Local\Autodesk\webdeploy\production\64cd1225aaecdd36644b12e5453e4d4c995e22b0\NPreview10.dll ()
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02494446-6573-4FEF-9668-D74A84CE2A14} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {0806D5A1-12B1-4DB1-A4F3-0351905BC14A} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {0982DF7C-97B7-45A0-B59B-03CE152D9D00} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-02-19] (Microsoft Corporation)
Task: {16178547-B6FF-488E-9005-10767F0E7F53} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-28] (ASUSTek Computer Inc.)
Task: {19F5DDE7-D516-4301-A9E1-06F93F0A0007} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {1A7070E6-1A47-4C07-922B-04DE4C09433E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-02-19] (Microsoft Corporation)
Task: {1CF75DDA-3DB6-4F65-945E-8FF3D501FE5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-08] (Google Inc.)
Task: {24248C31-0D20-4AF1-A6D0-E860D00DAEAC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-03] (ASUSTek Computer Inc.)
Task: {30FC0ABD-E183-4CA5-A643-E1CAF55C43A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {32FC8434-5DBB-48F2-9133-238BE3C06CF5} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-12] (ASUSTek Computer Inc.)
Task: {4BF7E1C0-264A-497C-830E-DF22873A3FFA} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {5245DDF7-656E-40A1-9202-553FB44CD03C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-08] (Google Inc.)
Task: {66C9EF2A-71D9-4F04-BBC2-E5F93880A190} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-02-19] (Microsoft Corporation)
Task: {76EBFC5A-76B5-4661-A520-4E90CFCB5ECC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {7B06CD07-9839-4F0D-8E5C-0B207ED136A5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-14] (AVAST Software)
Task: {8687D5AE-8761-4C0A-8B1C-5026D4FBF2A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {94A3671A-77FC-4DF4-9856-2AF104D3FEF7} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-07-30] (AsusTek)
Task: {9CAD7D46-35EF-4D28-98E6-91F633C34F4D} - System32\Tasks\MATLAB R2016a Startup Accelerator => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe [2015-12-28] ()
Task: {AB75C051-3F4B-4C66-965D-D5B6B412086B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {AC9E483E-EBC3-4454-94A5-40A22969BB5B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-09] (Piriform Ltd)
Task: {B123AEC7-DC80-450A-9ED2-D0609218AE18} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {B44F5164-9614-48C6-8CAC-57AC10A95A1B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-03] (ASUS)
Task: {C3CC248F-6E8D-4E27-B614-FB1E185583E3} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-06-04] (Realtek Semiconductor)
Task: {D6F36CC8-7243-41DA-AE3A-A3463EB99019} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26] (Realtek Semiconductor)
Task: {EB30C87F-1A80-49FD-94BD-59AB75DD0112} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-11] (Adobe Systems Incorporated)
Task: {F277435F-BF7C-43E9-880E-2556068B5DFB} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {F8009B75-F720-425C-A752-2FDC21912DFD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {FE244580-70C4-4A38-BD4B-D70AC8781365} - System32\Tasks\SafeZone scheduled Autoupdate 1475109879 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-03-07 16:43 - 2015-11-09 13:40 - 00253528 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-03-15 14:26 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-15 14:26 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-08-01 10:35 - 2016-08-01 10:35 - 00017920 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
2016-08-23 16:37 - 2017-01-29 21:55 - 08930504 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-02-08 14:50 - 2017-02-01 17:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-08 14:50 - 2017-02-01 17:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2016-08-16 21:10 - 2015-12-28 15:26 - 00044544 _____ () C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe
2017-01-10 21:08 - 2016-07-01 14:39 - 00061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2017-01-10 21:08 - 2016-07-01 14:39 - 00110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2017-03-14 20:07 - 2017-03-14 20:07 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-27 18:08 - 2016-09-27 18:08 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-14 20:06 - 2017-03-14 20:06 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-14 20:07 - 2017-03-14 20:07 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-11-18 12:36 - 2016-11-18 12:36 - 00904704 _____ () C:\Program Files (x86)\Examsoft\Softest 11.0\System.Data.SQLite.dll
2015-02-09 16:47 - 2013-10-24 05:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-03-09 09:34 - 2017-03-07 04:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-03-09 09:35 - 2017-02-09 10:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-03-09 09:35 - 2017-02-09 10:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-03-09 09:35 - 2017-02-09 10:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-03-09 09:35 - 2017-02-09 10:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-03-09 09:35 - 2017-02-09 10:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-09 09:34 - 2017-02-09 10:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-09 09:34 - 2017-02-09 10:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-09 09:34 - 2017-02-09 10:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-03-09 09:35 - 2017-02-09 10:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-09 09:34 - 2017-02-09 10:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-09 09:34 - 2017-02-09 10:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-03-09 09:35 - 2017-02-09 10:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-03-09 09:35 - 2017-02-09 10:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 09:34 - 2017-02-09 10:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-09 09:34 - 2017-03-07 05:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-09 09:34 - 2017-02-09 10:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-09 09:34 - 2017-02-09 10:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-09 09:34 - 2017-03-07 05:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-03-09 09:35 - 2017-02-09 10:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-03-09 09:35 - 2017-03-07 05:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 09:34 - 2017-03-07 05:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-03-09 09:35 - 2017-02-09 10:30 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2017-02-18 03:34 - 2017-02-18 03:34 - 22958672 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-12-24 02:10 - 2016-12-24 02:10 - 00323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2016-10-01 07:36 - 2016-10-01 07:36 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

 

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [135]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\...\sharepoint.com -> hxxps://ichatspedu.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3023424667-1579791547-2771295078-1001\Control Panel\Desktop\\Wallpaper -> D:\Study Material\NUS\Sem2\CM1502\Electronegativity chart.jpg
DNS Servers: 137.132.0.254 - 137.132.0.252
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A91FCD71-505B-44CA-A6AF-397B6980695D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4BC64510-64C3-481B-9508-7C04C732E66B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{1BFCCB6C-0B75-40A2-B6C3-404D0A59F1D5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{7087BEA1-29DE-4E6F-8379-279D9A611993}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{281BFDD9-AC9F-44D3-A42A-F90BCBD8E8E5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{42D2C929-C773-4334-87E7-7C370B853DD9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{DC7E05DB-FCBA-459E-AFE1-29A9C684C181}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{7BCAEE5B-07B9-4D09-AA04-ED5D4681905C}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{AAF7B55C-F86E-41EA-A57F-388148326B86}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{29421EF0-E5E9-4E36-BCC2-50EBAB393584}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{8F13D6BD-F8DB-47DE-B7EA-B907BEA141E9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\PinyinUp.exe
FirewallRules: [{B969658D-F2BE-4CBF-9987-96A398002F60}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{63CC5990-E9E5-45B3-9939-287C688CE3B2}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{C6564E38-E6DA-4D22-BD11-AC0C030A3F94}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{3942351D-AC73-4552-BCEA-326D0E148AB5}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{912D4188-7B43-4B31-9F63-FD95B858B1FB}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{535FCAA4-2F7A-4CAE-934F-4587D0654C7E}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGDownload.exe
FirewallRules: [{9E885250-670D-46D5-B759-602B98503435}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{81DAD6B0-AB98-4E03-85B3-009A99B16635}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{638DBFA6-ADFB-4484-9121-2ABE06D26CF9}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{8671A947-94DB-4967-B28D-4964A504544C}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{9EE34C8D-69AC-4955-A421-6204F9CFA8B5}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{390E461C-EFF5-402D-A4AF-91B36445A7C2}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\ImeUtil.exe
FirewallRules: [{48F80170-46A0-4BE6-B2D7-47F489A0AE50}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{73DAC044-86A1-471E-ABF6-A0F5617E6F65}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{A07E6598-6F53-40CF-8D09-EB4B3EA69D99}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{16492CEB-D723-48D4-960F-A8513ADE97A1}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{63D06C57-7887-4134-89FE-0F57E3553D5B}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{86EA128E-48F6-4855-AE0D-E0CD64FBD677}] => (Allow) C:\Program Files (x86)\SogouInput\6.5.0.9181\SGTool.exe
FirewallRules: [{335D9ACB-B888-4367-8EC6-A23027E4D8F2}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{B9A62A92-BCAE-4574-B6BE-149A6715428F}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{3AB4F339-B007-4D7D-9570-7B223B574492}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{7CD29E55-2CF5-400A-9DBA-F5A9DA38E9B2}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{7D1C8BA5-C9F6-4B77-98D4-46DBB618B79E}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{002EC304-73E0-4530-AB5A-63BEE9CE7CAA}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{9C8C1A32-18AA-4D5D-98C9-4B6EBACA8D2A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C3912C72-EA1B-4420-9114-D79877C4AC8B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{070FB716-5FFD-4A49-962B-C0F4187049CF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4CB73550-23AD-4237-B1C6-75270803A86A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{08DAE8E2-C484-4506-B5A9-66DF3387D165}] => (Allow) F:\Microsoft Project Pro 2013 SP1 VL x64 en-US[rarbg]\Microsoft Toolkit.exe
FirewallRules: [{46FE5F7C-60A1-4802-BF77-093332C050C8}] => (Allow) F:\Microsoft Project Pro 2013 SP1 VL x64 en-US[rarbg]\Microsoft Toolkit.exe
FirewallRules: [{DF5C156F-D606-446F-BE41-AE4D27E37917}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6BB98E9B-FF97-4FB8-853A-E4FAF3CD75EA}] => (Allow) LPort=2869
FirewallRules: [{35BC7EA6-18C8-40B8-A616-8F8D2EA9DA67}] => (Allow) LPort=1900
FirewallRules: [{1AA79CEC-A987-4C13-9286-6CB3BDB92C1C}] => (Allow) C:\Users\User\AppData\Local\Doyo\drvdown\download\MiniThunderPlatform.exe
FirewallRules: [{501B833C-BFF1-45A8-849F-9EB93F30B64E}] => (Allow) C:\Users\User\AppData\Local\Doyo\DYService.exe
FirewallRules: [{1C45797D-99A6-4473-AC81-0B9344D30C42}] => (Allow) C:\Users\User\AppData\Local\Doyo\MiniDown\download\MiniThunderPlatform.exe
FirewallRules: [TCP Query User{236AA815-3ECE-4088-AC83-D9A7BDD458F0}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{6D033F11-FCC1-48B9-865F-A51930F7A13D}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{D10F3954-6E4C-4410-8C17-A3DBB85B5F85}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{5F1CDCA3-467B-4C13-AC12-E5A97DF00513}C:\users\user\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\user\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{ADE451A1-F205-4F9F-92AA-7E97E78B1E54}] => (Allow) C:\Program Files (x86)\Letv\letv360.exe
FirewallRules: [{B62BC3CF-E0E8-4992-9FA8-CA23A2425946}] => (Allow) C:\Program Files (x86)\Letv\letv360.exe
FirewallRules: [TCP Query User{24EFC1E4-521F-4156-9A0C-5E46278A96D2}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{99C1BA46-1307-483D-A3C2-CBE133BAEF1F}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{BE98410B-1DB2-401A-A005-F43591F48FAD}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{7BB5EB2B-3E2E-4A34-9467-8109B84522DC}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [{CCD60465-B3BE-4D20-BA81-1215F826EAF2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{CA185C25-38C3-4860-B2FC-C3B886107148}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{F0DCADC8-5D99-410F-8F31-8ABF7EC57576}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{3BF4294A-3D72-4D79-A690-3F9264E10BC8}] => (Allow) C:\ProgramData\Newjob\Newjob.exe
FirewallRules: [{38AF029C-111C-40CE-8715-10F8E25BF8B0}] => (Allow) C:\ProgramData\Fishlose\Fishlose.exe
FirewallRules: [TCP Query User{0C58AB5F-FDCA-48A5-B80F-B7BB63622B8F}C:\program files (x86)\willjob\application\chrome.exe] => (Block) C:\program files (x86)\willjob\application\chrome.exe
FirewallRules: [UDP Query User{B59628BC-5522-4897-B55F-17D8366A34BF}C:\program files (x86)\willjob\application\chrome.exe] => (Block) C:\program files (x86)\willjob\application\chrome.exe
FirewallRules: [{4369E5B7-E538-40A9-A691-A15DED59467A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{19216B93-2C52-4240-8DE7-D979AD777B37}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{984AB920-991F-477B-BDD3-A9B9E37EDB95}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{BB5DA6FF-9238-42C0-84EE-B555F60BF522}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2A8EA24B-1E67-4455-8B7D-EDB22664E77A}] => (Allow) LPort=62947
FirewallRules: [{3D124470-659E-4198-89AA-895781A1A9E2}] => (Allow) LPort=5000
FirewallRules: [{20BB0891-91E7-48D5-90E2-6675C0944F37}] => (Allow) C:\Program Files\Autodesk\Desktop Connect\forever\node.exe
FirewallRules: [TCP Query User{A64E9BB1-FD6C-4601-A408-BBD85F1DA260}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{BD916DEB-A0BD-43ED-BC9D-9A82A257D448}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{1416CFD7-F9D5-4E0E-84EF-146BA124BE85}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{76B3ED28-9682-4CE7-84CD-FF2A34126127}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F4A75FD3-5D08-4356-A88B-FBE0706F8AD4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAC41570-4409-4667-80A6-B8370BE240C0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1F6B3AE6-4B36-4513-B924-60E69C3327A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3488D9B9-7413-4DE7-BE27-CE14F35F2DA0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{28FE39AB-BA90-4443-9C45-3B681ADC3A3D}] => (Allow) C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{3367616B-0118-4E66-B0C0-6F4304503A8C}] => (Allow) C:\Program Files\SolidWorks Corp 2016\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{189ECFAF-6F03-4CB0-8CE7-E442B2C53D6F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{33625DDE-F026-4450-AB57-8A5DDFBF7992}] => (Allow) C:\Program Files (x86)\Stancine\Application\chrome.exe
FirewallRules: [{1D645050-C3E8-4D28-A304-11654B7505ED}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{E7C9FA44-0E65-49D4-A4FC-41C4E7D276E1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{701D2324-E8EA-41DB-9242-3D84AFF64950}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{7D998B99-D647-4C48-98D1-9D00777F229D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
StandardProfile\AuthorizedApplications: [C:\Users\User\AppData\Local\Doyo\DYService.exe] => Enabled:¶ºÓÎÏÂÔØ·þÎñ

==================== Restore Points =========================

15-03-2017 20:25:47 JRT Pre-Junkware Removal
15-03-2017 20:26:43 JRT Pre-Junkware Removal
16-03-2017 23:59:30 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
17-03-2017 00:01:57 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
22-03-2017 13:06:41 Revo Uninstaller Pro's restore point - amulesw

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2017 01:09:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b54

Start Time: 01d2a2c9c84f4116

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: bd56fcda-0ebd-11e7-82bf-acd1b84b0fa0

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/22/2017 12:45:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1dcc

Start Time: 01d2a2c0513adcdf

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 46391290-0eba-11e7-82bf-acd1b84b0fa0

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/22/2017 12:44:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109

Error: (03/22/2017 12:44:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1109

Error: (03/22/2017 12:01:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/22/2017 11:48:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: STSensorInfoApp.exe, version: 0.0.0.0, time stamp: 0x531fca82
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17936, time stamp: 0x55a68dd1
Exception code: 0xc0000142
Fault offset: 0x0009d4f2
Faulting process id: 0xb00
Faulting application start time: 0x01d2a2bf35ac2bff
Faulting application path: C:\Program Files\ASUS\ASUS FlipLock\STSensorInfoApp.exe
Faulting module path: KERNELBASE.dll
Report Id: 793fae29-0eb2-11e7-82bf-acd1b84b0fa0
Faulting package full name:
Faulting package-relative application ID:

Error: (03/22/2017 09:33:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1140

Error: (03/22/2017 09:33:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1140

Error: (03/22/2017 09:33:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/22/2017 09:04:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: STSensorInfoApp.exe, version: 0.0.0.0, time stamp: 0x531fca82
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17936, time stamp: 0x55a68dd1
Exception code: 0xc0000142
Fault offset: 0x0009d4f2
Faulting process id: 0xfc0
Faulting application start time: 0x01d2a2a84982f515
Faulting application path: C:\Program Files\ASUS\ASUS FlipLock\STSensorInfoApp.exe
Faulting module path: KERNELBASE.dll
Report Id: 8ec38a6b-0e9b-11e7-82bf-acd1b84b0fa0
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (03/22/2017 12:47:07 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.63.222.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/22/2017 12:47:03 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.63.222.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/22/2017 12:47:00 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :20" could not be registered on the interface with IP address 172.23.63.222.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/22/2017 12:47:00 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.63.222.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/22/2017 12:47:00 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4B1A8B33-03CA-4186-B2E3-936CF07F5CEF} because another computer on the network has the same name. The server could not start.

Error: (03/22/2017 11:37:02 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :20" could not be registered on the interface with IP address 172.23.179.114.
The computer with the IP address 137.132.4.25 did not allow the name to be claimed by
this computer.

Error: (03/22/2017 11:20:04 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.179.114.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/22/2017 11:20:04 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.179.114.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/22/2017 11:20:04 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.179.114.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.

Error: (03/22/2017 11:20:00 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ASUS :0" could not be registered on the interface with IP address 172.23.179.114.
The computer with the IP address 137.132.4.5 did not allow the name to be claimed by
this computer.


CodeIntegrity:
===================================
Date: 2017-03-15 12:40:24.737
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-15 12:40:03.899
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-15 11:11:39.379
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-15 11:11:35.648
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-15 10:43:12.874
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-15 10:42:38.343
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-14 19:06:55.115
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-14 19:06:54.989
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-14 19:06:54.981
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-03-14 18:41:54.067
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 79%
Total physical RAM: 3979.43 MB
Available physical RAM: 805.48 MB
Total Virtual: 9099.43 MB
Available Virtual: 3924.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:69.5 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:263.35 GB) (Free:199.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A60BBD6E)

Partition: GPT.

==================== End of Addition.txt ============================

 

Hey broni, sorry for the late reply. I was busy in these few days and wasn't able to get online/ Can you give 3 more days to this because my friend's laptop isn't with me right now. Thank you.

 

Sorry that recently too busy with academic stuff. The following is the fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by User (23-03-2017 13:01:36) Run:2
Running from C:\Users\User\Downloads
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
GroupPolicy: Restriction <======= ATTENTION
S3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [567808 2016-12-09] () <==== ATTENTION
C:\Program Files (x86)\Common Files\Services\iThemes.dll
S2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-10-28] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION
C:\Windows\system32\themeservice.dll
S2 WinSnare; C:\Users\User\AppData\Roaming\WinSnare\WinSnare.dll [776704 2017-03-12] (InterSect Alliance Pty Ltd) <==== ATTENTION
S2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1254960 2016-08-29] (ExWzp Pvt Ltd.) <==== ATTENTION
S2 ed2kidle; "C:\Program Files (x86)\amuleC\ed2k.exe" -downloadwhenidle [X] <==== ATTENTION
C:\Users\User\AppData\Roaming\WinSnare\WinSnare.dll
S2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S0 msahci; system32\drivers\msahci.sys [X]
C:\ProgramData\RefreshReg.vbs
C:\ProgramData\Ｇooｇle Ｃhroｍe.lnk.bat
C:\ProgramData\Ｍozilla Ｆireｆox.lnk.bat


*****************

C:\Windows\system32\GroupPolicy\Machine => moved successfully
iThemes5 => service not found.
"C:\Program Files (x86)\Common Files\Services\iThemes.dll" => not found.
HKLM\System\CurrentControlSet\Services\Themes\\DependOnService => value not found.
"C:\Windows\system32\themeservice.dll" => not found.
WinSnare => service not found.
winzipersvc => service not found.
ed2kidle => service not found.
"C:\Users\User\AppData\Roaming\WinSnare\WinSnare.dll" => not found.
winzipersvc => service not found.
aswHdsKe => service not found.
dbx => service not found.
msahci => service not found.
"C:\ProgramData\RefreshReg.vbs" => not found.
"C:\ProgramData\Ｇooｇle Ｃhroｍe.lnk.bat" => not found.
"C:\ProgramData\Ｍozilla Ｆireｆox.lnk.bat" => not found.


The system needed a reboot.

==== End of Fixlog 13:01:37 ====

 

Today when I look for some files in my local disk C I saw a lot of empty folder with weird name which can't be deleted =(
It is shown in the following link:

http://i66.tinypic.com/2ivihr7.jpg

 

Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avast Antivirus
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java version 32-bit out of Date!
Adobe Flash Player 22.0.0.144
Mozilla Firefox 29.0 Firefox out of Date!
Google Chrome (57.0.2987.133)
Google Chrome (SetupMetrics...)
Google Chrome (temp...)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

 

Farbar Service Scanner Version: 27-01-2016
Ran by User (administrator) on 11-04-2017 at 22:39:12
Running from "C:\Users\User\Downloads"
Microsoft Windows 8.1 Single Language (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

 

2017-04-11 14:50:11.010 Sophos Virus Removal Tool version 2.5.6
2017-04-11 14:50:11.010 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-04-11 14:50:11.010 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-04-11 14:50:11.010 Windows version 6.2 SP 0.0 build 9200 SM=0x300 PT=0x1 WOW64
2017-04-11 14:50:11.010 Checking for updates...
2017-04-11 14:50:11.525 Update progress: proxy server not available
2017-04-11 14:50:23.885 Option all = no
2017-04-11 14:50:24.323 Option recurse = yes
2017-04-11 14:50:24.323 Option archive = no
2017-04-11 14:50:24.323 Option service = yes
2017-04-11 14:50:24.323 Option confirm = yes
2017-04-11 14:50:24.323 Option sxl = yes
2017-04-11 14:50:24.323 Option max-data-age = 35
2017-04-11 14:50:24.323 Option vdl-logging = yes
2017-04-11 14:50:24.323 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-04-11 14:50:24.323 Machine ID: a4db2b960d954b1aa26948cadfca7a0a
2017-04-11 14:50:24.323 Component SVRTcli.exe version 2.5.6
2017-04-11 14:50:24.323 Component control.dll version 2.5.6
2017-04-11 14:50:24.323 Component SVRTservice.exe version 2.5.6
2017-04-11 14:50:24.323 Component engine\osdp.dll version 1.44.1.2281
2017-04-11 14:50:24.323 Component engine\veex.dll version 3.68.1.2281
2017-04-11 14:50:24.323 Component engine\savi.dll version 9.0.7.2281
2017-04-11 14:50:24.526 Component rkdisk.dll version 1.5.31.1
2017-04-11 14:50:24.526 Version info: Product version 2.5.6
2017-04-11 14:50:24.526 Version info: Detection engine 3.68.1
2017-04-11 14:50:24.526 Version info: Detection data 5.38
2017-04-11 14:50:24.526 Version info: Build date 4/4/2017
2017-04-11 14:50:24.526 Version info: Data files added 184
2017-04-11 14:50:24.526 Version info: Last successful update (not yet updated)
2017-04-11 14:51:02.268 Downloading updates...
2017-04-11 14:51:02.273 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-04-11 14:51:02.273 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-04-11 14:51:02.273 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-04-11 14:51:02.273 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-04-11 14:51:02.273 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-04-11 14:51:02.273 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-04-11 14:51:02.273 Update progress: [I49502] sdds.data0910.xml: found supplement IDE539 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-04-11 14:51:02.273 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE539 LATEST path=
2017-04-11 14:51:02.273 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE539 LATEST path=
2017-04-11 14:51:02.273 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product IDE539 LATEST path=]
2017-04-11 14:51:02.273 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path=
2017-04-11 14:51:02.273 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path=
2017-04-11 14:51:02.273 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=]
2017-04-11 14:51:02.273 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-04-11 14:51:02.273 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-04-11 14:51:02.273 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-04-11 14:51:04.097 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-04-11 14:51:04.097 Update progress: [I19463] Product download size 162626989 bytes
2017-04-11 14:52:47.220 Update progress: [I19463] Syncing product IDE539 LATEST path=
2017-04-11 14:52:47.220 Update progress: [I19463] Product download size 2453408 bytes
2017-04-11 14:52:47.775 Update progress: [I19463] Syncing product IDE540 LATEST path=
2017-04-11 14:52:47.775 Update progress: [I19463] Product download size 448391 bytes
2017-04-11 14:52:47.962 Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-04-11 14:52:48.056 Installing updates...
2017-04-11 14:52:48.884 Error level 1
2017-04-11 14:53:53.937 Update successful
2017-04-11 14:54:06.602 Option all = no
2017-04-11 14:54:06.602 Option recurse = yes
2017-04-11 14:54:06.602 Option archive = no
2017-04-11 14:54:06.602 Option service = yes
2017-04-11 14:54:06.602 Option confirm = yes
2017-04-11 14:54:06.602 Option sxl = yes
2017-04-11 14:54:06.602 Option max-data-age = 35
2017-04-11 14:54:06.602 Option vdl-logging = yes
2017-04-11 14:54:06.602 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-04-11 14:54:06.602 Machine ID: a4db2b960d954b1aa26948cadfca7a0a
2017-04-11 14:54:06.617 Component SVRTcli.exe version 2.5.6
2017-04-11 14:54:06.617 Component control.dll version 2.5.6
2017-04-11 14:54:06.617 Component SVRTservice.exe version 2.5.6
2017-04-11 14:54:06.617 Component engine\osdp.dll version 1.44.1.2281
2017-04-11 14:54:06.617 Component engine\veex.dll version 3.68.1.2281
2017-04-11 14:54:06.617 Component engine\savi.dll version 9.0.7.2281
2017-04-11 14:54:06.617 Component rkdisk.dll version 1.5.31.1
2017-04-11 14:54:06.617 Version info: Product version 2.5.6
2017-04-11 14:54:06.617 Version info: Detection engine 3.68.1
2017-04-11 14:54:06.617 Version info: Detection data 5.38
2017-04-11 14:54:06.617 Version info: Build date 4/4/2017
2017-04-11 14:54:06.617 Version info: Data files added 185
2017-04-11 14:54:06.617 Version info: Last successful update 4/11/2017 10:53:53 PM

2017-04-11 16:12:20.408 >>> Virus 'Troj/SupTab-E' found in file C:\AdwCleaner\quarantine\files\afnttqeyzwgjxbrvngpeiomkvtixzmvn\wpm.exe
2017-04-11 16:12:20.502 >>> Virus 'Troj/SupTab-E' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2017-04-11 16:12:20.502 >>> Virus 'Troj/SupTab-E' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2017-04-11 16:18:20.864 >>> Virus 'Mal/Generic-S' found in file C:\AdwCleaner\quarantine\files\ovaequlpmkogwabfkcgnqrihbuebisuw\WinSnare.dll
2017-04-11 16:18:20.864 >>> Virus 'Mal/Generic-S' found in file C:\AdwCleaner\quarantine\files\ovaequlpmkogwabfkcgnqrihbuebisuw\WinSnare.dll
2017-04-11 16:18:20.864 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2017-04-11 16:18:20.864 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2017-04-11 16:55:07.118 Password protected file C:\GAMS\win32\24.1\testlib_ml\gdxxrw5.xls
2017-04-11 16:55:09.944 Could not open C:\hiberfil.sys
2017-04-11 16:55:10.077 Could not open C:\pagefile.sys
2017-04-11 18:06:48.223 Could not open C:\ProgramData\Autodesk\SDS\SecureDataStorage.sds\LOCK
2017-04-11 18:08:50.417 Could not open C:\swapfile.sys
2017-04-11 18:08:50.635 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{128459FE-5F66-418C-8259-AA8736960B8D}
2017-04-11 18:08:50.635 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{5DF13915-009A-4991-AF76-18E6038AC6C3}
2017-04-11 18:08:50.635 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{6134CBEF-C144-42E8-8B28-9BCD87FABE9E}
2017-04-11 18:08:50.635 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{75466759-49C7-4E2B-B21B-4F9BE6C63221}
2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{79C38FF3-174A-4AA6-95A8-395ED6E1B7B0}
2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{80DAD8D2-D4C6-4088-BB69-66B8C17965D0}
2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{94D3D50C-B200-44E1-B427-B571D8E9DA95}
2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B9ACFCA3-E76A-46BE-A23A-A6CE04473708}
2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C22406F4-C692-4BB3-8481-F18752E7C595}
2017-04-11 18:08:50.651 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C50CCC70-1A66-4A83-8C26-BE88521EA78E}
2017-04-11 18:08:50.698 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{E519D707-5528-4DB2-9661-491963EE0F55}
2017-04-11 18:08:50.698 Could not open C:\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{F4A87986-9432-4AE8-98F1-D417D9CAC9CC}
2017-04-11 18:08:50.839 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-11 18:08:50.839 Could not open C:\System Volume Information\{3a6a38a3-18dd-11e7-82c2-bf96870608fb}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-11 18:08:50.839 Could not open C:\System Volume Information\{48989069-1e7e-11e7-82c2-bf96870608fb}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-04-11 18:16:58.889 Could not open C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Current Session
2017-04-11 18:16:58.889 Could not open C:\Users\User\AppData\Local\Google\Chrome\User Data\chagulybuvertainmibile\Current Tabs
2017-04-11 18:59:57.829 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-04-11 18:59:57.847 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-04-11 19:00:09.101 Could not open C:\Windows\System32\config\BBI
2017-04-11 19:00:09.119 Could not open C:\Windows\System32\config\COMPONENTS
2017-04-11 19:00:09.251 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-04-11 19:00:09.251 Could not open C:\Windows\System32\config\RegBack\SAM
2017-04-11 19:00:09.251 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-04-11 19:00:09.251 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-04-11 19:00:09.255 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-04-11 19:50:36.214 The following items will be cleaned up:
2017-04-11 19:50:36.252 Troj/SupTab-E
2017-04-11 19:50:36.252 Mal/Generic-S

 

Farbar Service Scanner Version: 27-01-2016
Ran by User (administrator) on 12-04-2017 at 12:16:59
Running from "C:\Users\User\Downloads"
Microsoft Windows 8.1 Single Language (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****