Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast detect URL:Mal - URL: Theadclick.com Process AgileVpn.exe


  • This topic is locked This topic is locked
18 replies to this topic

#1 VirulentVomit

VirulentVomit

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 28 November 2014 - 12:56 PM

Hi, I recently start to receive popup warning from avast free, about a blocked infection:

 

Infection detail:

URL hxxp:theadclick.com/

Process:C:\Program Files (x86)\WAN Miniport IKEv2\AgileVpn.exe

 

I tried with MalwareBytes, Avast (obviously), Adwcleaner, and vary manual method for detecting were the problem came but unsuccesfull, i tried to download Combofix to launch an automatica fix but  when I try to run I get NSIS Error, i already tried to download from another browser, i usually use Firefox, i never use  Internet explorer, i tried it but it is not working at all...

 

I don't post any log, i know your are so busy, i'll wait you tell me what to do.

Thank you.

 

 



BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:10 AM

Posted 03 December 2014 - 10:43 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

#3 VirulentVomit

VirulentVomit
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 03 December 2014 - 11:13 AM

Thank you for helping me nasdaq; as requested:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-12-2014
Ran by Excalibur (administrator) on EXCALIBUR-PC on 03-12-2014 16:59:19
Running from C:\Users\Excalibur\Desktop
Loaded Profile: Excalibur (Available profiles: Excalibur & MBOT1 & CVBOT1)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Italiano (Italia)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files (x86)\WAN Miniport IKEv2\AgileVpn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Program Files (x86)\WAN Miniport IKEv2\AgileVpn.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Google Inc.) C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Dropbox, Inc.) C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SONIX) C:\Windows\FixCamera.exe
() C:\Windows\tsnp2uvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Autodesk Inc.) C:\Users\Excalibur\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Excalibur\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Excalibur\AppData\Local\Akamai\netsession_win.exe
(Farbar) C:\Users\Excalibur\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [675840 2008-08-01] (Sonix)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [188928 2008-08-21] (SONIX)
HKLM-x32\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [675840 2008-08-01] (Sonix)
HKLM-x32\...\Run: [tsnp2uvc] => C:\Windows\tsnp2uvc.exe [320512 2009-11-13] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1807360 2011-10-19] (Dominik Reichl)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\BrowserPlugInHelper.exe [1956352 2013-12-11] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-06-21] (Autodesk Inc.)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-20] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [592616 2011-01-12] (SANDBOXIE L.T.D)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2012-12-05] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [WiFi Guard] => C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe [3897040 2014-11-10] (SoftPerfect Research)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [Google Update] => C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [EPSON SX510W Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE [223232 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Excalibur\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [Google+ Auto Backup] => C:\Users\Excalibur\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Policies\Explorer: []
Startup: C:\Users\Excalibur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Excalibur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-440119699-676679962-2437733237-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-440119699-676679962-2437733237-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-440119699-676679962-2437733237-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-440119699-676679962-2437733237-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0686EB93B8C0CB01
HKU\S-1-5-21-440119699-676679962-2437733237-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-440119699-676679962-2437733237-1001 -> DefaultScope {7C14259C-A1B0-4354-A40D-179D4E7DE8A1} URL = http://www.google.it/search?hl=it&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-21-440119699-676679962-2437733237-1001 -> {7C14259C-A1B0-4354-A40D-179D4E7DE8A1} URL = http://www.google.it/search?hl=it&q={searchTerms}&meta=
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HistoryTriggerBHO Class -> {21A88CB9-84D2-4020-A2D1-B25A21034884} -> C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Guida per l'accesso all'account Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: iSkysoft Video Converter Ultimate -> {C7C3BC26-4F2B-4997-A3CB-163337FE975B} -> C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-440119699-676679962-2437733237-1001 -> No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Excalibur\AppData\Roaming\Mozilla\Firefox\Profiles\wp9xxgax.default-1417551203700
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-440119699-676679962-2437733237-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Excalibur\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-440119699-676679962-2437733237-1001: @talk.google.com/O1DPlugin -> C:\Users\Excalibur\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-440119699-676679962-2437733237-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-440119699-676679962-2437733237-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Excalibur\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Excalibur\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [{845257EF-A892-484e-8EB0-47F563D75939}] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt
FF Extension: iSkysoft Video Converter Ultimate - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt [2013-12-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-27]
FF HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Firefox\Extensions: [{845257EF-A892-484e-8EB0-47F563D75939}] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt

Chrome:
=======
CHR Profile: C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-24]
CHR Extension: (iSkysoft Video Converter Ultimate) - C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfeafapmnniobpffacckpddijdjgpmj [2014-05-30]
CHR Extension: (Google Wallet) - C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (adf.ly Redir) - C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\okpbglfbenhongfconamjdgbbdfnjano [2013-12-15]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2013-05-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-20]
CHR HKLM-x32\...\Chrome\Extension: [hlfeafapmnniobpffacckpddijdjgpmj] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRChromePlugin.crx [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-05-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [596360 2014-06-21] (Autodesk Inc.)
R2 AgileVpn; C:\Program Files (x86)\WAN Miniport IKEv2\AgileVpn.exe [32768 2011-11-18] (Microsoft Corporation) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-20] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-20] (Avast Software)
R2 cbVSCService; C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe [67584 2010-09-23] (CobianSoft, Luis Cobian) [File not signed]
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 mitsijm2012; C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-07] (Autodesk, Inc.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2011-11-06] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [91368 2011-01-12] (SANDBOXIE L.T.D)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-20] ()
S3 cpuz134; C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [21480 2010-07-09] (Windows ® Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-22] (DT Soft Ltd)
U5 ET5Drv; C:\Windows\ET5Drv.sys [36416 2007-10-16] (Windows ® Codename Longhorn DDK provider)
R3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2011-02-01] (VSO Software)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-02-01] ()
S3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
S3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-07-01] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-07-01] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [147048 2011-01-12] (SANDBOXIE L.T.D)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3557248 2009-06-03] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-01-25] (Duplex Secure Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-20] (Avast Software)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [176640 2011-08-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [230400 2011-08-20] (VIA Technologies, Inc.)
U3 aizwt5r1; C:\Windows\System32\Drivers\aizwt5r1.sys [0 ] (Advanced Micro Devices)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-03 16:59 - 2014-12-03 16:59 - 00024862 _____ () C:\Users\Excalibur\Desktop\FRST.txt
2014-12-03 16:59 - 2014-12-03 16:59 - 00000000 ____D () C:\FRST
2014-12-03 16:57 - 2014-12-03 16:57 - 02117120 _____ (Farbar) C:\Users\Excalibur\Desktop\FRST64(1).exe
2014-12-03 00:34 - 2014-12-03 14:24 - 00000168 _____ () C:\Windows\setupact.log
2014-12-03 00:34 - 2014-12-03 00:46 - 00000620 _____ () C:\Windows\PFRO.log
2014-12-03 00:34 - 2014-12-03 00:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-03 00:29 - 2014-12-03 00:29 - 02154496 _____ () C:\Users\Excalibur\Downloads\adwcleaner_4.103.exe
2014-12-03 00:09 - 2014-12-03 00:09 - 00007102 _____ () C:\Users\Excalibur\Downloads\startup.txt
2014-12-02 21:25 - 2014-12-02 21:25 - 00000000 _____ () C:\autoexec.bat
2014-12-02 21:18 - 2014-12-02 21:18 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Excalibur\Downloads\SpyHunter-Installer.exe
2014-12-02 21:13 - 2014-12-02 21:13 - 00000000 ____D () C:\Users\Excalibur\Desktop\Dati precedenti di Firefox
2014-12-02 21:12 - 2014-12-02 21:12 - 00310764 _____ () C:\Users\Excalibur\Desktop\bookmarks-2014-12-02.json
2014-12-02 15:59 - 2014-12-02 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-12-01 16:51 - 2014-12-01 16:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-28 19:05 - 2014-11-28 19:05 - 02347384 _____ (ESET) C:\Users\Excalibur\Downloads\esetsmartinstaller_enu.exe
2014-11-28 19:05 - 2014-11-28 19:05 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-28 19:04 - 2014-11-28 19:04 - 00362880 _____ (Kaspersky Lab) C:\Users\Excalibur\Downloads\setup.exe
2014-11-28 18:22 - 2014-11-28 18:22 - 00051491 _____ () C:\Users\Excalibur\Downloads\Result.txt
2014-11-28 18:20 - 2014-11-28 18:20 - 00401920 _____ (Farbar) C:\Users\Excalibur\Downloads\MiniToolBox.exe
2014-11-28 18:05 - 2014-11-28 18:05 - 00014557 _____ () C:\Users\Excalibur\Downloads\hijackthis.log
2014-11-28 18:03 - 2014-11-28 18:03 - 00388608 _____ (Trend Micro Inc.) C:\Users\Excalibur\Downloads\HijackThis.exe
2014-11-28 17:26 - 2014-11-28 17:27 - 05598707 _____ (Swearware) C:\Users\Excalibur\Downloads\ComboFix (1).exe
2014-11-28 17:18 - 2014-11-28 17:19 - 05598707 _____ (Swearware) C:\Users\Excalibur\Downloads\ComboFix.exe
2014-11-28 16:38 - 2014-11-28 16:38 - 02117632 _____ (Farbar) C:\Users\Excalibur\Downloads\FRST64.exe
2014-11-23 12:56 - 2014-12-03 16:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-23 12:56 - 2014-11-23 12:56 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-23 12:56 - 2014-11-23 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-23 12:56 - 2014-11-23 12:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-23 12:56 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-23 12:56 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-23 12:37 - 2014-11-23 12:37 - 00000000 _____ () C:\Users\Excalibur\Downloads\igm
2014-11-23 12:20 - 2014-11-23 12:20 - 02850062 _____ (InstallShield Software Corporation) C:\Users\Excalibur\Downloads\mgControl60.exe
2014-11-23 11:57 - 2014-11-23 11:57 - 00004344 _____ () C:\Users\Excalibur\AppData\Local\recently-used.xbel
2014-11-23 11:46 - 2014-11-23 11:46 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\webkit
2014-11-23 11:36 - 2014-11-23 11:57 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\gtk-2.0
2014-11-23 11:29 - 2014-11-23 11:29 - 00000565 _____ () C:\Users\Excalibur\Desktop\XnView.lnk
2014-11-23 11:28 - 2014-11-23 11:35 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\XnView
2014-11-23 11:28 - 2013-12-08 14:47 - 00000000 ____D () C:\Users\Excalibur\Desktop\XnView
2014-11-23 11:24 - 2014-11-23 11:24 - 03126213 _____ ( ) C:\Users\Excalibur\Downloads\merge23.exe
2014-11-23 11:24 - 2014-11-23 11:24 - 00000963 _____ () C:\Users\Excalibur\Desktop\Merge.lnk
2014-11-23 11:24 - 2014-11-23 11:24 - 00000000 ____D () C:\Windows\SysWOW64\(app)
2014-11-23 11:24 - 2014-11-23 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\merge
2014-11-23 11:24 - 2014-11-23 11:24 - 00000000 ____D () C:\Program Files (x86)\Merge
2014-11-23 11:15 - 2014-11-23 11:15 - 00000197 _____ () C:\Windows\system32\2014-11-23-10-15-25.005-AvastVBoxSVC.exe-3916.log
2014-11-22 21:30 - 2014-11-22 21:30 - 00000197 _____ () C:\Windows\system32\2014-11-22-20-30-35.088-AvastVBoxSVC.exe-3876.log
2014-11-22 14:40 - 2014-11-22 14:41 - 00000197 _____ () C:\Windows\system32\2014-11-22-13-40-58.088-AvastVBoxSVC.exe-3332.log
2014-11-21 22:36 - 2014-11-21 22:36 - 00000247 _____ () C:\Windows\system32\2014-11-21-21-36-43.008-aswFe.exe-3676.log
2014-11-21 22:31 - 2014-11-21 22:36 - 00000247 _____ () C:\Windows\system32\2014-11-21-21-31-41.034-aswFe.exe-3808.log
2014-11-21 22:31 - 2014-11-21 22:31 - 00000197 _____ () C:\Windows\system32\2014-11-21-21-31-34.019-AvastVBoxSVC.exe-4064.log
2014-11-20 20:05 - 2014-11-20 20:05 - 00000247 _____ () C:\Windows\system32\2014-11-20-19-05-20.089-aswFe.exe-6400.log
2014-11-20 20:01 - 2014-11-20 20:05 - 00000247 _____ () C:\Windows\system32\2014-11-20-19-01-41.054-aswFe.exe-6776.log
2014-11-20 20:01 - 2014-11-20 20:01 - 00000197 _____ () C:\Windows\system32\2014-11-20-19-01-38.049-AvastVBoxSVC.exe-5036.log
2014-11-20 19:58 - 2014-11-20 19:58 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-20 19:58 - 2014-11-20 19:58 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-20 19:41 - 2014-11-20 19:41 - 00001079 _____ () C:\Users\Excalibur\Desktop\qBittorrent.lnk
2014-11-20 18:41 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-20 18:41 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-20 18:41 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-20 18:41 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-20 18:40 - 2014-11-20 18:40 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-20 18:40 - 2014-11-20 18:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-19 18:17 - 2014-11-19 18:17 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\gegl-0.2
2014-11-19 18:16 - 2014-11-19 18:16 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-11-19 18:16 - 2014-11-19 18:16 - 00000882 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-11-19 18:15 - 2014-11-19 18:16 - 00000000 ____D () C:\Program Files\GIMP 2
2014-11-19 17:27 - 2014-11-19 17:27 - 00001318 _____ () C:\Users\Public\Desktop\ERDAS ER Viewer 14.0.lnk
2014-11-19 17:27 - 2014-11-19 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERDAS ER Viewer 2014
2014-11-19 17:27 - 2014-11-19 17:27 - 00000000 ____D () C:\Program Files (x86)\Intergraph
2014-11-19 17:24 - 2014-11-19 17:25 - 29785792 _____ () C:\Users\Excalibur\Documents\erdas-erviewer-v14.1-win-x86.zip
2014-11-19 17:22 - 2014-11-19 17:22 - 00003238 _____ () C:\Windows\System32\Tasks\{3A8F3309-D7C8-4A2C-97E8-A0A450E25371}
2014-11-19 17:17 - 2014-11-19 17:17 - 00003180 _____ () C:\Windows\System32\Tasks\{5214D90E-D2A7-4B35-A424-487E14B9C29E}
2014-11-19 17:17 - 2014-11-19 17:17 - 00000000 ____D () C:\Windows\ER Mapper
2014-11-18 22:14 - 2014-11-27 22:57 - 00000000 ____D () C:\Program Files (x86)\AutoDWG
2014-11-18 22:11 - 2014-11-18 22:14 - 10495656 _____ (AutoDWG) C:\Users\Excalibur\Downloads\DWF2DWGPro2015.exe
2014-11-18 21:39 - 2014-11-18 21:39 - 00000000 ____D () C:\Users\Excalibur\Documents\ZW3D
2014-11-18 21:37 - 2014-11-18 21:49 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\ZW3D 2012 Ita
2014-11-18 19:30 - 2014-11-18 19:30 - 01129472 _____ () C:\Users\Excalibur\Downloads\ADR2013Hotfix1.msp
2014-11-18 19:28 - 2014-11-18 19:30 - 00002107 _____ () C:\Users\Public\Desktop\Autodesk Design Review 2013.lnk
2014-11-18 19:27 - 2014-11-18 19:27 - 00000000 ____D () C:\SetupDesignReview2013.msi
2014-11-18 19:02 - 2014-11-18 20:16 - 241228472 _____ () C:\Users\Excalibur\Downloads\ZWCAD_Plus_2015_ITA.exe
2014-11-18 18:54 - 2014-11-19 14:53 - 00000000 ____D () C:\Program Files (x86)\WAN Miniport IKEv2
2014-11-18 18:54 - 2014-11-18 18:54 - 00034308 _____ () C:\Windows\SysWOW64\BASSMOD.dll
2014-11-18 18:46 - 2014-11-18 18:47 - 03197220 _____ (AnyDWG Software, Inc. ) C:\Users\Excalibur\Downloads\dwfdwg.exe
2014-11-17 19:23 - 2014-11-17 19:23 - 00000000 __SHD () C:\Users\Excalibur\AppData\Local\EmieBrowserModeList
2014-11-15 18:33 - 2014-11-15 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-15 18:33 - 2014-11-15 18:33 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-11-15 18:33 - 2014-11-15 18:33 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-12 05:20 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 05:20 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 05:20 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 05:20 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 05:20 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 05:20 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 05:20 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 05:20 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 05:20 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 05:20 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 05:20 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 05:20 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 05:20 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 05:20 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 05:20 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 05:20 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 05:20 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 05:20 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 05:20 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 05:20 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 05:20 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 05:20 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 05:19 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 05:19 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 05:19 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 05:19 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 05:19 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 05:19 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 05:19 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 05:19 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 05:19 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 05:19 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 05:19 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 05:19 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 05:19 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 05:19 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 05:19 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 05:19 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 05:19 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 05:19 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 05:19 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 05:19 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 05:19 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 05:19 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 05:19 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 05:19 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 05:19 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 05:19 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 05:19 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 05:19 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 05:19 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 05:19 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 05:19 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 05:19 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 05:19 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 05:19 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 04:37 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 04:37 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 04:37 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 04:37 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 04:37 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 04:37 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 04:37 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 04:37 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 04:37 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 04:36 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 04:36 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 04:36 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 04:36 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 04:36 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 04:36 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 04:36 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 04:36 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 04:36 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 04:36 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 04:36 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 04:36 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 04:36 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 04:36 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 04:30 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 04:30 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 04:30 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 04:30 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 04:30 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 04:30 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 04:30 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 09:56 - 2014-11-11 09:56 - 01923360 _____ (SoftPerfect Research ) C:\Users\Excalibur\Downloads\wifiguard_windows_setup(1).exe
2014-11-09 17:48 - 2014-11-09 19:55 - 00000049 _____ () C:\Users\Excalibur\Downloads\Gotham.1x05.Vipera.ITA.ENG.DLMux.XviD-Pir8.avi
2014-11-08 12:27 - 2014-11-08 12:27 - 00003286 _____ () C:\Windows\System32\Tasks\SamsungMagician
2014-11-08 12:27 - 2014-11-08 12:27 - 00000000 ____D () C:\ProgramData\Samsung
2014-11-08 12:27 - 2014-11-08 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-03 16:56 - 2012-04-06 18:15 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-03 16:26 - 2011-03-01 21:11 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-03 14:33 - 2009-07-14 05:45 - 00023632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-03 14:33 - 2009-07-14 05:45 - 00023632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-03 14:31 - 2009-07-14 11:53 - 00741402 _____ () C:\Windows\system32\perfh010.dat
2014-12-03 14:31 - 2009-07-14 11:53 - 00147456 _____ () C:\Windows\system32\perfc010.dat
2014-12-03 14:31 - 2009-07-14 06:13 - 01661252 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-03 14:29 - 2011-01-22 18:16 - 01870938 _____ () C:\Windows\WindowsUpdate.log
2014-12-03 14:26 - 2014-05-31 16:25 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\Akamai
2014-12-03 14:25 - 2012-07-31 19:30 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Dropbox
2014-12-03 14:25 - 2011-03-01 21:11 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-03 14:24 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-03 00:44 - 2013-09-23 20:05 - 00000000 ____D () C:\AdwCleaner
2014-12-03 00:34 - 2012-05-01 09:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-03 00:22 - 2012-04-21 09:03 - 00000000 ____D () C:\ProgramData\HiSuite
2014-12-03 00:06 - 2011-10-17 09:45 - 00000000 ____D () C:\Windows\Minidump
2014-12-03 00:05 - 2011-09-15 18:31 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\KeePass
2014-12-02 22:34 - 2011-11-27 22:25 - 00007438 _____ () C:\Users\Excalibur\Desktop\PasswordSSSxx.kdbx
2014-12-02 21:25 - 2011-01-22 18:20 - 00000000 ____D () C:\Users\Excalibur
2014-12-02 19:17 - 2011-05-05 21:58 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001Core.job
2014-12-01 21:50 - 2011-05-20 20:32 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Autodesk
2014-12-01 21:50 - 2011-05-20 20:32 - 00000000 ____D () C:\ProgramData\Autodesk
2014-11-30 22:28 - 2011-01-25 18:52 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\vlc
2014-11-28 19:54 - 2011-10-27 20:52 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\CrashDumps
2014-11-28 16:48 - 2013-12-16 14:41 - 00000000 ____D () C:\Users\Excalibur\Desktop\biv1123+6tr
2014-11-27 20:35 - 2014-06-27 15:27 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-27 17:56 - 2012-04-06 18:15 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-27 17:56 - 2012-04-06 18:15 - 00003916 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-27 17:56 - 2011-05-16 18:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 17:43 - 2013-05-29 16:18 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\CutePDF Writer
2014-11-25 17:43 - 2011-05-21 09:39 - 00006962 _____ () C:\Users\Excalibur\Documents\plot.log
2014-11-25 17:38 - 2014-06-01 10:56 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\cache
2014-11-23 21:31 - 2011-02-10 18:50 - 00000818 _____ () C:\Users\Excalibur\AppData\Roaming\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-11-23 12:56 - 2011-10-22 15:08 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Malwarebytes
2014-11-23 12:56 - 2011-10-22 15:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-23 12:20 - 2014-05-30 22:26 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2014-11-23 11:36 - 2014-03-26 21:43 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\SPB_Data
2014-11-22 14:42 - 2014-06-27 15:27 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-20 20:58 - 2013-05-13 18:07 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Audacity
2014-11-20 18:40 - 2014-06-27 15:27 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-19 14:53 - 2009-07-14 05:45 - 04999840 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-18 22:41 - 2011-01-23 20:37 - 00122296 _____ () C:\Users\Excalibur\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-18 22:36 - 2011-01-23 20:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-18 21:37 - 2014-05-30 18:20 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-11-18 19:30 - 2014-05-30 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-11-18 19:29 - 2011-05-20 20:43 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\Autodesk
2014-11-16 19:21 - 2011-03-01 21:11 - 00004146 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 19:21 - 2011-03-01 21:11 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 19:12 - 2011-05-05 21:58 - 00004154 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001UA
2014-11-16 19:12 - 2011-05-05 21:58 - 00003758 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001Core
2014-11-16 19:12 - 2011-05-05 21:58 - 00001176 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001UA.job
2014-11-15 18:16 - 2011-06-13 20:07 - 00317440 ___SH () C:\Users\Excalibur\Documents\Thumbs.db
2014-11-15 18:15 - 2012-07-31 19:31 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-13 08:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 06:05 - 2013-07-16 22:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 06:01 - 2011-01-23 23:39 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 09:57 - 2013-02-07 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect WiFi Guard
2014-11-11 09:57 - 2013-02-07 18:03 - 00000000 ____D () C:\Program Files\SoftPerfect WiFi Guard
2014-11-09 17:41 - 2014-10-20 18:07 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\Deployment
2014-11-08 12:27 - 2013-10-31 19:33 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-11-04 14:30 - 2011-01-22 21:13 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-03 20:11 - 2011-01-22 21:00 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Mozilla

Some content of TEMP:
====================
C:\Users\Excalibur\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphxye8_.dll
C:\Users\Excalibur\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Excalibur\AppData\Local\Temp\Quarantine.exe
C:\Users\Excalibur\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-27 17:56

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-12-2014
Ran by Excalibur at 2014-12-03 16:59:57
Running from C:\Users\Excalibur\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Agent Ransack 2010 (64-bit) (HKLM\...\Agent Ransack (64-bit)_is1) (Version:  - )
Agilent N5393C PCI-Express Test App 03.03.0000 (HKLM-x32\...\{46EB3EC7-71F2-4C2B-95A4-B696EECA5177}) (Version: 03.03.0000 - Agilent Technologies)
Akamai NetSession Interface (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{0BD776F3-057D-4C11-020C-4FA9B13D04F9}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{63059735-CA97-FDFB-0E7A-3B8D81572EFD}) (Version: 2.0.4888.34279 - Advanced Micro Devices, Inc.)
Applicazioni disponibili di Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Ashampoo Movie Studio 2013 v.1.0.4 (HKLM-x32\...\{91B33C97-EB09-F0A4-36AC-3895F9F93DD1}_is1) (Version: 1.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 5 v.5.7.0 (HKLM-x32\...\{91B33C97-9E02-D93E-656C-D2D81585F29B}_is1) (Version: 5.7.0 - Ashampoo GmbH & Co. KG)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AutoCAD 2013 – Italiano (Italian) (HKLM\...\AutoCAD 2013 – Italiano (Italian)) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 – Italiano (Italian) (Version: 19.0.204.0 - Autodesk) Hidden
AutoCAD 2013 – Italiano (Italian) (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 – Italiano (Italian) SP2 (HKLM\...\AutoCAD 2013 – Italiano (Italian) SP2) (Version: 1 - Autodesk)
AutoCAD 2013 Language Pack - Italiano (Italian) (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.155.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.1.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.1.0.82 - Autodesk, Inc.) Hidden
Autodesk Download Manager (HKLM-x32\...\{C897D9EC-13C6-4A22-ABF7-33F2126A7DB6}) (Version: 3.0.8.0 - Autodesk, Inc.)
Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (HKLM\...\{B46DECD1-1664-4EF1-0000-22D71E81877C}) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (HKLM\...\Modulo aggiuntivo Autodesk Inventor Fusion per Inventor 2012) (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Italiano (HKLM\...\Autodesk Inventor Professional 2012) (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Italiano (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk MapGuide® Viewer ActiveX Control Release 6 (HKLM-x32\...\{CFEFDE13-C8C6-407F-A9C1-889F29EE863F}) (Version: 6.0.0.0 - Autodesk, Inc.)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Avidemux 2.6 (HKLM-x32\...\Avidemux 2.6 (64-bit)) (Version: 2.6.0.8179 - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield Heroes (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
BioShock 2 (HKLM-x32\...\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}) (Version: 1.00.0000 - 2K Games)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version:  - )
BioShock Infinite Burial at Sea - Episode 1 (HKLM-x32\...\QmlvU2hvY2tJbmZpbml0ZQ==_is1) (Version: 1 - )
BlindWrite 6 (HKLM-x32\...\{005E738B-5A0A-4483-A900-877D183A8F45}_is1) (Version: 6.3.1.7d - VSO Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boxcryptor 2.0 (HKLM-x32\...\{C2157A16-C039-4F84-A49E-84116E4535C9}) (Version: 2.0.413.343 - Secomba GmbH)
calibre 64bit (HKLM\...\{E1A1B8F4-DB8E-4999-AB0E-CE929A040CDB}) (Version: 1.1.0 - Kovid Goyal)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.3.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.0.8 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.4.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.1.0.11 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.0.0.11 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.0.14 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cobian Backup 10 (HKLM-x32\...\CobBackup10) (Version:  - )
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
Company of Heroes 2 (HKLM-x32\...\Q29tcGFueW9mSGVyb2VzMg==_is1) (Version: 1 - )
Conversione Gray Matter TESTO (HKLM-x32\...\{049EA261-FDD4-4EE0-ABAB-59CF26441653}_is1) (Version:  - Vash)
CPUID CPU-Z 1.56 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskMark 3.0.2f (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
CuneiForm OpenOCR (HKLM-x32\...\{2C695618-6950-4C88-B836-A4FE7DD7FC9F}) (Version: 01.08.1006 - Cognitive Technologies)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Diagram Designer (HKLM-x32\...\Diagram Designer) (Version:  - )
DMC Devi May Cry © Capcom version 1 (HKLM-x32\...\DMC Devi May Cry © Capcom_is1) (Version: 1 - )
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.00 - Electronic Arts, Inc.)
DriverIdentifier 3.8 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version:  - DriverIdnetifier)
Dropbox (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
DWG TrueView 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
Eco Materials Adviser (x64) (HKLM\...\{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}) (Version: 1.32.0.0 - Granta Design Limited)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
ERDAS ER Viewer 2014 & Microsoft Office Plugin (HKLM-x32\...\ERDAS ER Viewer 14.0) (Version: 14.00.0001.00186 - Intergraph Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Evernote v. 5.7.2 (HKLM-x32\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Fallout New Vegas (HKLM-x32\...\Fallout New Vegas_is1) (Version:  - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FastStone Photo Resizer 3.2 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.2 - FastStone Soft.)
Focus Magic 4.01 (HKLM-x32\...\Focus Magic_is1) (Version: 4.01 - Acclaim Software Ltd)
FreeFileSync 5.11 (HKLM-x32\...\FreeFileSync) (Version: 5.11 - Zenju)
Freemake Video Converter versione 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Gears of War (HKLM-x32\...\InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}) (Version: 1.00.0000 - Microsoft Game Studios)
Gears of War (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{F0F8C39C-83EC-49FB-96C7-37F6A1B1A905}) (Version: 3.0.4989 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
Gray Matter (HKLM-x32\...\Gray Matter_is1) (Version:  - dtp)
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.1 - goldensoft.org)
HMR Channel Manager (HKLM-x32\...\5CFB35C5-721A-4DDB-9978-EDC5506CF873) (Version: 0.97beta - Kalash)
Hugin 2013.0.0 (HKLM-x32\...\Hugin) (Version: 2013.0.0 hg_0d404a7088e6 - The Hugin Development Team)
Importazione SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Installazione di DivX (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
InstantPhotoSketch 2.0 (HKLM-x32\...\{5A76F86F-C0E5-4755-BD6C-4FC627F17033}_is1) (Version:  - CPSSoftware)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iSkysoft Video Converter Ultimate(Build 5.0.0.0) (HKLM-x32\...\iSkysoft Video Converter Ultimate_is1) (Version: 5.0.0.0 - iSkysoft Software)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Karen's Directory Printer (HKLM-x32\...\Karen's Directory Printer) (Version: 5.3.0.2 - Karen Kenworthy)
KeePass Password Safe 2.17 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version:  - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Language Pack di Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
LG Bluetooth Drivers (HKLM-x32\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)
LG PC Suite IV (HKLM-x32\...\LG PC Suite IV) (Version: 4.3.31.20110804 - LG Electronics)
LG SP USB Driver (HKLM-x32\...\{E2AE8456-CCFE-46C0-8629-71CC507660FC}) (Version: 1.0 - LG Electronics)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
LibreOffice 4.1 Help Pack (Italian) (HKLM-x32\...\{830BA9EA-79A7-4434-9154-8B1E06F528FB}) (Version: 4.1.4.2 - The Document Foundation)
LibreOffice 4.2.6.3 (HKLM-x32\...\{14DB1822-00B5-4820-86B5-EF893CA46B53}) (Version: 4.2.6.3 - The Document Foundation)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Malwarebytes Anti-Malware versione 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MCCI®Firmware Update Driver for MTK (HKLM-x32\...\{13E92303-C1AC-4012-9E22-54EACBF54888}) (Version: 1.00.0000 - MCCI)
MediaInfo 0.7.67 (HKLM\...\MediaInfo) (Version: 0.7.67 - MediaArea.net)
Merge Version 2.3 (HKLM-x32\...\merge_is1) (Version:  - )
Microsoft .NET Compact Framework 2.0 SP1 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.6129 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850410-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{32A08044-0CFA-3758-902C-5D97746BA9A9}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiniTool Partition Wizard Home Edition 8.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Modulo aggiuntivo Autodesk Inventor Fusion per Inventor 2012 - Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Modulo aggiuntivo Autodesk Inventor Fusion per Inventor 2012 (Version: 1.0.0.18 - Autodesk) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1.1 (x86 it) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 it)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MTX (HKLM-x32\...\{6583D00E-0924-4950-8BE9-5D09FE70B333}) (Version: 1.0.0 - mektek.net)
MyHarmony (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Nero 7 Premium (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301040}) (Version: 7.02.9753 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
ORPALIS PDF Reducer Free Edition (HKLM-x32\...\{0DDB2FC6-EE08-4E53-AA8C-A8D87FA61F0A}) (Version: 1.1.4 - ORPALIS)
Pacchetto di compatibilità per Office System 2007 (HKLM-x32\...\{90120000-0020-0410-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
PC Wizard 2010.1.96 (HKLM-x32\...\PC Wizard 2010_is1) (Version:  - CPUID)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PriMus-DCF v.100a (HKLM-x32\...\{3BFED551-630D-4C5E-A90F-A6B7E9CF3CA0}) (Version: 100a - ACCA software S.p.A.)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Python 2.6.5 (HKLM-x32\...\{4723F199-FA64-4233-8E6E-9FCCC95A18EE}) (Version: 2.6.5150 - Python Software Foundation)
qBittorrent 3.0.11 (HKLM-x32\...\qbittorrent) (Version: 3.0.11 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.5 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Sandboxie 3.52 (64-bit) (HKLM\...\Sandboxie) (Version:  - )
Sniper Ghost Warrior (HKLM-x32\...\Sniper Ghost Warrior_is1) (Version:  - )
SoftPerfect WiFi Guard version 1.0.5 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.5 - SoftPerfect Research)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strumento per la disinstallazione rapida di Autodesk Inventor 2012 (HKLM\...\{D25FF5C1-1664-469A-9794-69309387C193}) (Version: 16.0.16000.0000 - Autodesk)
Supporto applicazioni Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
System Requirements Lab for Intel (HKLM-x32\...\{EFE3D683-903C-4B58-AB8F-C68C69F33758}) (Version: 4.5.3.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.48204.103 - Sonix)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2627.3) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wireshark 1.8.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.5 - The Wireshark developer community, http://www.wireshark.org)
WOL Magic Packet Sender (HKLM-x32\...\{E268ADBD-A002-4684-AEDF-EA0F83F7E00B}) (Version: 1.5.0 - Zwalisoft)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{17A14094-F274-44E2-B54B-FC0E966AE5C7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\LUxClientSink.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{2D5C6B27-86B3-4E81-9F8B-9C68887F5BE6}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\LUxUIMgr.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{714D325C-E9CE-44ab-A72A-36BB410BA19B}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\FEAFilesHandler.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (http://MediaArea.net/MediaInfo)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C0E7110B-2136-11D4-8DD0-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorMarshal.Dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2013\it-IT\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E6E92821-2731-4AA3-B919-D2BC514FEC64}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridgePS.Dll ()
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll No File

==================== Restore Points  =========================

15-11-2014 17:18:51 Windows Update
18-11-2014 17:46:39 Windows Update
18-11-2014 18:27:57 Installazione di Autodesk Design Review 2013 completata.
18-11-2014 20:30:46 ZW3D 2012  installato
18-11-2014 21:19:45 ZW3D 2012  rimosso
18-11-2014 21:35:53 Installed DWGSee Pro 2015
20-11-2014 17:36:46 avast! antivirus system restore point
21-11-2014 21:26:53 Windows Update
23-11-2014 11:20:17 Autodesk MapGuide® Viewer ActiveX Control Release 6 installato
23-11-2014 11:20:45 Autodesk MapGuide® Viewer ActiveX Control Release 6 installato
25-11-2014 15:34:26 Windows Update
27-11-2014 21:54:39 Removed DWGSee Pro 2015
28-11-2014 20:06:55 Windows Update
02-12-2014 14:22:47 Windows Update
02-12-2014 14:58:21 Installed Evernote v. 5.7.2

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2013-02-15 21:43 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {021BD0E8-CF5F-4415-BF78-BDE475B01034} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-20] (AVAST Software)
Task: {224FE19A-DA11-41A7-8510-C7E44D78AE47} - System32\Tasks\AdobeAAMUpdater-1.0-Excalibur-PC-Excalibur => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {34A7C5EC-566C-47A6-90EC-422AD555C6B2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001UA => C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {3826AA73-7FED-4A8D-88F9-F1D6AD11E7A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27] (Adobe Systems Incorporated)
Task: {5DCB5E07-ED4A-4439-9955-ABEF3EA5AE16} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {67B031C7-25CE-42EC-9D70-808695248685} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {AEA0C5DA-BF1F-448E-8690-AA456E67F27F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {B4C9C4B0-F1A3-4E56-83B0-8F11DB073CC4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {D3D77253-3D35-4C7B-B6C1-A327EC61A45F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001Core => C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {EC87F13C-6D22-493F-9AA5-0BEF08A3645A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001Core.job => C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001UA.job => C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-29 16:17 - 2012-10-04 18:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2011-11-06 22:28 - 2011-11-06 22:28 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-21 19:13 - 2013-08-23 12:36 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll
2011-11-06 21:27 - 2009-11-13 16:57 - 00320512 _____ () C:\Windows\tsnp2uvc.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2011-11-09 22:10 - 2011-11-09 22:10 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-12-03 14:25 - 2014-12-03 14:25 - 02904576 _____ () C:\Program Files\AVAST Software\Avast\defs\14120300\algo.dll
2014-05-30 22:33 - 2014-06-21 07:19 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-05-30 22:33 - 2014-06-21 07:19 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2011-01-23 20:23 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2011-01-23 20:23 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2014-12-03 14:25 - 2014-12-03 14:25 - 00043008 _____ () c:\Users\Excalibur\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphxye8_.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-11-20 18:40 - 2014-11-20 18:40 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-01 16:51 - 2014-12-01 16:51 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-12-03 14:25 - 2014-06-21 07:19 - 00104328 _____ () C:\Users\Excalibur\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: DAUpdaterSvc => 3
MSCONFIG\startupfolder: C:^Users^Excalibur^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: Cobian Backup 10 => "C:\Program Files (x86)\Cobian Backup 10\Cobian.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

========================= Accounts: ==========================

Administrator (S-1-5-21-440119699-676679962-2437733237-500 - Administrator - Disabled)
CVBOT1 (S-1-5-21-440119699-676679962-2437733237-1005 - Limited - Enabled) => C:\Users\CVBOT1.Excalibur-PC
Excalibur (S-1-5-21-440119699-676679962-2437733237-1001 - Administrator - Enabled) => C:\Users\Excalibur
Guest (S-1-5-21-440119699-676679962-2437733237-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-440119699-676679962-2437733237-1002 - Limited - Enabled)
MBOT1 (S-1-5-21-440119699-676679962-2437733237-1004 - Limited - Enabled) => C:\Users\MBOT1

==================== Faulty Device Manager Devices =============

Name: Canale IDE
Description: Canale IDE
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Controller IDE ATA/ATAPI standard)
Service: atapi
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: ATA Channel 1
Description: Canale IDE
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Controller IDE ATA/ATAPI standard)
Service: atapi
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/03/2014 04:57:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/03/2014 02:26:21 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/03/2014 02:25:56 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/03/2014 00:37:37 AM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/03/2014 00:37:13 AM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/02/2014 08:18:35 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/02/2014 08:17:57 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/02/2014 03:19:49 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/02/2014 03:19:25 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/01/2014 08:38:36 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.


System errors:
=============
Error: (12/03/2014 02:25:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifiche dell'applicazioneLocaleAvvio{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (tramite LRPC)

Error: (12/03/2014 02:25:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
%%-2140993535

Error: (12/03/2014 02:25:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore:
%%-2140993535

Error: (12/03/2014 02:25:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore:
%%-2140993535

Error: (12/03/2014 02:25:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
%%-2140993535

Error: (12/03/2014 02:25:36 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (12/03/2014 02:25:36 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (12/03/2014 02:25:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore:
%%-2140993535

Error: (12/03/2014 02:25:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
%%-2140993535

Error: (12/03/2014 02:25:29 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801


Microsoft Office Sessions:
=========================
Error: (12/03/2014 04:57:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Excalibur\Downloads\esetsmartinstaller_enu.exe

Error: (12/03/2014 02:26:21 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/03/2014 02:25:56 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/03/2014 00:37:37 AM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/03/2014 00:37:13 AM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/02/2014 08:18:35 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/02/2014 08:17:57 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/02/2014 03:19:49 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/02/2014 03:19:25 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/01/2014 08:38:36 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2013-02-15 21:42:46.622
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

  Date: 2013-02-15 21:42:46.513
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.


==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q9300 @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 4094.48 MB
Available physical RAM: 2151.27 MB
Total Pagefile: 4362.66 MB
Available Pagefile: 2356.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:17.58 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:97.65 GB) (Free:31.19 GB) NTFS
Drive e: (DATTANIUS) (Fixed) (Total:833.86 GB) (Free:55.97 GB) NTFS
Drive f: (NUOVO) (CDROM) (Total:0.11 GB) (Free:0 GB) CDFS
Drive h: (SC2-200-D1) (CDROM) (Total:7.83 GB) (Free:0 GB) UDF
Drive i: (VERBATIM HD) (Fixed) (Total:2048 GB) (Free:153.17 GB) NTFS
Drive l: (VERBATIM HD) (Fixed) (Total:746.34 GB) (Free:733.93 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: EF3F7C21)
Partition 1: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=833.9 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 9F1E424B)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 2048 GB) (Disk ID: 1B350A89)
Partition 1: (Not Active) - (Size=2048 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 746.5 GB) (Disk ID: 2E360902)
Partition 1: (Not Active) - (Size=746.5 GB) - (Type=0C)

==================== End Of Log ============================



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:10 AM

Posted 03 December 2014 - 01:51 PM


Infection detail:
URL hxxp:theadclick.com/
Process:C:\Program Files (x86)\WAN Miniport IKEv2\AgileVpn.exe


Refer to these pages.

http://www.freefixer.com/library/file/AgileVpn.exe-89144/

http://www.sevenforums.com/general-discussion/329612-agilevpn-exe.html

If you did not install this VPN then I suggest you disable it.
If all is well then you can decide if you want to remove it using the Add/Remove programs applet.
===


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
start

HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Policies\Explorer: []
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-440119699-676679962-2437733237-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO-x32: iSkysoft Video Converter Ultimate -> {C7C3BC26-4F2B-4997-A3CB-163337FE975B} -> C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll No File
Toolbar: HKU\S-1-5-21-440119699-676679962-2437733237-1001 -> No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
CHR Extension: (Google Wallet) - C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
U3 aizwt5r1; C:\Windows\System32\Drivers\aizwt5r1.sys [0 ] (Advanced Micro Devices)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\System32\Drivers\aizwt5r1.sys

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log Fixlog.txt please post it to your reply.
===

Download Security Check by screen317 from here
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

How is the computer running now?

======

#5 VirulentVomit

VirulentVomit
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 04 December 2014 - 09:13 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014
Ran by Excalibur at 2014-12-04 15:08:11 Run:1
Running from C:\Users\Excalibur\Desktop
Loaded Profile: Excalibur (Available profiles: Excalibur & MBOT1 & CVBOT1)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Policies\Explorer: []
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-440119699-676679962-2437733237-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO-x32: iSkysoft Video Converter Ultimate ->
{C7C3BC26-4F2B-4997-A3CB-163337FE975B} -> C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll No File
Toolbar: HKU\S-1-5-21-440119699-676679962-2437733237-1001 -> No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
CHR Extension: (Google Wallet) - C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
U3 aizwt5r1; C:\Windows\System32\Drivers\aizwt5r1.sys [0 ] (Advanced Micro Devices)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\System32\Drivers\aizwt5r1.sys

End
*****************

HKU\S-1-5-21-440119699-676679962-2437733237-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-440119699-676679962-2437733237-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\BHO-x32: iSkysoft Video Converter Ultimate ->" => Key not found.
"HKCR\Wow6432Node\CLSID\BHO-x32: iSkysoft Video Converter Ultimate ->" => Key not found.
{C7C3BC26-4F2B-4997-A3CB-163337FE975B} -> C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-440119699-676679962-2437733237-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EFEED92A-A33D-4873-BA8F-32BAA631E54D} => value deleted successfully.
"HKCR\CLSID\{EFEED92A-A33D-4873-BA8F-32BAA631E54D}" => Key not found.
C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => Moved successfully.
aizwt5r1 => Service not found.
Andbus => Service deleted successfully.
AndDiag => Service deleted successfully.
AndGps => Service deleted successfully.
ANDModem => Service deleted successfully.
catchme => Service deleted successfully.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
VGPU => Service deleted successfully.
"C:\Windows\System32\Drivers\aizwt5r1.sys" => File/Directory not found.

==== End of Fixlog ====



#6 VirulentVomit

VirulentVomit
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 04 December 2014 - 09:27 AM

 Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus   
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 55  
 Java version 32-bit out of Date!
 Adobe Flash Player 15.0.0.239  
 Mozilla Firefox (33.1.1)
 Google Chrome (39.0.2171.65)
 Google Chrome (39.0.2171.71)
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 6%
````````````````````End of Log``````````````````````



#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:10 AM

Posted 04 December 2014 - 10:33 AM

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
The latest version is Java 7 Update 71 for the 32 bit Operating system.
Java 8 Update 25 for the 64 bit Operating system.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882


If present remove the old version(s) of Java using the Add/Remove Programs applet.

Java 7 Update 55

===

If all is well.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#8 VirulentVomit

VirulentVomit
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 04 December 2014 - 03:32 PM

Hi Nasdaq, the computer is now running well, no more popup at the moment, seems the problem solved, i have already uninstalled the old version of java and then reinstalled the new version from java website, I thank you in advance for your help, let me know if we're done after you have viewed the log posted after the fix

Meanwhile thank you so much for your help.



#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:10 AM

Posted 05 December 2014 - 07:45 AM

You are looking good.

#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:10 AM

Posted 11 December 2014 - 08:52 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:10 AM

Posted 11 December 2014 - 11:41 AM

This topic has been re-opened at the request of the person who originally posted.

#12 VirulentVomit

VirulentVomit
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 11 December 2014 - 11:48 AM

i'm sorry, has just reappeared the popup ... she had not done ...
I still have other information to give: if i stay with the pointer on the objet of the avast popup it shows you the following:
outgoing mail 'Invoice #MA-7499HAF-88500' From:"Sasha Villane" auction@zonesieben.de, To:toossi8525@gmail.com|MA-

7499HAF-88500.zip#2709106546|MA-7499HAF88500.zip|MA-7499HAF-88500.scr

 

Now i've deactivated the RASagileVpn service, i sometimes use Teamviewer, i hope this not use AgileVpn Service


Edited by VirulentVomit, 11 December 2014 - 11:51 AM.


#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:10 AM

Posted 11 December 2014 - 01:13 PM

Please run the Farbar tool and submit a fresh FRST LOG.

I will remove it.

#14 VirulentVomit

VirulentVomit
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 11 December 2014 - 03:37 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 01
Ran by Excalibur (administrator) on EXCALIBUR-PC on 11-12-2014 21:35:32
Running from C:\Users\Excalibur\Desktop
Loaded Profile: Excalibur (Available profiles: Excalibur & MBOT1 & CVBOT1)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Italiano (Italia)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Google Inc.) C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SONIX) C:\Windows\FixCamera.exe
(Dropbox, Inc.) C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Windows\tsnp2uvc.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Excalibur\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Excalibur\AppData\Local\Akamai\netsession_win.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Excalibur\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [675840 2008-08-01] (Sonix)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [188928 2008-08-21] (SONIX)
HKLM-x32\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [675840 2008-08-01] (Sonix)
HKLM-x32\...\Run: [tsnp2uvc] => C:\Windows\tsnp2uvc.exe [320512 2009-11-13] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1807360 2011-10-19] (Dominik Reichl)
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\BrowserPlugInHelper.exe [1956352 2013-12-11] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-06-21] (Autodesk Inc.)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-20] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [592616 2011-01-12] (SANDBOXIE L.T.D)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2012-12-05] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [WiFi Guard] => C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe [3897040 2014-11-10] (SoftPerfect Research)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [Google Update] => C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [EPSON SX510W Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE [223232 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Excalibur\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [Google+ Auto Backup] => C:\Users\Excalibur\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
Startup: C:\Users\Excalibur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Excalibur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\emule.exe - collegamento.lnk
ShortcutTarget: emule.exe - collegamento.lnk -> E:\EMULE\emule.exe (http://www.emule-project.net)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-440119699-676679962-2437733237-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-440119699-676679962-2437733237-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\S-1-5-21-440119699-676679962-2437733237-1001 -> DefaultScope {7C14259C-A1B0-4354-A40D-179D4E7DE8A1} URL = http://www.google.it/search?hl=it&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-21-440119699-676679962-2437733237-1001 -> {7C14259C-A1B0-4354-A40D-179D4E7DE8A1} URL = http://www.google.it/search?hl=it&q={searchTerms}&meta=
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HistoryTriggerBHO Class -> {21A88CB9-84D2-4020-A2D1-B25A21034884} -> C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Guida per l'accesso all'account Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: iSkysoft Video Converter Ultimate -> {C7C3BC26-4F2B-4997-A3CB-163337FE975B} -> C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Excalibur\AppData\Roaming\Mozilla\Firefox\Profiles\wp9xxgax.default-1417551203700
FF Homepage: https://www.google.it/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-440119699-676679962-2437733237-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Excalibur\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-440119699-676679962-2437733237-1001: @talk.google.com/O1DPlugin -> C:\Users\Excalibur\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-440119699-676679962-2437733237-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-440119699-676679962-2437733237-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Excalibur\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Excalibur\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: KeeFox - C:\Users\Excalibur\AppData\Roaming\Mozilla\Firefox\Profiles\wp9xxgax.default-1417551203700\Extensions\keefox@chris.tomlinson [2014-12-04]
FF HKLM-x32\...\Firefox\Extensions: [{845257EF-A892-484e-8EB0-47F563D75939}] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt
FF Extension: iSkysoft Video Converter Ultimate - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt [2013-12-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-27]
FF HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Firefox\Extensions: [{845257EF-A892-484e-8EB0-47F563D75939}] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt

Chrome:
=======
CHR Profile: C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-24]
CHR Extension: (iSkysoft Video Converter Ultimate) - C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfeafapmnniobpffacckpddijdjgpmj [2014-05-30]
CHR Extension: (adf.ly Redir) - C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\okpbglfbenhongfconamjdgbbdfnjano [2013-12-15]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2013-05-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-20]
CHR HKLM-x32\...\Chrome\Extension: [hlfeafapmnniobpffacckpddijdjgpmj] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRChromePlugin.crx [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-05-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [596360 2014-06-21] (Autodesk Inc.)
S4 AgileVpn; C:\Program Files (x86)\WAN Miniport IKEv2\AgileVpn.exe [32768 2011-11-18] (Microsoft Corporation) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-20] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-20] (Avast Software)
R2 cbVSCService; C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe [67584 2010-09-23] (CobianSoft, Luis Cobian) [File not signed]
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 mitsijm2012; C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-07] (Autodesk, Inc.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2011-11-06] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [91368 2011-01-12] (SANDBOXIE L.T.D)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-20] ()
S3 cpuz134; C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [21480 2010-07-09] (Windows ® Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-22] (DT Soft Ltd)
U5 ET5Drv; C:\Windows\ET5Drv.sys [36416 2007-10-16] (Windows ® Codename Longhorn DDK provider)
R3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2011-02-01] (VSO Software)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-02-01] ()
S3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
S3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-07-01] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-07-01] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [147048 2011-01-12] (SANDBOXIE L.T.D)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3557248 2009-06-03] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-01-25] (Duplex Secure Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-20] (Avast Software)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [176640 2011-08-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [230400 2011-08-20] (VIA Technologies, Inc.)
U3 afsh7fns; C:\Windows\System32\Drivers\afsh7fns.sys [0 ] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-11 21:35 - 2014-12-11 21:35 - 00022843 _____ () C:\Users\Excalibur\Desktop\FRST.txt
2014-12-11 21:32 - 2014-12-11 21:32 - 02119680 _____ (Farbar) C:\Users\Excalibur\Desktop\FRST64(1).exe
2014-12-11 18:08 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 18:08 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 18:08 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 18:08 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 18:08 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 18:08 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 18:08 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-11 18:08 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-11 18:08 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-11 18:08 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 16:01 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 16:01 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 16:01 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 16:00 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 16:00 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 16:00 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 16:00 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 16:00 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 16:00 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 16:00 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 16:00 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 16:00 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 16:00 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 16:00 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 16:00 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 16:00 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 16:00 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-11 16:00 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 16:00 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 16:00 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 16:00 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 16:00 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 16:00 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 16:00 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 16:00 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 16:00 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 16:00 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 16:00 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 16:00 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 16:00 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 16:00 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 16:00 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 16:00 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 16:00 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 16:00 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 16:00 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 16:00 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 16:00 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 16:00 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 16:00 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 16:00 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 16:00 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 16:00 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 16:00 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 16:00 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 16:00 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 16:00 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 16:00 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 16:00 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 16:00 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 16:00 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 16:00 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 16:00 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 16:00 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 16:00 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 16:00 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 16:00 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 16:00 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 16:00 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 15:59 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 15:59 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 15:59 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 15:59 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 15:59 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 15:59 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 15:59 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 15:59 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 15:59 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 15:59 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 15:59 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 15:59 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 15:59 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 15:59 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 21:11 - 2014-12-09 21:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 20:20 - 2014-12-09 20:20 - 00000000 ____D () C:\ProgramData\ATI
2014-12-09 20:15 - 2014-12-09 20:15 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Raptr
2014-12-09 20:15 - 2014-12-09 20:15 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-12-09 20:15 - 2014-12-09 20:15 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-12-09 20:14 - 2014-12-09 20:14 - 00053564 _____ () C:\Windows\SysWOW64\CCCInstall_201412092014472334.log
2014-12-09 20:14 - 2014-12-09 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-12-09 19:29 - 2014-12-09 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2014-12-05 21:40 - 2014-12-09 20:15 - 00000000 ____D () C:\ProgramData\AMD
2014-12-05 21:40 - 2014-12-05 21:40 - 00056548 _____ () C:\Windows\SysWOW64\CCCInstall_201412052140408095.log
2014-12-05 21:37 - 2014-12-09 20:10 - 00000000 ____D () C:\Program Files\AMD
2014-12-05 21:14 - 2014-12-05 21:14 - 00891224 _____ (AMD) C:\Users\Excalibur\Downloads\amddriverdownloader.exe
2014-12-05 21:12 - 2014-12-05 21:12 - 00001188 _____ () C:\Windows\IE11_main.log
2014-12-05 21:11 - 2014-12-05 21:12 - 02077392 _____ (Microsoft Corporation) C:\Users\Excalibur\Downloads\IE11-Windows6.1.exe
2014-12-05 20:58 - 2014-12-05 20:58 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\My Games
2014-12-04 18:53 - 2014-12-04 18:53 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-04 18:53 - 2014-12-04 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-04 18:52 - 2014-12-04 18:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-04 18:51 - 2014-12-04 18:51 - 29727656 _____ (Oracle Corporation) C:\Users\Excalibur\Downloads\jre-8u25-windows-i586.exe
2014-12-04 15:07 - 2014-12-04 15:07 - 00001339 _____ () C:\Users\Excalibur\Downloads\fixlist.txt
2014-12-03 17:00 - 2014-12-03 17:00 - 00078716 _____ () C:\Users\Excalibur\Downloads\Addition.txt
2014-12-03 16:59 - 2014-12-11 21:35 - 00000000 ____D () C:\FRST
2014-12-03 00:34 - 2014-12-11 20:49 - 00001214 _____ () C:\Windows\setupact.log
2014-12-03 00:34 - 2014-12-05 18:48 - 00002984 _____ () C:\Windows\PFRO.log
2014-12-03 00:34 - 2014-12-03 00:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-03 00:29 - 2014-12-03 00:29 - 02154496 _____ () C:\Users\Excalibur\Downloads\adwcleaner_4.103.exe
2014-12-03 00:09 - 2014-12-03 00:09 - 00007102 _____ () C:\Users\Excalibur\Downloads\startup.txt
2014-12-02 21:25 - 2014-12-02 21:25 - 00000000 _____ () C:\autoexec.bat
2014-12-02 21:18 - 2014-12-02 21:18 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Excalibur\Downloads\SpyHunter-Installer.exe
2014-12-02 21:13 - 2014-12-02 21:13 - 00000000 ____D () C:\Users\Excalibur\Desktop\Dati precedenti di Firefox
2014-12-02 21:12 - 2014-12-02 21:12 - 00310764 _____ () C:\Users\Excalibur\Desktop\bookmarks-2014-12-02.json
2014-12-02 15:59 - 2014-12-02 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-11-28 19:05 - 2014-11-28 19:05 - 02347384 _____ (ESET) C:\Users\Excalibur\Downloads\esetsmartinstaller_enu.exe
2014-11-28 19:05 - 2014-11-28 19:05 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-28 19:04 - 2014-11-28 19:04 - 00362880 _____ (Kaspersky Lab) C:\Users\Excalibur\Downloads\setup.exe
2014-11-28 18:22 - 2014-11-28 18:22 - 00051491 _____ () C:\Users\Excalibur\Downloads\Result.txt
2014-11-28 18:20 - 2014-11-28 18:20 - 00401920 _____ (Farbar) C:\Users\Excalibur\Downloads\MiniToolBox.exe
2014-11-28 18:05 - 2014-11-28 18:05 - 00014557 _____ () C:\Users\Excalibur\Downloads\hijackthis.log
2014-11-28 18:03 - 2014-11-28 18:03 - 00388608 _____ (Trend Micro Inc.) C:\Users\Excalibur\Downloads\HijackThis.exe
2014-11-28 17:26 - 2014-11-28 17:27 - 05598707 _____ (Swearware) C:\Users\Excalibur\Downloads\ComboFix (1).exe
2014-11-28 17:18 - 2014-11-28 17:19 - 05598707 _____ (Swearware) C:\Users\Excalibur\Downloads\ComboFix.exe
2014-11-28 16:38 - 2014-11-28 16:38 - 02117632 _____ (Farbar) C:\Users\Excalibur\Downloads\FRST64.exe
2014-11-23 12:56 - 2014-12-04 18:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-23 12:56 - 2014-11-23 12:56 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-23 12:56 - 2014-11-23 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-23 12:56 - 2014-11-23 12:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-23 12:56 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-23 12:56 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-23 12:37 - 2014-11-23 12:37 - 00000000 _____ () C:\Users\Excalibur\Downloads\igm
2014-11-23 12:20 - 2014-11-23 12:20 - 02850062 _____ (InstallShield Software Corporation) C:\Users\Excalibur\Downloads\mgControl60.exe
2014-11-23 11:57 - 2014-11-23 11:57 - 00004344 _____ () C:\Users\Excalibur\AppData\Local\recently-used.xbel
2014-11-23 11:46 - 2014-11-23 11:46 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\webkit
2014-11-23 11:36 - 2014-11-23 11:57 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\gtk-2.0
2014-11-23 11:29 - 2014-11-23 11:29 - 00000565 _____ () C:\Users\Excalibur\Desktop\XnView.lnk
2014-11-23 11:28 - 2014-11-23 11:35 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\XnView
2014-11-23 11:28 - 2013-12-08 14:47 - 00000000 ____D () C:\Users\Excalibur\Desktop\XnView
2014-11-23 11:24 - 2014-11-23 11:24 - 03126213 _____ ( ) C:\Users\Excalibur\Downloads\merge23.exe
2014-11-23 11:24 - 2014-11-23 11:24 - 00000963 _____ () C:\Users\Excalibur\Desktop\Merge.lnk
2014-11-23 11:24 - 2014-11-23 11:24 - 00000000 ____D () C:\Windows\SysWOW64\(app)
2014-11-23 11:24 - 2014-11-23 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\merge
2014-11-23 11:24 - 2014-11-23 11:24 - 00000000 ____D () C:\Program Files (x86)\Merge
2014-11-23 11:15 - 2014-11-23 11:15 - 00000197 _____ () C:\Windows\system32\2014-11-23-10-15-25.005-AvastVBoxSVC.exe-3916.log
2014-11-22 21:30 - 2014-11-22 21:30 - 00000197 _____ () C:\Windows\system32\2014-11-22-20-30-35.088-AvastVBoxSVC.exe-3876.log
2014-11-22 14:40 - 2014-11-22 14:41 - 00000197 _____ () C:\Windows\system32\2014-11-22-13-40-58.088-AvastVBoxSVC.exe-3332.log
2014-11-21 22:36 - 2014-11-21 22:36 - 00000247 _____ () C:\Windows\system32\2014-11-21-21-36-43.008-aswFe.exe-3676.log
2014-11-21 22:31 - 2014-11-21 22:36 - 00000247 _____ () C:\Windows\system32\2014-11-21-21-31-41.034-aswFe.exe-3808.log
2014-11-21 22:31 - 2014-11-21 22:31 - 00000197 _____ () C:\Windows\system32\2014-11-21-21-31-34.019-AvastVBoxSVC.exe-4064.log
2014-11-21 03:44 - 2014-11-21 03:44 - 11076784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-11-21 03:43 - 2014-11-21 03:43 - 07558816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-11-21 03:43 - 2014-11-21 03:43 - 07077776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-11-21 03:41 - 2014-11-21 03:41 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-11-21 03:40 - 2014-11-21 03:40 - 18959360 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-11-21 03:33 - 2014-11-21 03:33 - 47899136 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00235008 _____ () C:\Windows\system32\clinfo.exe
2014-11-21 03:33 - 2014-11-21 03:33 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-11-21 03:32 - 2014-11-21 03:32 - 40987136 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-11-21 03:31 - 2014-11-21 03:31 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-11-21 03:31 - 2014-11-21 03:31 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-11-21 03:24 - 2014-11-21 03:24 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 23621632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 05837312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-11-21 03:17 - 2014-11-21 03:17 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-11-21 03:17 - 2014-11-21 03:17 - 00631912 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-11-21 03:17 - 2014-11-21 03:17 - 00631912 _____ () C:\Windows\system32\atiapfxx.blb
2014-11-21 03:17 - 2014-11-21 03:17 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-11-21 03:17 - 2014-11-21 03:17 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-11-21 03:17 - 2014-11-21 03:17 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-11-21 03:15 - 2014-11-21 03:15 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-11-21 03:13 - 2014-11-21 03:13 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-11-21 03:13 - 2014-11-21 03:13 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-11-21 03:13 - 2014-11-21 03:13 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-11-21 03:12 - 2014-11-21 03:12 - 00774656 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-11-21 03:12 - 2014-11-21 03:12 - 00244736 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-11-21 03:12 - 2014-11-21 03:12 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-11-21 03:12 - 2014-11-21 03:12 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-11-21 03:10 - 2014-11-21 03:10 - 00843776 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00903168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-11-21 03:08 - 2014-11-21 03:08 - 00589312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-11-21 03:08 - 2014-11-21 03:08 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-11-21 03:08 - 2014-11-21 03:08 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-11-21 03:08 - 2014-11-21 03:08 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-11-20 21:36 - 2014-11-20 21:36 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-11-20 21:35 - 2014-11-20 21:35 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
2014-11-20 20:05 - 2014-11-20 20:05 - 00000247 _____ () C:\Windows\system32\2014-11-20-19-05-20.089-aswFe.exe-6400.log
2014-11-20 20:01 - 2014-11-20 20:05 - 00000247 _____ () C:\Windows\system32\2014-11-20-19-01-41.054-aswFe.exe-6776.log
2014-11-20 20:01 - 2014-11-20 20:01 - 00000197 _____ () C:\Windows\system32\2014-11-20-19-01-38.049-AvastVBoxSVC.exe-5036.log
2014-11-20 19:58 - 2014-11-20 19:58 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-20 19:58 - 2014-11-20 19:58 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-20 19:41 - 2014-11-20 19:41 - 00001079 _____ () C:\Users\Excalibur\Desktop\qBittorrent.lnk
2014-11-20 18:41 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-20 18:41 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-20 18:41 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-20 18:41 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-20 18:40 - 2014-11-20 18:40 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-20 18:40 - 2014-11-20 18:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-19 18:17 - 2014-11-19 18:17 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\gegl-0.2
2014-11-19 18:16 - 2014-11-19 18:16 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-11-19 18:16 - 2014-11-19 18:16 - 00000882 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-11-19 18:15 - 2014-11-19 18:16 - 00000000 ____D () C:\Program Files\GIMP 2
2014-11-19 17:27 - 2014-11-19 17:27 - 00001318 _____ () C:\Users\Public\Desktop\ERDAS ER Viewer 14.0.lnk
2014-11-19 17:27 - 2014-11-19 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERDAS ER Viewer 2014
2014-11-19 17:27 - 2014-11-19 17:27 - 00000000 ____D () C:\Program Files (x86)\Intergraph
2014-11-19 17:24 - 2014-11-19 17:25 - 29785792 _____ () C:\Users\Excalibur\Documents\erdas-erviewer-v14.1-win-x86.zip
2014-11-19 17:22 - 2014-11-19 17:22 - 00003238 _____ () C:\Windows\System32\Tasks\{3A8F3309-D7C8-4A2C-97E8-A0A450E25371}
2014-11-19 17:17 - 2014-11-19 17:17 - 00003180 _____ () C:\Windows\System32\Tasks\{5214D90E-D2A7-4B35-A424-487E14B9C29E}
2014-11-19 17:17 - 2014-11-19 17:17 - 00000000 ____D () C:\Windows\ER Mapper
2014-11-18 22:14 - 2014-11-27 22:57 - 00000000 ____D () C:\Program Files (x86)\AutoDWG
2014-11-18 22:11 - 2014-11-18 22:14 - 10495656 _____ (AutoDWG) C:\Users\Excalibur\Downloads\DWF2DWGPro2015.exe
2014-11-18 21:39 - 2014-11-18 21:39 - 00000000 ____D () C:\Users\Excalibur\Documents\ZW3D
2014-11-18 21:37 - 2014-11-18 21:49 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\ZW3D 2012 Ita
2014-11-18 19:30 - 2014-11-18 19:30 - 01129472 _____ () C:\Users\Excalibur\Downloads\ADR2013Hotfix1.msp
2014-11-18 19:28 - 2014-11-18 19:30 - 00002107 _____ () C:\Users\Public\Desktop\Autodesk Design Review 2013.lnk
2014-11-18 19:27 - 2014-11-18 19:27 - 00000000 ____D () C:\SetupDesignReview2013.msi
2014-11-18 19:02 - 2014-11-18 20:16 - 241228472 _____ () C:\Users\Excalibur\Downloads\ZWCAD_Plus_2015_ITA.exe
2014-11-18 18:54 - 2014-11-19 14:53 - 00000000 ____D () C:\Program Files (x86)\WAN Miniport IKEv2
2014-11-18 18:54 - 2014-11-18 18:54 - 00034308 _____ () C:\Windows\SysWOW64\BASSMOD.dll
2014-11-18 18:46 - 2014-11-18 18:47 - 03197220 _____ (AnyDWG Software, Inc. ) C:\Users\Excalibur\Downloads\dwfdwg.exe
2014-11-17 19:23 - 2014-11-17 19:23 - 00000000 __SHD () C:\Users\Excalibur\AppData\Local\EmieBrowserModeList
2014-11-15 18:33 - 2014-11-15 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-15 18:33 - 2014-11-15 18:33 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-11-15 18:33 - 2014-11-15 18:33 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-12 04:37 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 04:37 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 04:37 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 04:37 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 04:37 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 04:37 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 04:37 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 04:37 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 04:37 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 04:37 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 04:37 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 04:36 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 04:36 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 04:36 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 04:36 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 04:36 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 04:36 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 04:36 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 04:36 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 04:36 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 04:36 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 04:36 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 04:36 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 04:36 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 04:36 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 04:30 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 04:30 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 04:30 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 04:30 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 04:30 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 04:30 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 04:30 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 09:56 - 2014-11-11 09:56 - 01923360 _____ (SoftPerfect Research ) C:\Users\Excalibur\Downloads\wifiguard_windows_setup(1).exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-11 21:32 - 2014-08-14 07:37 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\Adobe
2014-12-11 21:31 - 2012-04-06 18:15 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 21:31 - 2012-04-06 18:15 - 00003916 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 21:31 - 2012-04-06 18:15 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-11 21:31 - 2011-05-16 18:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 21:29 - 2011-01-25 18:52 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\vlc
2014-12-11 21:26 - 2011-03-01 21:11 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-11 21:10 - 2014-05-31 16:25 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\Akamai
2014-12-11 21:09 - 2012-07-31 19:30 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Dropbox
2014-12-11 21:08 - 2011-03-01 21:11 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-11 20:54 - 2011-01-22 18:16 - 01661154 _____ () C:\Windows\WindowsUpdate.log
2014-12-11 20:54 - 2009-07-14 11:53 - 00741402 _____ () C:\Windows\system32\perfh010.dat
2014-12-11 20:54 - 2009-07-14 11:53 - 00147456 _____ () C:\Windows\system32\perfc010.dat
2014-12-11 20:54 - 2009-07-14 06:13 - 01661252 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-11 20:54 - 2009-07-14 05:45 - 00023632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-11 20:54 - 2009-07-14 05:45 - 00023632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-11 20:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-11 20:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 18:14 - 2013-07-16 22:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 18:10 - 2011-01-23 23:39 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 18:07 - 2011-09-15 18:31 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\KeePass
2014-12-11 15:45 - 2014-06-27 15:27 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-10 17:49 - 2012-05-01 09:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 20:17 - 2011-02-15 19:10 - 00001940 _____ () C:\Windows\Sandboxie.ini
2014-12-09 20:13 - 2011-12-19 19:22 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-12-09 20:13 - 2011-11-23 10:18 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-12-09 19:35 - 2014-04-30 16:55 - 00000000 ____D () C:\AMD
2014-12-09 19:29 - 2014-11-08 12:27 - 00003290 _____ () C:\Windows\System32\Tasks\SamsungMagician
2014-12-05 22:46 - 2011-10-27 20:52 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\CrashDumps
2014-12-05 21:39 - 2011-12-19 19:22 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-12-05 21:34 - 2014-05-30 16:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-05 20:58 - 2011-01-31 23:51 - 00000000 ____D () C:\Users\Excalibur\Documents\My Games
2014-12-05 19:17 - 2011-05-05 21:58 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001Core.job
2014-12-04 22:03 - 2011-01-30 22:54 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\DAEMON Tools Lite
2014-12-04 18:55 - 2011-11-15 21:16 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-12-04 18:52 - 2013-10-21 21:56 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-04 18:39 - 2014-04-21 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-12-04 18:39 - 2014-04-21 13:59 - 00000000 ____D () C:\Program Files\DivX
2014-12-04 18:39 - 2014-04-21 13:58 - 00000000 ____D () C:\ProgramData\DivX
2014-12-04 18:39 - 2014-04-21 13:58 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-12-03 00:44 - 2013-09-23 20:05 - 00000000 ____D () C:\AdwCleaner
2014-12-03 00:22 - 2012-04-21 09:03 - 00000000 ____D () C:\ProgramData\HiSuite
2014-12-03 00:06 - 2011-10-17 09:45 - 00000000 ____D () C:\Windows\Minidump
2014-12-02 22:34 - 2011-11-27 22:25 - 00007438 _____ () C:\Users\Excalibur\Desktop\PasswordSSSxx.kdbx
2014-12-02 21:25 - 2011-01-22 18:20 - 00000000 ____D () C:\Users\Excalibur
2014-12-01 21:50 - 2011-05-20 20:32 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Autodesk
2014-12-01 21:50 - 2011-05-20 20:32 - 00000000 ____D () C:\ProgramData\Autodesk
2014-11-28 16:48 - 2013-12-16 14:41 - 00000000 ____D () C:\Users\Excalibur\Desktop\biv1123+6tr
2014-11-25 17:43 - 2013-05-29 16:18 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\CutePDF Writer
2014-11-25 17:43 - 2011-05-21 09:39 - 00006962 _____ () C:\Users\Excalibur\Documents\plot.log
2014-11-25 17:38 - 2014-06-01 10:56 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\cache
2014-11-23 21:31 - 2011-02-10 18:50 - 00000818 _____ () C:\Users\Excalibur\AppData\Roaming\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-11-23 12:56 - 2011-10-22 15:08 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Malwarebytes
2014-11-23 12:56 - 2011-10-22 15:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-23 12:20 - 2014-05-30 22:26 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2014-11-23 11:36 - 2014-03-26 21:43 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\SPB_Data
2014-11-22 14:42 - 2014-06-27 15:27 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-21 03:44 - 2011-11-10 04:16 - 01127496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-11-21 03:44 - 2011-11-10 04:15 - 01348928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-11-21 03:44 - 2011-11-10 04:06 - 09401480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-11-21 03:44 - 2011-11-10 03:11 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-11-21 03:44 - 2011-11-10 03:11 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-11-21 03:43 - 2011-11-10 03:40 - 08379720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-11-21 03:43 - 2011-11-10 03:24 - 08369408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-11-21 03:12 - 2014-09-15 23:03 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-11-21 03:09 - 2011-11-10 03:13 - 01214976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-11-20 20:58 - 2013-05-13 18:07 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Audacity
2014-11-20 18:40 - 2014-06-27 15:27 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-20 18:40 - 2014-06-27 15:27 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-19 14:53 - 2009-07-14 05:45 - 04999840 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-18 22:41 - 2011-01-23 20:37 - 00122296 _____ () C:\Users\Excalibur\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-18 22:36 - 2011-01-23 20:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-18 21:37 - 2014-05-30 18:20 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-11-18 19:30 - 2014-05-30 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-11-18 19:29 - 2011-05-20 20:43 - 00000000 ____D () C:\Users\Excalibur\AppData\Local\Autodesk
2014-11-16 19:21 - 2011-03-01 21:11 - 00004146 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 19:21 - 2011-03-01 21:11 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 19:12 - 2011-05-05 21:58 - 00004154 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001UA
2014-11-16 19:12 - 2011-05-05 21:58 - 00003758 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001Core
2014-11-16 19:12 - 2011-05-05 21:58 - 00001176 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001UA.job
2014-11-15 18:16 - 2011-06-13 20:07 - 00317440 ___SH () C:\Users\Excalibur\Documents\Thumbs.db
2014-11-15 18:15 - 2012-07-31 19:31 - 00000000 ____D () C:\Users\Excalibur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-13 08:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-11 09:57 - 2013-02-07 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect WiFi Guard
2014-11-11 09:57 - 2013-02-07 18:03 - 00000000 ____D () C:\Program Files\SoftPerfect WiFi Guard

Some content of TEMP:
====================
C:\Users\Excalibur\AppData\Local\Temp\amd-catalyst-14-9-win7-win8.1-64bit-dd-ccc-whql.exe
C:\Users\Excalibur\AppData\Local\Temp\DivXSetup.exe
C:\Users\Excalibur\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbew3zm.dll
C:\Users\Excalibur\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Excalibur\AppData\Local\Temp\Quarantine.exe
C:\Users\Excalibur\AppData\Local\Temp\raptr_stub.exe
C:\Users\Excalibur\AppData\Local\Temp\Samsung_Magician_Setup_v45.exe
C:\Users\Excalibur\AppData\Local\Temp\sqlite3.dll
C:\Users\Excalibur\AppData\Local\Temp\tmpC9B4.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 19:46

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2014 01
Ran by Excalibur at 2014-12-11 21:36:09
Running from C:\Users\Excalibur\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Agent Ransack 2010 (64-bit) (HKLM\...\Agent Ransack (64-bit)_is1) (Version:  - )
Agilent N5393C PCI-Express Test App 03.03.0000 (HKLM-x32\...\{46EB3EC7-71F2-4C2B-95A4-B696EECA5177}) (Version: 03.03.0000 - Agilent Technologies)
Akamai NetSession Interface (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{63059735-CA97-FDFB-0E7A-3B8D81572EFD}) (Version: 2.0.4888.34279 - Advanced Micro Devices, Inc.)
Applicazioni disponibili di Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Ashampoo Movie Studio 2013 v.1.0.4 (HKLM-x32\...\{91B33C97-EB09-F0A4-36AC-3895F9F93DD1}_is1) (Version: 1.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 5 v.5.7.0 (HKLM-x32\...\{91B33C97-9E02-D93E-656C-D2D81585F29B}_is1) (Version: 5.7.0 - Ashampoo GmbH & Co. KG)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AutoCAD 2013 – Italiano (Italian) (HKLM\...\AutoCAD 2013 – Italiano (Italian)) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 – Italiano (Italian) (Version: 19.0.204.0 - Autodesk) Hidden
AutoCAD 2013 – Italiano (Italian) (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 – Italiano (Italian) SP2 (HKLM\...\AutoCAD 2013 – Italiano (Italian) SP2) (Version: 1 - Autodesk)
AutoCAD 2013 Language Pack - Italiano (Italian) (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.155.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.1.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.1.0.82 - Autodesk, Inc.) Hidden
Autodesk Download Manager (HKLM-x32\...\{C897D9EC-13C6-4A22-ABF7-33F2126A7DB6}) (Version: 3.0.8.0 - Autodesk, Inc.)
Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (HKLM\...\{B46DECD1-1664-4EF1-0000-22D71E81877C}) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (HKLM\...\Modulo aggiuntivo Autodesk Inventor Fusion per Inventor 2012) (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Italiano (HKLM\...\Autodesk Inventor Professional 2012) (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Italiano (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk MapGuide® Viewer ActiveX Control Release 6 (HKLM-x32\...\{CFEFDE13-C8C6-407F-A9C1-889F29EE863F}) (Version: 6.0.0.0 - Autodesk, Inc.)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Avidemux 2.6 (HKLM-x32\...\Avidemux 2.6 (64-bit)) (Version: 2.6.0.8179 - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield Heroes (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
BioShock 2 (HKLM-x32\...\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}) (Version: 1.00.0000 - 2K Games)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version:  - )
BioShock Infinite Burial at Sea - Episode 1 (HKLM-x32\...\QmlvU2hvY2tJbmZpbml0ZQ==_is1) (Version: 1 - )
BlindWrite 6 (HKLM-x32\...\{005E738B-5A0A-4483-A900-877D183A8F45}_is1) (Version: 6.3.1.7d - VSO Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boxcryptor 2.0 (HKLM-x32\...\{C2157A16-C039-4F84-A49E-84116E4535C9}) (Version: 2.0.413.343 - Secomba GmbH)
calibre 64bit (HKLM\...\{E1A1B8F4-DB8E-4999-AB0E-CE929A040CDB}) (Version: 1.1.0 - Kovid Goyal)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.3.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.0.8 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.4.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.1.0.11 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.0.0.11 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.0.14 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cobian Backup 10 (HKLM-x32\...\CobBackup10) (Version:  - )
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
Company of Heroes 2 (HKLM-x32\...\Q29tcGFueW9mSGVyb2VzMg==_is1) (Version: 1 - )
Conversione Gray Matter TESTO (HKLM-x32\...\{049EA261-FDD4-4EE0-ABAB-59CF26441653}_is1) (Version:  - Vash)
CPUID CPU-Z 1.56 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskMark 3.0.2f (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
CuneiForm OpenOCR (HKLM-x32\...\{2C695618-6950-4C88-B836-A4FE7DD7FC9F}) (Version: 01.08.1006 - Cognitive Technologies)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Diagram Designer (HKLM-x32\...\Diagram Designer) (Version:  - )
DMC Devi May Cry © Capcom version 1 (HKLM-x32\...\DMC Devi May Cry © Capcom_is1) (Version: 1 - )
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.00 - Electronic Arts, Inc.)
DriverIdentifier 3.8 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version:  - DriverIdnetifier)
Dropbox (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
DWG TrueView 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
Eco Materials Adviser (x64) (HKLM\...\{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}) (Version: 1.32.0.0 - Granta Design Limited)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
ERDAS ER Viewer 2014 & Microsoft Office Plugin (HKLM-x32\...\ERDAS ER Viewer 14.0) (Version: 14.00.0001.00186 - Intergraph Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Evernote v. 5.7.2 (HKLM-x32\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Fallout New Vegas (HKLM-x32\...\Fallout New Vegas_is1) (Version:  - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FastStone Photo Resizer 3.2 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.2 - FastStone Soft.)
Focus Magic 4.01 (HKLM-x32\...\Focus Magic_is1) (Version: 4.01 - Acclaim Software Ltd)
FreeFileSync 5.11 (HKLM-x32\...\FreeFileSync) (Version: 5.11 - Zenju)
Freemake Video Converter versione 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Gears of War (HKLM-x32\...\InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}) (Version: 1.00.0000 - Microsoft Game Studios)
Gears of War (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{F0F8C39C-83EC-49FB-96C7-37F6A1B1A905}) (Version: 3.0.4989 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
Gray Matter (HKLM-x32\...\Gray Matter_is1) (Version:  - dtp)
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.1 - goldensoft.org)
HMR Channel Manager (HKLM-x32\...\5CFB35C5-721A-4DDB-9978-EDC5506CF873) (Version: 0.97beta - Kalash)
Hugin 2013.0.0 (HKLM-x32\...\Hugin) (Version: 2013.0.0 hg_0d404a7088e6 - The Hugin Development Team)
Importazione SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Installazione di DivX (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
InstantPhotoSketch 2.0 (HKLM-x32\...\{5A76F86F-C0E5-4755-BD6C-4FC627F17033}_is1) (Version:  - CPSSoftware)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iSkysoft Video Converter Ultimate(Build 5.0.0.0) (HKLM-x32\...\iSkysoft Video Converter Ultimate_is1) (Version: 5.0.0.0 - iSkysoft Software)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Karen's Directory Printer (HKLM-x32\...\Karen's Directory Printer) (Version: 5.3.0.2 - Karen Kenworthy)
KeePass Password Safe 2.17 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version:  - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Language Pack di Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
LG Bluetooth Drivers (HKLM-x32\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)
LG PC Suite IV (HKLM-x32\...\LG PC Suite IV) (Version: 4.3.31.20110804 - LG Electronics)
LG SP USB Driver (HKLM-x32\...\{E2AE8456-CCFE-46C0-8629-71CC507660FC}) (Version: 1.0 - LG Electronics)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
LibreOffice 4.1 Help Pack (Italian) (HKLM-x32\...\{830BA9EA-79A7-4434-9154-8B1E06F528FB}) (Version: 4.1.4.2 - The Document Foundation)
LibreOffice 4.2.6.3 (HKLM-x32\...\{14DB1822-00B5-4820-86B5-EF893CA46B53}) (Version: 4.2.6.3 - The Document Foundation)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Malwarebytes Anti-Malware versione 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MCCI®Firmware Update Driver for MTK (HKLM-x32\...\{13E92303-C1AC-4012-9E22-54EACBF54888}) (Version: 1.00.0000 - MCCI)
MediaInfo 0.7.67 (HKLM\...\MediaInfo) (Version: 0.7.67 - MediaArea.net)
Merge Version 2.3 (HKLM-x32\...\merge_is1) (Version:  - )
Microsoft .NET Compact Framework 2.0 SP1 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.6129 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850410-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{32A08044-0CFA-3758-902C-5D97746BA9A9}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiniTool Partition Wizard Home Edition 8.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Modulo aggiuntivo Autodesk Inventor Fusion per Inventor 2012 - Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Modulo aggiuntivo Autodesk Inventor Fusion per Inventor 2012 (Version: 1.0.0.18 - Autodesk) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 it) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 it)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MTX (HKLM-x32\...\{6583D00E-0924-4950-8BE9-5D09FE70B333}) (Version: 1.0.0 - mektek.net)
MyHarmony (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Nero 7 Premium (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301040}) (Version: 7.02.9753 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
ORPALIS PDF Reducer Free Edition (HKLM-x32\...\{0DDB2FC6-EE08-4E53-AA8C-A8D87FA61F0A}) (Version: 1.1.4 - ORPALIS)
Pacchetto di compatibilità per Office System 2007 (HKLM-x32\...\{90120000-0020-0410-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
PC Wizard 2010.1.96 (HKLM-x32\...\PC Wizard 2010_is1) (Version:  - CPUID)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PriMus-DCF v.100a (HKLM-x32\...\{3BFED551-630D-4C5E-A90F-A6B7E9CF3CA0}) (Version: 100a - ACCA software S.p.A.)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Python 2.6.5 (HKLM-x32\...\{4723F199-FA64-4233-8E6E-9FCCC95A18EE}) (Version: 2.6.5150 - Python Software Foundation)
qBittorrent 3.0.11 (HKLM-x32\...\qbittorrent) (Version: 3.0.11 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.5 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Sandboxie 3.52 (64-bit) (HKLM\...\Sandboxie) (Version:  - )
SoftPerfect WiFi Guard version 1.0.5 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.5 - SoftPerfect Research)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strumento per la disinstallazione rapida di Autodesk Inventor 2012 (HKLM\...\{D25FF5C1-1664-469A-9794-69309387C193}) (Version: 16.0.16000.0000 - Autodesk)
Supporto applicazioni Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
System Requirements Lab for Intel (HKLM-x32\...\{EFE3D683-903C-4B58-AB8F-C68C69F33758}) (Version: 4.5.3.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.48204.103 - Sonix)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2627.3) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-440119699-676679962-2437733237-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wireshark 1.8.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.5 - The Wireshark developer community, http://www.wireshark.org)
WOL Magic Packet Sender (HKLM-x32\...\{E268ADBD-A002-4684-AEDF-EA0F83F7E00B}) (Version: 1.5.0 - Zwalisoft)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{17A14094-F274-44E2-B54B-FC0E966AE5C7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\LUxClientSink.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{2D5C6B27-86B3-4E81-9F8B-9C68887F5BE6}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\LUxUIMgr.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{714D325C-E9CE-44ab-A72A-36BB410BA19B}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\FEAFilesHandler.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (http://MediaArea.net/MediaInfo)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C0E7110B-2136-11D4-8DD0-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorMarshal.Dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2013\it-IT\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E6E92821-2731-4AA3-B919-D2BC514FEC64}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridgePS.Dll ()
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Excalibur\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-440119699-676679962-2437733237-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll No File

==================== Restore Points  =========================

15-11-2014 17:18:51 Windows Update
18-11-2014 17:46:39 Windows Update
18-11-2014 18:27:57 Installazione di Autodesk Design Review 2013 completata.
18-11-2014 20:30:46 ZW3D 2012  installato
18-11-2014 21:19:45 ZW3D 2012  rimosso
18-11-2014 21:35:53 Installed DWGSee Pro 2015
20-11-2014 17:36:46 avast! antivirus system restore point
21-11-2014 21:26:53 Windows Update
23-11-2014 11:20:17 Autodesk MapGuide® Viewer ActiveX Control Release 6 installato
23-11-2014 11:20:45 Autodesk MapGuide® Viewer ActiveX Control Release 6 installato
25-11-2014 15:34:26 Windows Update
27-11-2014 21:54:39 Removed DWGSee Pro 2015
28-11-2014 20:06:55 Windows Update
02-12-2014 14:22:47 Windows Update
02-12-2014 14:58:21 Installed Evernote v. 5.7.2
04-12-2014 17:47:42 Removed Java 7 Update 55 (64-bit)
04-12-2014 17:48:30 Removed Java 7 Update 55
05-12-2014 17:53:02 Windows Update
05-12-2014 20:33:18 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
05-12-2014 20:34:06 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
11-12-2014 14:50:59 Windows Update
11-12-2014 17:07:27 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2013-02-15 21:43 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {021BD0E8-CF5F-4415-BF78-BDE475B01034} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-20] (AVAST Software)
Task: {224FE19A-DA11-41A7-8510-C7E44D78AE47} - System32\Tasks\AdobeAAMUpdater-1.0-Excalibur-PC-Excalibur => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {34A7C5EC-566C-47A6-90EC-422AD555C6B2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001UA => C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {3826AA73-7FED-4A8D-88F9-F1D6AD11E7A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated)
Task: {5DCB5E07-ED4A-4439-9955-ABEF3EA5AE16} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AEA0C5DA-BF1F-448E-8690-AA456E67F27F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {B4C9C4B0-F1A3-4E56-83B0-8F11DB073CC4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {B570146A-0090-455A-A568-2FD4BE78A83D} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {D3D77253-3D35-4C7B-B6C1-A327EC61A45F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001Core => C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {EC87F13C-6D22-493F-9AA5-0BEF08A3645A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001Core.job => C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-440119699-676679962-2437733237-1001UA.job => C:\Users\Excalibur\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-29 16:17 - 2012-10-04 18:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2011-11-06 22:28 - 2011-11-06 22:28 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-21 19:13 - 2013-08-23 12:36 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll
2011-11-06 21:27 - 2009-11-13 16:57 - 00320512 _____ () C:\Windows\tsnp2uvc.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-12-11 15:45 - 2014-12-11 15:45 - 02905600 _____ () C:\Program Files\AVAST Software\Avast\defs\14121100\algo.dll
2014-05-30 22:33 - 2014-06-21 07:19 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-05-30 22:33 - 2014-06-21 07:19 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2011-01-23 20:23 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2011-01-23 20:23 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2014-12-11 21:09 - 2014-12-11 21:09 - 00043008 _____ () c:\Users\Excalibur\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbew3zm.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Excalibur\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-11-20 18:40 - 2014-11-20 18:40 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-09 21:11 - 2014-12-09 21:11 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: DAUpdaterSvc => 3
MSCONFIG\startupfolder: C:^Users^Excalibur^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: Cobian Backup 10 => "C:\Program Files (x86)\Cobian Backup 10\Cobian.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

========================= Accounts: ==========================

Administrator (S-1-5-21-440119699-676679962-2437733237-500 - Administrator - Disabled)
CVBOT1 (S-1-5-21-440119699-676679962-2437733237-1005 - Limited - Enabled) => C:\Users\CVBOT1.Excalibur-PC
Excalibur (S-1-5-21-440119699-676679962-2437733237-1001 - Administrator - Enabled) => C:\Users\Excalibur
Guest (S-1-5-21-440119699-676679962-2437733237-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-440119699-676679962-2437733237-1002 - Limited - Enabled)
MBOT1 (S-1-5-21-440119699-676679962-2437733237-1004 - Limited - Enabled) => C:\Users\MBOT1

==================== Faulty Device Manager Devices =============

Name: Canale IDE
Description: Canale IDE
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Controller IDE ATA/ATAPI standard)
Service: atapi
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: ATA Channel 1
Description: Canale IDE
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Controller IDE ATA/ATAPI standard)
Service: atapi
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/11/2014 09:33:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/11/2014 09:10:10 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/11/2014 09:09:40 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/11/2014 03:46:11 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/11/2014 03:45:43 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/10/2014 06:08:09 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/10/2014 06:07:43 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/09/2014 07:27:59 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/09/2014 07:27:31 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.

Error: (12/08/2014 08:11:17 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.


System errors:
=============
Error: (12/11/2014 09:09:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore:
%%-2140993535

Error: (12/11/2014 09:09:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
%%-2140993535

Error: (12/11/2014 09:09:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore:
%%-2140993535

Error: (12/11/2014 09:09:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
%%-2140993535

Error: (12/11/2014 09:09:24 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (12/11/2014 09:09:24 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (12/11/2014 09:09:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore:
%%-2140993535

Error: (12/11/2014 09:09:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
%%-2140993535

Error: (12/11/2014 09:09:13 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (12/11/2014 08:50:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifiche dell'applicazioneLocaleAvvio{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (tramite LRPC)


Microsoft Office Sessions:
=========================
Error: (12/11/2014 09:33:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Excalibur\Downloads\esetsmartinstaller_enu.exe

Error: (12/11/2014 09:10:10 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/11/2014 09:09:40 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/11/2014 03:46:11 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/11/2014 03:45:43 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/10/2014 06:08:09 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/10/2014 06:07:43 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/09/2014 07:27:59 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/09/2014 07:27:31 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/08/2014 08:11:17 PM) (Source: MsiInstaller) (EventID: 11310) (User: Excalibur-PC)
Description: Prodotto: Akamai NetSession Interface -- Errore 1310. Errore durante la scrittura nel file C:\Users\Excalibur\AppData\Local\Akamai\admintool.exe.  Errore di sistema 0. Assicurarsi di disporre dei diritti di accesso alla directory.(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2013-02-15 21:42:46.622
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

  Date: 2013-02-15 21:42:46.513
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.


==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q9300 @ 2.50GHz
Percentage of memory in use: 50%
Total physical RAM: 4094.48 MB
Available physical RAM: 2041.6 MB
Total Pagefile: 4092.66 MB
Available Pagefile: 2086.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:97.65 GB) (Free:31.19 GB) NTFS
Drive e: (DATTANIUS) (Fixed) (Total:833.86 GB) (Free:57.89 GB) NTFS
Drive f: (NUOVO) (CDROM) (Total:0.11 GB) (Free:0 GB) CDFS
Drive g: (Sid Meiers Civilization Beyond E) (CDROM) (Total:2.68 GB) (Free:0 GB) UDF
Drive h: (SC2-200-D1) (CDROM) (Total:7.83 GB) (Free:0 GB) UDF
Drive i: (VERBATIM HD) (Fixed) (Total:2048 GB) (Free:142.04 GB) NTFS
Drive l: (VERBATIM HD) (Fixed) (Total:746.34 GB) (Free:733.93 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: EF3F7C21)
Partition 1: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=833.9 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 9F1E424B)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 2048 GB) (Disk ID: 1B350A89)
Partition 1: (Not Active) - (Size=2048 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 746.5 GB) (Disk ID: 2E360902)
Partition 1: (Not Active) - (Size=746.5 GB) - (Type=0C)

==================== End Of Log ============================



#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:10 AM

Posted 12 December 2014 - 08:19 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.


start

BHO-x32: iSkysoft Video Converter Ultimate -> {C7C3BC26-4F2B-4997-A3CB-163337FE975B} -> C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll No File
U3 afsh7fns; C:\Windows\System32\Drivers\afsh7fns.sys [0 ] (Intel Corporation)
C:\Users\Excalibur\AppData\Local\Temp\tmpC9B4.exe
C:\Windows\System32\Drivers\afsh7fns.sys

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

How is the computer running now?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users