Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Proxy loopback virus (127.0.0.1) on Google Chrome


  • This topic is locked This topic is locked
36 replies to this topic

#1 Delitescent

Delitescent

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 12 August 2015 - 11:52 AM

Recently Google Chrome constantly diverts all my Google searches via a proxy 127.0.0.1 and does not allow the usage of any other search engines such as Yahoo and Bing. When attempting to access anything without using Google, it will simply indicate "The webpage is not available; ERR_TUNNEL_CONNECTION_FAILED". When I try to uncheck the proxy server settings under LAN settings, it simply reverts back after closing the window. Please help!
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-08-2015 02
Ran by Owner (administrator) on OWNER-PC (13-08-2015 00:34:50)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
( ) C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
(InstallShield) C:\Program Files (x86)\KMS Updater\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\FOXBAT Gaming Mouse\mousehid.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Garena Plus\bbtalk\BBTalk.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [GamingMouseG7] => C:\Program Files (x86)\FOXBAT Gaming Mouse\mousehid.exe [741376 2012-06-03] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-28] (Raptr, Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [MsiDS200gmmouseRun] => C:\Program Files (x86)\MSI Gaming Series\Interceptor DS200\msimon.exe [3710464 2013-12-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [10014656 2015-08-06] ()
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-07-19] (Overwolf LTD)
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Run: [Dropbox Update] => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Policy restriction on ProxySettings)
ProxyEnable: [HKLM] => ProxyEnable is set
ProxyEnable: [HKLM-x32] => ProxyEnable is set
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://xin.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{E70CEDE7-4418-4E05-88A7-D2352957DBE0}: [NameServer] 192.241.222.103
Tcpip\..\Interfaces\{E70CEDE7-4418-4E05-88A7-D2352957DBE0}: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-18] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2015-01-16] ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-09]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-09]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-09]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-09]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-09]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-17] (BlueStack Systems, Inc.)
R3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-17] (BlueStack Systems, Inc.)
R3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 mitsijm2013; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [339776 2012-01-31] ( )
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-19] (Overwolf LTD)
R2 Updater.exe; C:\Program Files (x86)\KMS Updater\Updater.exe [35328 2014-11-14] (InstallShield) [File not signed] <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-17] (BlueStack Systems)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 GM3305Fltr; C:\Windows\System32\drivers\GM3305Fltr.sys [9600 2012-03-28] (LXD Development, Inc.)
S3 GM3305Fltr; C:\Windows\SysWOW64\drivers\GM3305Fltr.sys [8064 2012-03-28] (LXD Development, Inc.) [File not signed]
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [990864 2012-09-29] (Realtek Semiconductor Corporation                           )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-13 00:34 - 2015-08-13 00:34 - 00020810 _____ C:\Users\Owner\Desktop\FRST.txt
2015-08-13 00:33 - 2015-08-13 00:34 - 00000000 ____D C:\FRST
2015-08-13 00:33 - 2015-08-13 00:33 - 02172928 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2015-08-12 22:55 - 2015-08-12 22:55 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-08 23:04 - 2015-08-08 23:04 - 00000000 ____D C:\Users\Owner\AppData\Local\CEF
2015-08-07 10:15 - 2015-08-07 10:15 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-07 10:15 - 2015-08-07 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-07 10:15 - 2015-08-07 10:15 - 00000000 ____D C:\Program Files\iTunes
2015-08-07 10:15 - 2015-08-07 10:15 - 00000000 ____D C:\Program Files\iPod
2015-08-07 10:15 - 2015-08-07 10:15 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-07 10:13 - 2015-08-07 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-07 10:13 - 2015-08-07 10:13 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-30 22:21 - 2015-08-01 15:57 - 00004958 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Owner-PC-Owner Owner-PC
2015-07-23 18:31 - 2015-07-15 11:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-23 18:31 - 2015-07-15 11:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-23 18:31 - 2015-07-15 11:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-23 18:31 - 2015-07-15 11:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-23 18:31 - 2015-07-15 10:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-23 18:31 - 2015-07-15 10:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-23 18:31 - 2015-07-15 10:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-23 18:31 - 2015-07-15 10:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-23 18:31 - 2015-07-15 09:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-23 18:31 - 2015-07-15 09:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 23:18 - 2015-07-05 02:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 23:18 - 2015-07-05 01:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 23:18 - 2015-06-25 16:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 23:18 - 2015-06-18 01:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 23:18 - 2015-06-18 01:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 23:18 - 2015-06-02 08:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 23:18 - 2015-06-02 07:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 23:18 - 2015-04-28 03:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 23:18 - 2015-04-28 03:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 23:18 - 2015-04-28 03:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 23:18 - 2015-04-28 03:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 23:18 - 2015-04-28 03:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 23:18 - 2015-04-28 03:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 23:18 - 2015-04-28 03:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 23:18 - 2015-04-28 03:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-13 00:34 - 2014-05-07 17:36 - 01202535 _____ C:\Windows\WindowsUpdate.log
2015-08-13 00:23 - 2014-05-09 10:16 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-13 00:07 - 2015-06-19 10:09 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000UA.job
2015-08-12 23:48 - 2014-07-09 23:02 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-12 23:40 - 2014-05-09 23:23 - 00000000 ___RD C:\Users\Owner\Dropbox
2015-08-12 22:55 - 2014-05-09 23:21 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Dropbox
2015-08-12 22:37 - 2014-10-03 22:32 - 00000000 ____D C:\Users\Owner\AppData\Local\Akamai
2015-08-12 21:55 - 2009-07-14 12:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-12 21:55 - 2009-07-14 12:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-12 21:42 - 2014-07-26 18:09 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-12 21:40 - 2015-06-19 10:09 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000Core.job
2015-08-12 21:40 - 2014-05-09 11:08 - 00003476 _____ C:\Windows\System32\Tasks\gg_uac_daemon_Owner
2015-08-12 16:03 - 2009-07-14 13:13 - 00783606 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-12 16:01 - 2015-01-10 14:41 - 00000000 ____D C:\Users\Owner\AppData\Local\LogMeIn Hamachi
2015-08-12 16:01 - 2014-05-09 11:08 - 00000000 ____D C:\Users\Owner\AppData\Roaming\GarenaPlus
2015-08-12 16:01 - 2014-05-09 11:07 - 00000000 ____D C:\ProgramData\GarenaMessenger
2015-08-12 15:58 - 2015-03-13 14:52 - 00003754 _____ C:\Windows\System32\Tasks\AutoKMS
2015-08-12 15:58 - 2014-05-09 10:16 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-12 15:57 - 2015-01-07 10:18 - 00023832 _____ C:\Windows\setupact.log
2015-08-12 15:57 - 2014-05-09 11:23 - 00000000 ____D C:\Users\Owner\AppData\Local\Overwolf
2015-08-12 15:57 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-12 00:36 - 2015-03-13 14:42 - 00000000 ____D C:\Users\Owner\Desktop\Applications
2015-08-12 00:35 - 2014-09-12 21:04 - 00000072 _____ C:\Users\Public\LMDebug.log
2015-08-11 23:18 - 2014-05-09 15:55 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2015-08-10 23:02 - 2014-05-09 15:55 - 00000000 ____D C:\ProgramData\Skype
2015-08-10 21:59 - 2014-12-23 11:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Raptr
2015-08-09 12:18 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-07 10:33 - 2014-05-09 11:35 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Apple Computer
2015-08-07 10:21 - 2014-05-09 11:08 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2015-08-07 10:15 - 2015-04-15 22:20 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-08-07 10:15 - 2014-05-09 11:35 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-01 13:39 - 2015-03-13 14:51 - 00000482 _____ C:\Windows\Tasks\KMS Updater.job
2015-07-30 22:16 - 2014-12-23 11:14 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-25 14:36 - 2014-08-11 15:25 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-25 14:30 - 2015-05-13 16:14 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-07-24 19:05 - 2014-05-09 11:26 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-07-24 18:59 - 2009-07-14 12:45 - 00542504 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-18 23:22 - 2014-08-23 13:17 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-18 23:22 - 2014-08-23 13:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-18 20:02 - 2015-06-19 10:09 - 00003888 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000UA
2015-07-18 20:02 - 2015-06-19 10:09 - 00003492 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000Core
2015-07-18 13:04 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\rescache
2015-07-18 12:18 - 2014-05-09 10:16 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-18 12:18 - 2014-05-09 10:16 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-18 11:48 - 2014-07-09 23:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-18 11:48 - 2014-07-09 23:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-18 11:48 - 2014-07-09 23:02 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-18 11:32 - 2014-09-02 20:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-18 11:31 - 2014-12-29 16:13 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 23:18 - 2009-07-14 10:34 - 00000478 _____ C:\Windows\win.ini
2015-07-15 23:17 - 2014-05-10 11:42 - 00000000 ____D C:\Windows\system32\MRT
 
==================== Files in the root of some directories =======
 
2014-10-02 12:47 - 2014-10-02 12:47 - 0045270 _____ () C:\Users\Owner\AppData\Roaming\room_v3.dat
2014-05-07 17:42 - 2014-05-07 17:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpg9lx9n.dll
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150602to20150707.exe
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150707to20150715.exe
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150715to20150720.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150616to150630.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150630to150714v2.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150714to150724.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150724to150729.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150729to150807.exe
C:\Users\Owner\AppData\Local\Temp\_isF2B7.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-12 19:53
 
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-08-2015 02
Ran by Owner (2015-08-13 00:35:03)
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3722524699-659615659-2524836741-500 - Administrator - Disabled)
Guest (S-1-5-21-3722524699-659615659-2524836741-501 - Limited - Disabled)
Owner (S-1-5-21-3722524699-659615659-2524836741-1000 - Administrator - Enabled) => C:\Users\Owner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version: - Trion Worlds, Inc.)
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk Inventor 2013 Quick Uninstaller (HKLM\...\{D25FF5C1-1764-469A-9794-69309387C193}) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Content Center Libraries 2013 (Desktop Content) (HKLM\...\{B46DECD1-1764-4EF1-0000-22D71E81877C}) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2013 Add-in (HKLM\...\{08BCFE15-8AA1-4A58-B018-4FEF486BA922}) (Version: 1.0.0.111 - Autodesk)
Autodesk Inventor Professional 2013 (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2013 English (HKLM\...\Autodesk Inventor Professional 2013) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Professional 2013 English Language Pack (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2013 (HKLM-x32\...\{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Autodesk Vault Basic 2013 (Client) (HKLM-x32\...\Autodesk Vault Basic 2013 (Client)) (Version: 17.0.61.0 - Autodesk)
Autodesk Vault Basic 2013 (Client) (Version: 17.0.61.0 - Autodesk) Hidden
Autodesk Vault Basic 2013 (Client) English Language Pack (Version: 17.0.61.0 - Autodesk) Hidden
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{79809712-A577-4B8C-A9FC-51945690C7DC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
DWG TrueView 2013 (HKLM\...\DWG TrueView 2013) (Version: 19.0.55.0 - Autodesk)
DWG TrueView 2013 (Version: 19.0.55.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2013 (HKLM\...\{792A9A32-718A-40D1-9867-A903F76AE2F8}) (Version: 3.9.12.0 - Granta Design Limited)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
FOXBAT Gaming Mouse (HKLM-x32\...\{B1669080-7C2D-4BA9-AB6F-FD6A4B0CE8AF}) (Version: 1.00 - Gaming Mouse)
Garena - FIFA ONLINE 3(English) (HKLM-x32\...\FO3) (Version: - Garena Online Pte Ltd.)
Garena - League of Legends (HKLM-x32\...\LoL) (Version: - Garena Online Pte Ltd.)
Garena Plus (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft (HKLM-x32\...\{63227E62-F417-497E-9060-22B3A9A52D7A}) (Version: 1.0.1.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Interceptor DS200 Gaming Mouse (HKLM-x32\...\{9CE89B74-59E2-4215-98B1-7A9913E33600}_is1) (Version: 1.1 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.87.58.0 - Overwolf Ltd.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.20.00(16/1/2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.5.0 - Samsung Electronics Co., Ltd.)
Samsung M283x Series (HKLM-x32\...\Samsung M283x Series) (Version: 1.01 (5/2/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
View User's Guide (HKLM-x32\...\View User Guide) (Version: 3.60.44.0 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2013\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2013\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll No File

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {046F9825-637F-438B-BE39-DA1A6B17484B} - System32\Tasks\gg_uac_daemon_Owner => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2015-01-20] ()
Task: {1EBD6490-E8D2-41E9-B495-0A4B1E7886D8} - System32\Tasks\KMS Updater => Wscript.exe //nologo //E:jscript //B "C:\Program Files (x86)\KMS Updater\updater.ini"
Task: {312E35F4-A301-4A14-868E-BBC6E71743BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-09] (Google Inc.)
Task: {4B6A39A6-C27F-4ED9-A9CA-7AF89B0D873B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {687B1AD4-376C-442C-B1D9-4628C332CCEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-18] (Adobe Systems Incorporated)
Task: {6E3CD872-0CE9-4C51-81E7-7FC2DAFA2AF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-09] (Google Inc.)
Task: {903F1902-40F2-43AA-9C79-B00B2CDAAEA4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9164F74C-DBDD-47E5-A067-C6036437FA84} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {B0ADD317-F319-44B0-B8D2-2A0A92AE3E6A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000UA => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {B2A91D28-865A-4AA4-B2C3-2CF02D4B6FD9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Owner-PC-Owner Owner-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-04-14] (Microsoft Corporation)
Task: {CD5BC996-3934-4CF1-AF41-A53B0FEE96C2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-03-13] ()
Task: {D1A5789C-CFC7-440F-8458-4EC0D0E1E273} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000Core => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {D5C1CD6E-D51F-4B88-85D5-0BB50B00A1DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D7421622-6BC7-4382-BC23-EF2E925E8AC4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E43527D8-527D-4CC2-AAB7-E4CE21AE17F1} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-07-19] (Overwolf LTD)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000Core.job => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000UA.job => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\KMS Updater.job => Wscript.exe J/nologo /E:jscript /B C:\Program Files (x86)\KMS Updater\updater.ini

==================== Loaded Modules (Whitelisted) ==============

2014-09-12 20:55 - 2013-11-29 20:36 - 00034304 _____ () C:\Windows\System32\ssk5mlm.dll
2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00055896 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
2014-05-07 17:49 - 2013-05-07 15:45 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-04-29 17:28 - 2015-08-06 19:30 - 10014656 _____ () C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
2014-05-10 18:23 - 2012-06-03 20:37 - 00741376 _____ () C:\Program Files (x86)\FOXBAT Gaming Mouse\mousehid.exe
2014-04-03 15:48 - 2015-07-07 19:40 - 06793664 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\BBtalk.exe
2014-04-29 17:28 - 2015-08-01 17:07 - 01089472 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
2014-05-07 17:49 - 2015-08-12 15:57 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-05-07 17:49 - 2013-05-07 15:45 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00111192 _____ () C:\Program Files (x86)\Garena Plus\CommonLib.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00040024 _____ () C:\Program Files (x86)\Garena Plus\DibModule.dll
2014-04-29 17:28 - 2015-08-06 19:30 - 00040896 _____ () C:\Program Files (x86)\Garena Plus\VersionModule.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00057944 _____ () C:\Program Files (x86)\Garena Plus\FileLoader.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00093784 _____ () C:\Program Files (x86)\Garena Plus\PluginKernel.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00493656 _____ () C:\Program Files (x86)\Garena Plus\CxImage.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00031832 _____ () C:\Program Files (x86)\Garena Plus\PluginModule.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00177240 _____ () C:\Program Files (x86)\Garena Plus\lib\fs\YYFileSystem.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00380504 _____ () C:\Program Files (x86)\Garena Plus\lib\Http.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00191064 _____ () C:\Program Files (x86)\Garena Plus\lib\MP3Module.dll
2012-02-22 16:52 - 2012-02-22 16:52 - 00162304 _____ () C:\Program Files (x86)\Garena Plus\lame_enc.DLL
2014-04-29 17:29 - 2015-01-20 20:20 - 00226392 _____ () C:\Program Files (x86)\Garena Plus\lib\TaskManagerLib.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00112728 _____ () C:\Program Files (x86)\Garena Plus\lib\UILayout.dll
2014-04-29 17:29 - 2015-05-27 12:47 - 00965056 _____ () C:\Program Files (x86)\Garena Plus\lib\XLL.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00061528 _____ () C:\Program Files (x86)\Garena Plus\lib\XmlUIModule.dll
2012-02-22 16:52 - 2012-02-22 16:52 - 00573100 _____ () C:\Program Files (x86)\Garena Plus\sqlite3.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00231000 _____ () C:\Program Files (x86)\Garena Plus\Plugins\StatsPlugin.dll
2014-04-29 17:28 - 2015-08-06 19:31 - 01507264 _____ () C:\Program Files (x86)\Garena Plus\Plugins\ggplugin.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00199256 _____ () C:\Program Files (x86)\Garena Plus\ImageModule.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00161880 _____ () C:\Program Files (x86)\Garena Plus\libmpg123.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 02947672 _____ () C:\Program Files (x86)\Garena Plus\ggdownloader.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00072280 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\AudioMixerLib.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00023128 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\ClientTcp.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 01551960 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\FileSender.dll
2013-02-01 13:42 - 2013-02-01 13:42 - 00153088 _____ () C:\Program Files (x86)\Garena Plus\libzmq.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00962648 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\GaFileTransfer.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00251480 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\MediaEngine.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00032856 _____ () C:\Program Files (x86)\Garena Plus\ServerMemAlloc.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00523352 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\RSALib.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00074840 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\UdtLib.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00153688 _____ () C:\Program Files (x86)\Garena Plus\xIM.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00596568 _____ () C:\Program Files (x86)\Garena Plus\xim\plugin_msn.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00467032 _____ () C:\Program Files (x86)\Garena Plus\xim\plugin_xmpp.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00201304 _____ () C:\Program Files (x86)\Garena Plus\xim\plugin_yahoo.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00107608 _____ () C:\Program Files (x86)\Garena Plus\Plugins\PlatformPlugin.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00243288 _____ () C:\Program Files (x86)\Garena Plus\Plugins\PluginNews.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00404056 _____ () C:\Program Files (x86)\Garena Plus\Plugins\GarenaTalkPlugin.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00293464 _____ () C:\Program Files (x86)\Garena Plus\Plugins\DailyTaskPlugin.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00222808 _____ () C:\Program Files (x86)\Garena Plus\Plugins\GameSalePlugin.dll
2014-05-07 17:43 - 2013-09-03 16:53 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-04-03 15:48 - 2015-01-16 12:27 - 00110680 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\CommonLib.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00069720 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\PluginKernel.dll
2014-04-03 15:48 - 2015-01-16 12:27 - 00039512 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\DibModule.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00388696 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\ImageModule.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00823896 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\gagmhook.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00047704 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lollauncher.dll
2014-04-03 15:49 - 2015-07-07 19:41 - 00029632 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\VersionModule.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00454600 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\sqlite3.dll
2014-04-03 15:49 - 2015-02-11 15:55 - 02457024 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\Overlay.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00115288 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\AudioMixerLib.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00036440 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\ChannelUrlDll.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00431192 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\exchndl.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00083544 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\FileManager.dll
2014-04-03 15:48 - 2015-01-16 12:27 - 00059480 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\FileSystem.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00380504 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\Http.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00053336 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\InputHookLib.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00073304 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\InputHook.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00048216 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\IPCLib.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00062040 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\LangLib.dll
2014-04-03 15:48 - 2015-01-16 12:27 - 00096344 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\audiohost.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00141400 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\MessagePumpLib.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00036952 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\MP3Saver.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00244824 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\libmp3lame.DLL
2014-04-03 15:49 - 2015-01-16 12:27 - 01054296 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\RealTimeVideoEngine.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00062552 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\ResLib.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00105560 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\PngModule.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00134232 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\TcpClient.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00143960 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\UdpClient.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00117336 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\UILayout.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00872536 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\UILib.dll
2014-04-03 15:49 - 2015-01-16 12:27 - 00062040 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\lib\XmlUIModule.dll
2014-11-01 11:21 - 2015-07-04 00:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-02-17 16:09 - 2015-07-04 00:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-02-17 16:09 - 2015-07-04 00:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-17 16:09 - 2015-07-04 00:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-11-01 11:21 - 2015-07-24 07:24 - 02410176 _____ () C:\Program Files (x86)\Steam\video.dll
2014-11-01 11:21 - 2014-12-02 05:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-11-01 11:21 - 2014-12-02 05:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-11-01 11:21 - 2014-12-02 05:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-11-01 11:21 - 2014-12-02 05:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-11-01 11:21 - 2014-12-02 05:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-11-01 11:21 - 2015-07-24 07:23 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-08-08 23:04 - 2015-07-08 04:41 - 00169984 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-11-01 11:21 - 2015-07-04 00:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-08-06 19:24 - 2015-07-31 14:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
2015-08-06 19:24 - 2015-07-31 14:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Owner\Desktop\Applications:com.dropbox.attributes
AlternateDataStreams: C:\Users\Owner\Desktop\Dot Arena Videos:com.dropbox.attributes
AlternateDataStreams: C:\Users\Owner\Desktop\VIDEO0017.mp4:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3722524699-659615659-2524836741-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.241.222.103
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{52CEF8EE-29E1-441C-A6ED-9BD136CAE823}] => (Allow) C:\Program Files (x86)\Garena Plus\ggdllhost.exe
FirewallRules: [{3E956C2A-D1F0-486A-B246-50A285788348}] => (Allow) C:\GarenaDownload\Games\fo3\fo3Installer.exe
FirewallRules: [{E0B38635-F0FC-4E6F-AB12-557153112F69}] => (Allow) C:\GarenaDownload\Games\fo3\fo3Installer.exe
FirewallRules: [TCP Query User{3EDFBAE6-1D3A-4442-A4D3-267C944BC358}C:\users\owner\appdata\local\temp\gw2.exe] => (Allow) C:\users\owner\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{A0C1B567-5247-44DA-9317-9B70D9CF6928}C:\users\owner\appdata\local\temp\gw2.exe] => (Allow) C:\users\owner\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{72D123EC-04DC-4420-AA8C-2371979A02FB}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{82655C2C-2209-4897-B1AC-054365F6A04E}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{7CB393AC-861B-4045-BA93-071D10BCCF55}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1591F2EF-B6AF-4C5B-8008-DADDC87B66BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{723AD9CC-8036-493C-B3B5-15D126A302FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AFA76F47-205B-425A-89D1-6D6C09F08FF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6F63DCCA-BEAA-408A-AAAD-D4EC1292BDD8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{94376F5C-59CC-4FBF-9232-11378AC3A28A}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{96F146FE-96B4-4B96-A76F-D329DB46D00C}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{5B03C5C3-5960-40AF-92F9-1A0580472C09}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{E3B5A3B4-470C-4AC7-A6DF-CF9CDF0B0B4F}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{7673DB96-EF09-4186-8F0D-7E40D2108F17}] => (Allow) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C61F73EE-4867-4A97-8CB7-66380F09F8A3}] => (Allow) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F9526446-88B2-4AEC-B3C1-3991F7F05068}] => (Allow) C:\Program Files (x86)\GarenaFO3\GameData\Apps\FO3\fifazf.exe
FirewallRules: [{627AB318-A686-47F0-B68F-0F9C8365C7A6}] => (Allow) C:\Program Files (x86)\GarenaFO3\GameData\Apps\FO3\fifazf.exe
FirewallRules: [TCP Query User{5BA41ED1-200E-4BBE-8B10-8410F75F6096}C:\program files (x86)\garena plus\updatemanager.exe] => (Allow) C:\program files (x86)\garena plus\updatemanager.exe
FirewallRules: [UDP Query User{BC0C2D97-D458-40CD-AC1C-071C2FF4918E}C:\program files (x86)\garena plus\updatemanager.exe] => (Allow) C:\program files (x86)\garena plus\updatemanager.exe
FirewallRules: [{959B337C-5644-4E85-BAA4-64516D6F9514}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0A058CA5-39CC-4199-9305-C68948BD4E3B}] => (Allow) LPort=2869
FirewallRules: [{1C5B1C0B-2338-4A31-800F-FB43E56E8F52}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{1A8B4845-3B4B-4490-A47D-3382D4F4AB55}C:\program files (x86)\garena plus\garenamessenger.exe] => (Allow) C:\program files (x86)\garena plus\garenamessenger.exe
FirewallRules: [UDP Query User{FE8E2EE3-1127-4F50-B59F-1C6DE144DA5E}C:\program files (x86)\garena plus\garenamessenger.exe] => (Allow) C:\program files (x86)\garena plus\garenamessenger.exe
FirewallRules: [{11AF2F19-670E-4EDF-B4C5-C8FCA4F9D303}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{098A97B1-03FC-44EB-9E2D-0AC768B7426D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D9950AD7-D6A2-4625-BA8D-94FC41FC8DEC}] => (Allow) C:\GarenaDownload\Games\lol\LoLInstaller.exe
FirewallRules: [{B6D875B2-AC1C-4B2E-A50D-FCA224EC5668}] => (Allow) C:\GarenaDownload\Games\lol\LoLInstaller.exe
FirewallRules: [{32C49CDA-7BA8-4113-B460-6A92D43BC7A8}] => (Allow) LPort=8370
FirewallRules: [{BB6BA00C-97E0-40B3-8E02-681452370337}] => (Allow) LPort=8370
FirewallRules: [{3D1D7CEE-35D8-41A9-9519-C56E70727871}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Air\LolClient.exe
FirewallRules: [{4DE780F9-3928-4412-885F-AF826E54E69C}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Air\LolClient.exe
FirewallRules: [{1A37AE5F-5FF5-4227-9872-706F123DC25B}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Game\League of Legends.exe
FirewallRules: [{D3A3BB22-2077-449C-AA01-11100AD05AB5}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Game\League of Legends.exe
FirewallRules: [{F5E2274C-1504-4ED8-B617-C6D9413C54E6}] => (Allow) LPort=6901
FirewallRules: [{DB09A3B0-FAE6-4EB4-9C90-A7FB1AD07038}] => (Allow) LPort=6901
FirewallRules: [{ED337F98-9BCE-44D5-B13F-2905A1445E30}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{3B4418D7-6D58-496E-927B-EADA1D89B642}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0532065D-3A76-42B2-A767-48B63F77D151}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{12FE20F6-9B85-4014-B9A7-73B0A376FE02}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9CB5DC6C-2280-4AB7-9560-B38AE2F8E321}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{2C4EFD1C-DE8C-406A-AC51-6ED268246F5F}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{E8CB3671-03E1-4030-8949-6439BE9BBCA3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{A233BD30-6C0A-400A-A915-BE9F034A5F94}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{101E0EB4-A616-407D-9BAE-301388D790D2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{9295DD75-9E8E-4103-B654-39A47B36A008}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{10728CD4-D82A-496C-A770-671005058508}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{66098620-64DE-4CA2-A12C-18BFF41F2963}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{DBC0ECD2-9056-4A6A-823C-2FFAA42BD15C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{627EBA4C-78D9-41A8-A079-F8FA61744D4D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{F8CB8B85-2C04-4331-9AFF-3EACD94A77D0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{AC8C08B6-B33A-49C1-8748-5767E74A1BDD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2A4DA3BB-EE69-47D2-A3F3-1F292802544F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{4E187FEF-765B-483A-AD11-10C1CEFA7953}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{092BC729-430D-4E00-9DE0-8589096BF89A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{FC9315CF-E593-4ED9-9F51-0ED1A5F9B9D1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{AF61583B-0240-4DA2-8F96-2AED5D2283CD}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{399925E7-1139-4C7F-959F-51EC7A76B692}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [TCP Query User{6615366C-61D2-4B2D-BB07-DEA659E9C06E}C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{C549153A-550F-4562-A582-7A43C7951166}C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{9D13D38F-9347-4236-8758-C9E00716D98C}] => (Allow) LPort=6994
FirewallRules: [{6170F78B-C714-4DAF-AC8D-A74C3875A637}] => (Allow) LPort=6994
FirewallRules: [{760649FA-18F4-4B35-A7D4-9A363AA5238D}] => (Allow) LPort=6899
FirewallRules: [{211A5A3A-9E1C-47D3-90C8-A6063C1DD627}] => (Allow) LPort=6899
FirewallRules: [{FE15004D-EBB1-4280-A946-C102F6B491BB}] => (Allow) C:\Program Files (x86)\Garena Plus\Room\garena_room.exe
FirewallRules: [TCP Query User{CE62E283-1DD5-49F7-8F9A-26ACB747E1B9}C:\users\owner\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\owner\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{AE42C7C7-9970-4FC3-BA89-65EDDB0B3069}C:\users\owner\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\owner\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{76E910F9-ECDC-400B-BDAA-5F902EB1CB3A}C:\users\owner\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\owner\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{1560E06D-D806-4677-B28D-40238A26B9B7}C:\users\owner\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\owner\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D57A6569-33AC-4FDF-8C6C-79D968D7DC7D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CEE980F1-7532-47D6-BB01-6AEC870E40BB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CA5C0696-244E-4910-B37B-28CB99956C9D}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D6F0A1D1-1EAE-4AFD-BF8B-AB245DB3DE60}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{967C475D-01EA-4D56-A413-AFDAA006A074}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{0D8E7C91-8B07-41FF-8C58-034E8F417BC9}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{DE8F85F8-368F-4295-A498-144489C2AB9B}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Allow) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [UDP Query User{2BEC613F-9EBF-405D-8CD1-B0D610038FBE}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Allow) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [{077C5C6D-C5B3-4C0F-9B5C-895E207A5361}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{41DBB670-E449-45EA-BC9F-6319B20D7B2F}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{21546CAF-D249-4C07-84AF-99CD7768D798}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{BF49AACB-13A6-4403-9D41-505C56E80BDD}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E30A0F0F-36F9-4020-BB49-C10D1B86C299}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9FCC1BF8-9243-4E93-AEB7-66F2975EB342}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{E49262D7-E7D5-4FDF-9EA5-FF99D10CEB1E}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{0F487A2A-5DE2-4926-AD80-3551B85A6661}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{2F7D8784-71D3-40D1-9842-44418553B108}] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{3ED145BD-D7DF-4C7B-B1BA-7B4ED6CB395E}] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{E0B4B3A1-438D-40BA-AA83-C739C042BBEF}] => (Allow) C:\Program Files (x86)\GarenaFO3\GameData\Apps\FO3\fifazf.exe
FirewallRules: [{03845EC4-45D0-4FAE-9F64-24566D950739}] => (Allow) C:\Program Files (x86)\GarenaFO3\GameData\Apps\FO3\fifazf.exe
FirewallRules: [{4F6B1851-42ED-4043-AB40-2E631F73EC6E}] => (Allow) LPort=8370
FirewallRules: [{559C331B-120B-454B-AB04-2B7DAC9E2627}] => (Allow) LPort=8370
FirewallRules: [{0C95BCF0-2C12-4D22-AF6B-62B252558C88}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Air\LolClient.exe
FirewallRules: [{30649E3B-2834-4E80-AC53-B5300B14BC5B}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Air\LolClient.exe
FirewallRules: [{FDF9E695-36FD-461F-B76A-EFDD51B6DDC5}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Game\League of Legends.exe
FirewallRules: [{D6B6B215-7A76-44CB-AFFF-92271404E0DD}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Game\League of Legends.exe
FirewallRules: [TCP Query User{D680067D-E5EB-4324-AA41-FDDDE98D4502}D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{C974E6A9-AEC2-44EF-AF9E-D1B3A534FE2F}D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D3F752FD-DF48-4E7C-A11A-348D15DF2DB8}] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{311990B5-64CD-464B-A86D-47A70C26A387}] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{6FF54967-83A2-4E7F-9644-CC739CF902B3}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{E1402245-C2D6-4292-BA51-E5A8E088C4E1}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{D56ECFF7-F826-4E00-B4BF-2A60490ABBE4}] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{987C2889-1268-4663-BE62-BE5F78F60C26}] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{D2738A09-8785-4A1D-942A-0183DF05AE5C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2D22BA66-9942-4B43-8985-198D9081E6DF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2501E1B8-CDBB-4C57-A3F5-249E2A6B2145}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4EFB0992-42EE-4D28-A125-3DBFA806BC36}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BA823E36-1079-4B25-9759-8BA2FE203EE3}] => (Allow) LPort=6882
FirewallRules: [{F7DDF42F-52CB-491F-8BD2-B8972C1F9C0D}] => (Allow) LPort=6882
FirewallRules: [{D4FB757E-FFE3-4130-96C7-49992277C312}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3B28EAA7-E9B3-4C87-86ED-97919931A714}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5171CA7F-CB4A-4EE1-87CC-12C953957829}] => (Allow) D:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
FirewallRules: [{5225906E-78F6-43C8-86A5-A140DAAD4535}] => (Allow) D:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
FirewallRules: [{FD657466-82E1-4EB6-A748-888E0BC6BC4C}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{2218AC6C-BC7A-4E90-837D-3D091837BEFC}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{A615844E-D940-4D2B-9F1C-BD1763776237}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{D3DBACEF-D376-41B0-AF63-A5A9F5A040D1}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{06F4FC03-F9BA-4E2D-8612-90146E9FFFA6}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{481072B5-EF66-466B-9B29-DB4D7D5BA8C9}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{2FB05C51-DF79-46D7-9C2A-E849FE001889}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{B5CD7D74-401E-4D67-AA36-DE52754AF34D}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{BBCD8819-475F-4F9F-896A-1A408ADC4314}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{666A173C-4C27-472C-BF83-C1D787DB28C2}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{8CED9629-7ADB-4449-A6AA-B1ED1201916E}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{91D456E8-248B-42DF-8E40-9B8573C3B274}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{C85968F4-AAFE-4F8E-A12A-9AA500842DD7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0565E540-C42A-492E-8136-05161A593A53}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{8C1E08E2-8961-42A2-B6A2-D04F73055A8B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{360E7B22-86D2-424E-BFC9-420D98D321BC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{816DDE71-2BE9-4D76-95C1-6DEFD62A3171}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6A23B5C8-5CB5-4EDC-8747-562F3887EAD4}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/12/2015 10:37:04 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (08/12/2015 10:36:29 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (08/12/2015 09:40:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.17813, time stamp: 0x554a15f3
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x556366f2
Exception code: 0xc0000005
Fault offset: 0x000000000004ada4
Faulting process id: 0x21bc
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3

Error: (08/12/2015 03:59:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 03:58:59 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (08/12/2015 03:58:36 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (08/11/2015 09:08:36 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (08/11/2015 09:08:02 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (08/11/2015 04:25:50 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Service cannot be started. An instance of the service is already running

Error: (08/11/2015 04:25:50 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Service cannot be started. The handle is invalid


System errors:
=============
Error: (08/12/2015 03:57:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/11/2015 04:20:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/11/2015 11:15:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/10/2015 09:58:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/09/2015 11:03:13 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/08/2015 11:04:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (08/08/2015 11:04:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (08/08/2015 09:21:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/07/2015 05:05:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/07/2015 10:17:59 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126


Microsoft Office:
=========================
Error: (08/12/2015 10:37:04 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/12/2015 10:36:29 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/12/2015 09:40:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.17813554a15f3ntdll.dll6.1.7601.18869556366f2c0000005000000000004ada421bc01d0d5046885e11eC:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dlla7e14366-40f7-11e5-a23d-e03f491c27c0

Error: (08/12/2015 03:59:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 03:58:59 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/12/2015 03:58:36 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/11/2015 09:08:36 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/11/2015 09:08:02 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/11/2015 04:25:50 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Service cannot be started. An instance of the service is already running

Error: (08/11/2015 04:25:50 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Service cannot be started. The handle is invalid


==================== Memory info ===========================

Processor: Intel® Core™ i7-4771 CPU @ 3.50GHz
Percentage of memory in use: 26%
Total physical RAM: 16289.32 MB
Available physical RAM: 11891.48 MB
Total Virtual: 32576.84 MB
Available Virtual: 27321.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.47 GB) (Free:43.79 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1642.61 GB) NTFS
Drive f: () (Removable) (Total:7.45 GB) (Free:2.89 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 17CC1B94)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 17CC1B8C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of log ============================

Attached Files


Edited by Oh My!, 12 August 2015 - 04:28 PM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,759 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:10 AM

Posted 12 August 2015 - 04:42 PM

Greetings Delitescent and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Unfortunately there is evidence of pirated software on your computer. If you would like continued help I am going to ask you to remove Microsoft Office Professional Plus 2013 and any other software for which you do not have a valid license. The presence of any pirated software is illegal and hampers our ability to clean your computer. If you are willing to do that let me know when you have completed that and we can continue on. If you prefer to not do that I will be closing the topic.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Delitescent

Delitescent
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 13 August 2015 - 12:01 AM

Thanks so much Gary for your assistance! I have already uninstalled the Microsoft Office as requested. 



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,759 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:10 AM

Posted 13 August 2015 - 09:01 AM

Thank you for your understanding.

Let's start with this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
R2 Updater.exe; C:\Program Files (x86)\KMS Updater\Updater.exe [35328 2014-11-14] (InstallShield) [File not signed] <==== ATTENTION
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
2015-08-12 15:58 - 2015-03-13 14:52 - 00003754 _____ C:\Windows\System32\Tasks\AutoKMS
2015-08-01 13:39 - 2015-03-13 14:51 - 00000482 _____ C:\Windows\Tasks\KMS Updater.job
C:\Users\Owner\AppData\Local\Temp\_isF2B7.exe
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll No File
Task: {1EBD6490-E8D2-41E9-B495-0A4B1E7886D8} - System32\Tasks\KMS Updater => Wscript.exe //nologo //E:jscript //B "C:\Program Files (x86)\KMS Updater\updater.ini"
C:\Program Files (x86)\KMS Updater
Task: {CD5BC996-3934-4CF1-AF41-A53B0FEE96C2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-03-13] ()
Task: C:\Windows\Tasks\KMS Updater.job => Wscript.exe J/nologo /E:jscript /B C:\Program Files (x86)\KMS Updater\updater.ini
C:\Windows\AutoKMS
cmd: ipconfig /flushdns
RemoveProxy:
Hosts:
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Zoek by Smeenk

--------------------
  • Download Zoek and save it to your Desktop
  • Right click the icon, select Run as Admistrator, and wait for the Program to appear on your Desktop (may take 15 seconds or so)
  • Copy and paste the following into the main box

createsrpoint;
autoclean;

  • Verify Scan All Users is selected then click Run Script
  • Do not use your computer while the scan is running
  • When completed a zoek-results.txt report will appear on your desktop. Copy and paste the contents in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • zoek report
  • System Summary Information
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Delitescent

Delitescent
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 13 August 2015 - 10:01 AM

Hi Gary! I am currently running Zoek, after completing the step on FRST. May I know how long it usually take? As I am told not to use the com, I am replying using my phone. A pop up appeared stating "DaS21 has stopped working" while still running Zoek. Do I click "Close program"?

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,759 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:10 AM

Posted 13 August 2015 - 12:17 PM

You can stop Zoek and just post the FRST Fixlog.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Delitescent

Delitescent
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 13 August 2015 - 09:48 PM

Hi Gary! I left my com overnight to run, but there were no results, DaS21 window auto closed by itself, and my Hamachi software appeared. Below is the fixlog for FRST.

Fix result of Farbar Recovery Scan Tool (x64) Version:12-08-2015
Ran by Owner (2015-08-13 22:15:37) Run:1
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Boot Mode: Normal
==============================================

fixlist content:
*****************
R2 Updater.exe; C:\Program Files (x86)\KMS Updater\Updater.exe [35328 2014-11-14] (InstallShield) [File not signed] <==== ATTENTION
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
2015-08-12 15:58 - 2015-03-13 14:52 - 00003754 _____ C:\Windows\System32\Tasks\AutoKMS
2015-08-01 13:39 - 2015-03-13 14:51 - 00000482 _____ C:\Windows\Tasks\KMS Updater.job
C:\Users\Owner\AppData\Local\Temp\_isF2B7.exe
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll No File
Task: {1EBD6490-E8D2-41E9-B495-0A4B1E7886D8} - System32\Tasks\KMS Updater => Wscript.exe //nologo //E:jscript //B "C:\Program Files (x86)\KMS Updater\updater.ini"
C:\Program Files (x86)\KMS Updater
Task: {CD5BC996-3934-4CF1-AF41-A53B0FEE96C2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-03-13] ()
Task: C:\Windows\Tasks\KMS Updater.job => Wscript.exe J/nologo /E:jscript /B C:\Program Files (x86)\KMS Updater\updater.ini
C:\Windows\AutoKMS
cmd: ipconfig /flushdns
RemoveProxy:
Hosts:
*****************

Updater.exe => Service stopped successfully.
Updater.exe => service removed successfully
EagleX64 => service removed successfully
GGSAFERDriver => service removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully.
C:\Windows\Tasks\KMS Updater.job => moved successfully.
C:\Users\Owner\AppData\Local\Temp\_isF2B7.exe => moved successfully.
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}" => key removed successfully
"HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EBD6490-E8D2-41E9-B495-0A4B1E7886D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EBD6490-E8D2-41E9-B495-0A4B1E7886D8}" => key removed successfully
C:\Windows\System32\Tasks\KMS Updater => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMS Updater" => key removed successfully
C:\Program Files (x86)\KMS Updater => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CD5BC996-3934-4CF1-AF41-A53B0FEE96C2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD5BC996-3934-4CF1-AF41-A53B0FEE96C2}" => key removed successfully
C:\Windows\System32\Tasks\AutoKMS not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully
C:\Windows\Tasks\KMS Updater.job not found.
C:\Windows\AutoKMS => moved successfully.

=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.

==== End of Fixlog 22:15:40 ====


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,759 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:10 AM

Posted 13 August 2015 - 09:55 PM

Thank you.

Please do this.

===================================================

Farbar's Recovery Scan Tool Search

--------------------
  • Launch FRST
  • Copy/paste the following in the Search Field
*DaS21*
  • Click Search File(s) button
  • When completed click OK and a Search.txt document will open on your desktop
  • Copy and paste the contents of that document your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Search.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Delitescent

Delitescent
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 13 August 2015 - 10:41 PM

Hi Gary!

Farbar Recovery Scan Tool (x64) Version:12-08-2015
Ran by Owner (2015-08-14 11:41:05)
Running from C:\Users\Owner\Desktop
Boot Mode: Normal

================== Search Files: "*DaS21*" =============

====== End of Search ======


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,759 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:10 AM

Posted 14 August 2015 - 08:28 AM

Let me know if you get anymore DaS21 errors.

 

Can you update me on your computer performance?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Delitescent

Delitescent
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 14 August 2015 - 09:36 AM

The DaS21 error only appeared while running Zoek.

 

But, good news Gary, the google search has revert back to normal, the proxy setting's loopback is now gone.

 

There is another issue though, sometimes while playing League of Legends or DOTA2, the window will automatically "alt tab" out to the existing window or desktop. I think it often happens when I am in full screen mode. Do you mind assisting me in this too? 

 

I am wondering whether could it be due to me installing Bluestacks in my com.


Edited by Delitescent, 14 August 2015 - 09:39 AM.


#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,759 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:10 AM

Posted 14 August 2015 - 09:39 AM

Glad to hear we are making progress. We cleaned house on the proxy issue.

I don't mind helping at all. Let's take a fresh look at a FRST scan. Please run that and make sure Addition.txt is checked. No need to copy/paste in a code box, just paste it directly into your reply.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Delitescent

Delitescent
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 14 August 2015 - 10:09 AM

Thank you so much Gary!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015
Ran by Owner (administrator) on OWNER-PC (14-08-2015 23:07:51)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
( ) C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\FOXBAT Gaming Mouse\mousehid.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\MSI Gaming Series\Interceptor DS200\MSIMon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.41.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.41.0\OverwolfHelper64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Akamai Technologies, Inc.) C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.41.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.41.0\OverwolfBrowser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [GamingMouseG7] => C:\Program Files (x86)\FOXBAT Gaming Mouse\mousehid.exe [741376 2012-06-03] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-28] (Raptr, Inc)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [MsiDS200gmmouseRun] => C:\Program Files (x86)\MSI Gaming Series\Interceptor DS200\msimon.exe [3710464 2013-12-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [10014656 2015-08-06] ()
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-08-09] (Overwolf LTD)
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Run: [Dropbox Update] => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://xin.msn.com/?ocid=iehp
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{E70CEDE7-4418-4E05-88A7-D2352957DBE0}: [NameServer] 192.241.222.103
Tcpip\..\Interfaces\{E70CEDE7-4418-4E05-88A7-D2352957DBE0}: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2015-01-16] ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-09]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-09]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-09]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-09]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-09]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-17] (BlueStack Systems, Inc.)
R3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-17] (BlueStack Systems, Inc.)
R3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 mitsijm2013; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [339776 2012-01-31] ( )
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [995568 2015-08-09] (Overwolf LTD)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-17] (BlueStack Systems)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 GM3305Fltr; C:\Windows\System32\drivers\GM3305Fltr.sys [9600 2012-03-28] (LXD Development, Inc.)
S3 GM3305Fltr; C:\Windows\SysWOW64\drivers\GM3305Fltr.sys [8064 2012-03-28] (LXD Development, Inc.) [File not signed]
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [990864 2012-09-29] (Realtek Semiconductor Corporation                           )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-14 11:41 - 2015-08-14 11:41 - 00000236 _____ C:\Users\Owner\Desktop\Search.txt
2015-08-14 03:16 - 2015-08-14 03:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-14 03:16 - 2015-08-14 03:16 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-13 22:21 - 2015-08-13 22:21 - 00000414 _____ C:\zoek-results.log
2015-08-13 22:20 - 2015-08-13 22:22 - 00000450 _____ C:\runcheck.txt
2015-08-13 22:20 - 2015-08-13 22:20 - 00000000 ____D C:\zoek_backup
2015-08-13 22:17 - 2015-08-13 22:17 - 01308672 _____ C:\Users\Owner\Desktop\zoek.exe
2015-08-13 22:15 - 2015-08-13 22:15 - 01308672 _____ C:\Users\Owner\Downloads\Unconfirmed 458759.crdownload
2015-08-13 22:13 - 2015-08-13 22:13 - 00000000 ____D C:\Users\Owner\Desktop\FRST-OlderVersion
2015-08-13 13:06 - 2015-06-10 02:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-08-13 13:06 - 2015-06-10 02:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-08-13 01:15 - 2015-07-30 21:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 01:15 - 2015-07-30 21:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 00:35 - 2015-08-13 00:35 - 00089806 _____ C:\Users\Owner\Desktop\Addition.txt
2015-08-13 00:34 - 2015-08-14 23:07 - 00018148 _____ C:\Users\Owner\Desktop\FRST.txt
2015-08-13 00:33 - 2015-08-14 23:07 - 00000000 ____D C:\FRST
2015-08-13 00:33 - 2015-08-13 22:13 - 02173952 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2015-08-12 22:55 - 2015-08-12 22:55 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-12 16:15 - 2015-07-10 01:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 16:15 - 2015-07-10 01:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 16:15 - 2015-07-10 01:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 16:15 - 2015-07-02 04:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 16:15 - 2015-07-02 04:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 16:15 - 2015-07-02 04:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 16:15 - 2015-07-02 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 16:15 - 2015-05-10 02:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-08 23:04 - 2015-08-08 23:04 - 00000000 ____D C:\Users\Owner\AppData\Local\CEF
2015-08-07 10:15 - 2015-08-07 10:15 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-07 10:15 - 2015-08-07 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-07 10:15 - 2015-08-07 10:15 - 00000000 ____D C:\Program Files\iTunes
2015-08-07 10:15 - 2015-08-07 10:15 - 00000000 ____D C:\Program Files\iPod
2015-08-07 10:15 - 2015-08-07 10:15 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-07 10:13 - 2015-08-07 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-07 10:13 - 2015-08-07 10:13 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-30 22:21 - 2015-08-01 15:57 - 00004958 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Owner-PC-Owner Owner-PC
2015-07-23 18:31 - 2015-07-15 11:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-23 18:31 - 2015-07-15 11:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-23 18:31 - 2015-07-15 11:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-23 18:31 - 2015-07-15 11:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-23 18:31 - 2015-07-15 10:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-23 18:31 - 2015-07-15 10:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-23 18:31 - 2015-07-15 10:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-23 18:31 - 2015-07-15 10:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-23 18:31 - 2015-07-15 09:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-23 18:31 - 2015-07-15 09:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 23:18 - 2015-07-05 02:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 23:18 - 2015-07-05 01:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 23:18 - 2015-06-25 16:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 23:18 - 2015-06-18 01:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 23:18 - 2015-06-18 01:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 23:18 - 2015-06-02 08:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 23:18 - 2015-06-02 07:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 23:18 - 2015-04-28 03:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 23:18 - 2015-04-28 03:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 23:18 - 2015-04-28 03:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 23:18 - 2015-04-28 03:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 23:18 - 2015-04-28 03:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 23:18 - 2015-04-28 03:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 23:18 - 2015-04-28 03:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 23:18 - 2015-04-28 03:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-14 23:07 - 2015-06-19 10:09 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000UA.job
2015-08-14 23:04 - 2014-05-07 17:36 - 01847837 _____ C:\Windows\WindowsUpdate.log
2015-08-14 22:48 - 2014-07-09 23:02 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-14 22:41 - 2009-07-14 12:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-14 22:41 - 2009-07-14 12:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-14 22:35 - 2009-07-14 13:13 - 00783606 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-14 22:32 - 2014-05-09 11:08 - 00000000 ____D C:\Users\Owner\AppData\Roaming\GarenaPlus
2015-08-14 22:32 - 2014-05-09 11:07 - 00000000 ____D C:\ProgramData\GarenaMessenger
2015-08-14 22:30 - 2014-12-23 11:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Raptr
2015-08-14 22:30 - 2014-10-03 22:32 - 00000000 ____D C:\Users\Owner\AppData\Local\Akamai
2015-08-14 22:29 - 2015-01-10 14:41 - 00000000 ____D C:\Users\Owner\AppData\Local\LogMeIn Hamachi
2015-08-14 22:29 - 2015-01-07 10:18 - 00024056 _____ C:\Windows\setupact.log
2015-08-14 22:29 - 2014-05-09 23:23 - 00000000 ___RD C:\Users\Owner\Dropbox
2015-08-14 22:29 - 2014-05-09 23:21 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Dropbox
2015-08-14 22:29 - 2014-05-09 11:23 - 00000000 ____D C:\Users\Owner\AppData\Local\Overwolf
2015-08-14 22:29 - 2014-05-09 11:08 - 00003476 _____ C:\Windows\System32\Tasks\gg_uac_daemon_Owner
2015-08-14 22:29 - 2014-05-09 10:16 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-14 22:29 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-14 12:23 - 2014-05-09 10:16 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-14 03:15 - 2010-11-21 11:47 - 00334760 _____ C:\Windows\PFRO.log
2015-08-14 03:15 - 2009-07-14 12:45 - 00538680 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 22:21 - 2009-07-14 13:32 - 00000000 ____D C:\Windows\system32\restore
2015-08-13 22:12 - 2014-07-26 18:09 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-13 20:53 - 2014-05-09 11:26 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-08-13 20:07 - 2015-06-19 10:09 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000Core.job
2015-08-13 13:30 - 2014-05-09 11:08 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2015-08-13 13:04 - 2014-05-07 17:45 - 00159504 _____ C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-13 12:57 - 2014-08-23 13:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 12:57 - 2014-08-23 13:16 - 00000000 ____D C:\Program Files\Microsoft Office
2015-08-13 12:57 - 2014-08-23 13:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-08-13 12:57 - 2009-07-14 11:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-08-13 12:56 - 2011-04-12 16:28 - 00000000 ____D C:\Windows\ShellNew
2015-08-13 12:56 - 2009-07-14 11:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-13 12:56 - 2009-07-14 10:34 - 00000387 _____ C:\Windows\win.ini
2015-08-13 01:12 - 2014-05-10 11:42 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 01:10 - 2014-05-10 11:42 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-13 00:48 - 2014-07-09 23:02 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-13 00:48 - 2014-07-09 23:02 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-13 00:48 - 2014-07-09 23:02 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 00:36 - 2015-03-13 14:42 - 00000000 ____D C:\Users\Owner\Desktop\Applications
2015-08-12 00:35 - 2014-09-12 21:04 - 00000072 _____ C:\Users\Public\LMDebug.log
2015-08-11 23:18 - 2014-05-09 15:55 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2015-08-10 23:02 - 2014-05-09 15:55 - 00000000 ____D C:\ProgramData\Skype
2015-08-09 12:18 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-07 10:33 - 2014-05-09 11:35 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Apple Computer
2015-08-07 10:15 - 2015-04-15 22:20 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-08-07 10:15 - 2014-05-09 11:35 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-03 12:12 - 2015-02-21 14:18 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-30 22:16 - 2014-12-23 11:14 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-25 14:36 - 2014-08-11 15:25 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-25 14:30 - 2015-05-13 16:14 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-07-18 20:02 - 2015-06-19 10:09 - 00003888 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000UA
2015-07-18 20:02 - 2015-06-19 10:09 - 00003492 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000Core
2015-07-18 13:04 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\rescache
2015-07-18 12:18 - 2014-05-09 10:16 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-18 12:18 - 2014-05-09 10:16 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-18 11:32 - 2014-09-02 20:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-18 11:31 - 2014-12-29 16:13 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
 
==================== Files in the root of some directories =======
 
2014-10-02 12:47 - 2014-10-02 12:47 - 0045270 _____ () C:\Users\Owner\AppData\Roaming\room_v3.dat
2014-05-07 17:42 - 2014-05-07 17:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\7za.exe
C:\Users\Owner\AppData\Local\Temp\DaS_21.exe
C:\Users\Owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpalro_g.dll
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150602to20150707.exe
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150707to20150715.exe
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150715to20150720.exe
C:\Users\Owner\AppData\Local\Temp\hijackthis.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150616to150630.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150630to150714v2.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150714to150724.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150724to150729.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150729to150807.exe
C:\Users\Owner\AppData\Local\Temp\NirCmd.exe
C:\Users\Owner\AppData\Local\Temp\PEVZ.EXE
C:\Users\Owner\AppData\Local\Temp\remove.exe
C:\Users\Owner\AppData\Local\Temp\sed.exe
C:\Users\Owner\AppData\Local\Temp\shortcut.exe
C:\Users\Owner\AppData\Local\Temp\swreg.exe
C:\Users\Owner\AppData\Local\Temp\swxcacls.exe
C:\Users\Owner\AppData\Local\Temp\wget.exe
C:\Users\Owner\AppData\Local\Temp\zoek-delete.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-12 19:53
 
==================== End of log ============================
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-08-2015
Ran by Owner (2015-08-14 23:08:05)
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3722524699-659615659-2524836741-500 - Administrator - Disabled)
Guest (S-1-5-21-3722524699-659615659-2524836741-501 - Limited - Disabled)
Owner (S-1-5-21-3722524699-659615659-2524836741-1000 - Administrator - Enabled) => C:\Users\Owner
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version:  - Trion Worlds, Inc.)
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk Inventor 2013 Quick Uninstaller (HKLM\...\{D25FF5C1-1764-469A-9794-69309387C193}) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Content Center Libraries 2013 (Desktop Content) (HKLM\...\{B46DECD1-1764-4EF1-0000-22D71E81877C}) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2013 Add-in (HKLM\...\{08BCFE15-8AA1-4A58-B018-4FEF486BA922}) (Version: 1.0.0.111 - Autodesk)
Autodesk Inventor Professional 2013 (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2013 English (HKLM\...\Autodesk Inventor Professional 2013) (Version: 17.0.13800.0000 - Autodesk)
Autodesk Inventor Professional 2013 English Language Pack (Version: 17.0.13800.0000 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2013 (HKLM-x32\...\{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Autodesk Vault Basic 2013 (Client) (HKLM-x32\...\Autodesk Vault Basic 2013 (Client)) (Version: 17.0.61.0 - Autodesk)
Autodesk Vault Basic 2013 (Client) (Version: 17.0.61.0 - Autodesk) Hidden
Autodesk Vault Basic 2013 (Client) English Language Pack (Version: 17.0.61.0 - Autodesk) Hidden
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{79809712-A577-4B8C-A9FC-51945690C7DC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-3722524699-659615659-2524836741-1000\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
DWG TrueView 2013 (HKLM\...\DWG TrueView 2013) (Version: 19.0.55.0 - Autodesk)
DWG TrueView 2013 (Version: 19.0.55.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2013 (HKLM\...\{792A9A32-718A-40D1-9867-A903F76AE2F8}) (Version: 3.9.12.0 - Granta Design Limited)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
FOXBAT Gaming Mouse (HKLM-x32\...\{B1669080-7C2D-4BA9-AB6F-FD6A4B0CE8AF}) (Version: 1.00 - Gaming Mouse)
Garena - FIFA ONLINE 3(English) (HKLM-x32\...\FO3) (Version:  - Garena Online Pte Ltd.)
Garena - League of Legends (HKLM-x32\...\LoL) (Version:  - Garena Online Pte Ltd.)
Garena Plus (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft (HKLM-x32\...\{63227E62-F417-497E-9060-22B3A9A52D7A}) (Version: 1.0.1.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Interceptor DS200 Gaming Mouse (HKLM-x32\...\{9CE89B74-59E2-4215-98B1-7A9913E33600}_is1) (Version: 1.1 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.88.41.0 - Overwolf Ltd.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.20.00(16/1/2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.5.0 - Samsung Electronics Co., Ltd.)
Samsung M283x Series (HKLM-x32\...\Samsung M283x Series) (Version: 1.01 (5/2/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
View User's Guide (HKLM-x32\...\View User Guide) (Version: 3.60.44.0 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2013\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2013\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3722524699-659615659-2524836741-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
13-08-2015 22:21:55 zoek.exe restore point
14-08-2015 03:00:10 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2015-08-13 22:15 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {312E35F4-A301-4A14-868E-BBC6E71743BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-09] (Google Inc.)
Task: {687B1AD4-376C-442C-B1D9-4628C332CCEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13] (Adobe Systems Incorporated)
Task: {6E3CD872-0CE9-4C51-81E7-7FC2DAFA2AF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-09] (Google Inc.)
Task: {903F1902-40F2-43AA-9C79-B00B2CDAAEA4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B0ADD317-F319-44B0-B8D2-2A0A92AE3E6A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000UA => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {B2A91D28-865A-4AA4-B2C3-2CF02D4B6FD9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Owner-PC-Owner Owner-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe
Task: {D1A5789C-CFC7-440F-8458-4EC0D0E1E273} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000Core => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {D7421622-6BC7-4382-BC23-EF2E925E8AC4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E43527D8-527D-4CC2-AAB7-E4CE21AE17F1} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-08-09] (Overwolf LTD)
Task: {F0E06732-D655-4AC9-AEA3-AD4F47B1B587} - System32\Tasks\gg_uac_daemon_Owner => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2015-01-20] ()
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000Core.job => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3722524699-659615659-2524836741-1000UA.job => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-09-12 20:55 - 2013-11-29 20:36 - 00034304 _____ () C:\Windows\System32\ssk5mlm.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-07 17:49 - 2013-05-07 15:45 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2014-04-29 17:28 - 2015-01-20 20:20 - 00055896 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-04-29 17:28 - 2015-08-06 19:30 - 10014656 _____ () C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
2014-05-10 18:23 - 2012-06-03 20:37 - 00741376 _____ () C:\Program Files (x86)\FOXBAT Gaming Mouse\mousehid.exe
2015-06-11 20:43 - 2013-12-10 17:18 - 03710464 _____ () C:\Program Files (x86)\MSI Gaming Series\Interceptor DS200\MSIMon.exe
2014-05-07 17:49 - 2015-08-14 22:29 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-05-07 17:49 - 2013-05-07 15:45 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-04-29 17:28 - 2015-08-01 17:07 - 01089472 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00111192 _____ () C:\Program Files (x86)\Garena Plus\CommonLib.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00040024 _____ () C:\Program Files (x86)\Garena Plus\DibModule.dll
2014-04-29 17:28 - 2015-08-11 17:12 - 00040896 _____ () C:\Program Files (x86)\Garena Plus\VersionModule.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00057944 _____ () C:\Program Files (x86)\Garena Plus\FileLoader.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00093784 _____ () C:\Program Files (x86)\Garena Plus\PluginKernel.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00493656 _____ () C:\Program Files (x86)\Garena Plus\CxImage.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00031832 _____ () C:\Program Files (x86)\Garena Plus\PluginModule.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00177240 _____ () C:\Program Files (x86)\Garena Plus\lib\fs\YYFileSystem.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00380504 _____ () C:\Program Files (x86)\Garena Plus\lib\Http.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00191064 _____ () C:\Program Files (x86)\Garena Plus\lib\MP3Module.dll
2012-02-22 16:52 - 2012-02-22 16:52 - 00162304 _____ () C:\Program Files (x86)\Garena Plus\lame_enc.DLL
2014-04-29 17:29 - 2015-01-20 20:20 - 00226392 _____ () C:\Program Files (x86)\Garena Plus\lib\TaskManagerLib.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00112728 _____ () C:\Program Files (x86)\Garena Plus\lib\UILayout.dll
2014-04-29 17:29 - 2015-05-27 12:47 - 00965056 _____ () C:\Program Files (x86)\Garena Plus\lib\XLL.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00061528 _____ () C:\Program Files (x86)\Garena Plus\lib\XmlUIModule.dll
2012-02-22 16:52 - 2012-02-22 16:52 - 00573100 _____ () C:\Program Files (x86)\Garena Plus\sqlite3.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00231000 _____ () C:\Program Files (x86)\Garena Plus\Plugins\StatsPlugin.dll
2014-04-29 17:28 - 2015-08-06 19:31 - 01507264 _____ () C:\Program Files (x86)\Garena Plus\Plugins\ggplugin.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00199256 _____ () C:\Program Files (x86)\Garena Plus\ImageModule.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00161880 _____ () C:\Program Files (x86)\Garena Plus\libmpg123.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 02947672 _____ () C:\Program Files (x86)\Garena Plus\ggdownloader.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00072280 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\AudioMixerLib.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00023128 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\ClientTcp.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 01551960 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\FileSender.dll
2013-02-01 13:42 - 2013-02-01 13:42 - 00153088 _____ () C:\Program Files (x86)\Garena Plus\libzmq.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00962648 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\GaFileTransfer.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00251480 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\MediaEngine.dll
2014-04-29 17:28 - 2015-01-20 20:20 - 00032856 _____ () C:\Program Files (x86)\Garena Plus\ServerMemAlloc.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00523352 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\RSALib.dll
2014-04-29 17:29 - 2015-01-20 20:20 - 00074840 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\UdtLib.dll
2015-08-09 20:05 - 2015-08-09 20:05 - 00025600 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\CoreAudioApi.dll
2015-08-09 20:05 - 2015-08-09 20:05 - 40555008 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\libcef.DLL
2015-08-09 20:06 - 2015-08-09 20:06 - 00152816 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\OWGameEventsConsumer.dll
2015-08-14 22:29 - 2015-08-14 22:29 - 00071168 _____ () c:\users\owner\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpalro_g.dll
2015-03-05 05:45 - 2015-08-06 04:49 - 00012800 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-05 05:45 - 2015-08-06 04:49 - 00779776 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-01 09:26 - 2015-08-06 04:49 - 00056320 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-05 05:45 - 2015-08-06 04:49 - 00012288 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-06-11 20:43 - 2011-01-27 00:53 - 00028160 _____ () C:\Program Files (x86)\MSI Gaming Series\Interceptor DS200\uiHook.dll
2010-11-23 06:56 - 2010-11-23 06:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 06:56 - 2010-11-23 06:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 06:56 - 2010-11-23 06:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 07:26 - 2014-05-14 07:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 07:26 - 2014-05-14 07:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 07:26 - 2014-05-14 07:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 07:26 - 2014-05-14 07:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 06:57 - 2010-11-23 06:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 06:56 - 2010-11-23 06:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 06:56 - 2010-11-23 06:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 06:56 - 2010-11-23 06:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 06:57 - 2010-11-23 06:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 06:57 - 2010-11-23 06:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 06:56 - 2010-11-23 06:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-16 02:17 - 2011-02-16 02:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 06:57 - 2010-11-23 06:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 07:26 - 2014-05-14 07:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 06:56 - 2010-11-23 06:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 06:56 - 2010-11-23 06:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 08:37 - 2014-08-14 08:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 08:37 - 2014-08-14 08:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2013-11-21 08:05 - 2013-11-21 08:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 06:56 - 2010-11-23 06:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 06:56 - 2010-11-23 06:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 06:57 - 2010-11-23 06:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 06:56 - 2010-11-23 06:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-23 06:57 - 2010-11-23 06:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 08:56 - 2014-06-18 08:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-16 02:17 - 2011-02-16 02:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 07:06 - 2010-11-23 07:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 07:52 - 2013-05-10 07:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 07:52 - 2013-05-10 07:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 07:52 - 2013-05-10 07:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-04 02:57 - 2013-05-04 02:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-04 02:56 - 2013-05-04 02:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-04 02:56 - 2013-05-04 02:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-04 02:57 - 2013-05-04 02:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-04 02:56 - 2013-05-04 02:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-04 02:57 - 2013-05-04 02:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-04 02:57 - 2013-05-04 02:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-04 02:57 - 2013-05-04 02:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-04 02:57 - 2013-05-04 02:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-08-13 13:24 - 2015-08-08 08:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-13 13:24 - 2015-08-08 08:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2014-05-07 17:43 - 2013-09-03 16:53 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-08-09 20:05 - 2015-08-09 20:05 - 00985088 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\ffmpegsumo.dll
2015-08-13 00:48 - 2015-08-13 00:48 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Owner\Desktop\Applications:com.dropbox.attributes
AlternateDataStreams: C:\Users\Owner\Desktop\Dot Arena Videos:com.dropbox.attributes
AlternateDataStreams: C:\Users\Owner\Desktop\VIDEO0017.mp4:com.dropbox.attributes
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3722524699-659615659-2524836741-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.241.222.103
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{52CEF8EE-29E1-441C-A6ED-9BD136CAE823}] => (Allow) C:\Program Files (x86)\Garena Plus\ggdllhost.exe
FirewallRules: [{3E956C2A-D1F0-486A-B246-50A285788348}] => (Allow) C:\GarenaDownload\Games\fo3\fo3Installer.exe
FirewallRules: [{E0B38635-F0FC-4E6F-AB12-557153112F69}] => (Allow) C:\GarenaDownload\Games\fo3\fo3Installer.exe
FirewallRules: [TCP Query User{3EDFBAE6-1D3A-4442-A4D3-267C944BC358}C:\users\owner\appdata\local\temp\gw2.exe] => (Allow) C:\users\owner\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{A0C1B567-5247-44DA-9317-9B70D9CF6928}C:\users\owner\appdata\local\temp\gw2.exe] => (Allow) C:\users\owner\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{72D123EC-04DC-4420-AA8C-2371979A02FB}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{82655C2C-2209-4897-B1AC-054365F6A04E}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{7CB393AC-861B-4045-BA93-071D10BCCF55}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1591F2EF-B6AF-4C5B-8008-DADDC87B66BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{723AD9CC-8036-493C-B3B5-15D126A302FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AFA76F47-205B-425A-89D1-6D6C09F08FF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6F63DCCA-BEAA-408A-AAAD-D4EC1292BDD8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{94376F5C-59CC-4FBF-9232-11378AC3A28A}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{96F146FE-96B4-4B96-A76F-D329DB46D00C}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{5B03C5C3-5960-40AF-92F9-1A0580472C09}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{E3B5A3B4-470C-4AC7-A6DF-CF9CDF0B0B4F}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{7673DB96-EF09-4186-8F0D-7E40D2108F17}] => (Allow) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C61F73EE-4867-4A97-8CB7-66380F09F8A3}] => (Allow) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F9526446-88B2-4AEC-B3C1-3991F7F05068}] => (Allow) C:\Program Files (x86)\GarenaFO3\GameData\Apps\FO3\fifazf.exe
FirewallRules: [{627AB318-A686-47F0-B68F-0F9C8365C7A6}] => (Allow) C:\Program Files (x86)\GarenaFO3\GameData\Apps\FO3\fifazf.exe
FirewallRules: [TCP Query User{5BA41ED1-200E-4BBE-8B10-8410F75F6096}C:\program files (x86)\garena plus\updatemanager.exe] => (Allow) C:\program files (x86)\garena plus\updatemanager.exe
FirewallRules: [UDP Query User{BC0C2D97-D458-40CD-AC1C-071C2FF4918E}C:\program files (x86)\garena plus\updatemanager.exe] => (Allow) C:\program files (x86)\garena plus\updatemanager.exe
FirewallRules: [{959B337C-5644-4E85-BAA4-64516D6F9514}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0A058CA5-39CC-4199-9305-C68948BD4E3B}] => (Allow) LPort=2869
FirewallRules: [{1C5B1C0B-2338-4A31-800F-FB43E56E8F52}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{1A8B4845-3B4B-4490-A47D-3382D4F4AB55}C:\program files (x86)\garena plus\garenamessenger.exe] => (Allow) C:\program files (x86)\garena plus\garenamessenger.exe
FirewallRules: [UDP Query User{FE8E2EE3-1127-4F50-B59F-1C6DE144DA5E}C:\program files (x86)\garena plus\garenamessenger.exe] => (Allow) C:\program files (x86)\garena plus\garenamessenger.exe
FirewallRules: [{11AF2F19-670E-4EDF-B4C5-C8FCA4F9D303}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{098A97B1-03FC-44EB-9E2D-0AC768B7426D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D9950AD7-D6A2-4625-BA8D-94FC41FC8DEC}] => (Allow) C:\GarenaDownload\Games\lol\LoLInstaller.exe
FirewallRules: [{B6D875B2-AC1C-4B2E-A50D-FCA224EC5668}] => (Allow) C:\GarenaDownload\Games\lol\LoLInstaller.exe
FirewallRules: [{32C49CDA-7BA8-4113-B460-6A92D43BC7A8}] => (Allow) LPort=8370
FirewallRules: [{BB6BA00C-97E0-40B3-8E02-681452370337}] => (Allow) LPort=8370
FirewallRules: [{3D1D7CEE-35D8-41A9-9519-C56E70727871}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Air\LolClient.exe
FirewallRules: [{4DE780F9-3928-4412-885F-AF826E54E69C}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Air\LolClient.exe
FirewallRules: [{1A37AE5F-5FF5-4227-9872-706F123DC25B}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Game\League of Legends.exe
FirewallRules: [{D3A3BB22-2077-449C-AA01-11100AD05AB5}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Game\League of Legends.exe
FirewallRules: [{F5E2274C-1504-4ED8-B617-C6D9413C54E6}] => (Allow) LPort=6901
FirewallRules: [{DB09A3B0-FAE6-4EB4-9C90-A7FB1AD07038}] => (Allow) LPort=6901
FirewallRules: [{ED337F98-9BCE-44D5-B13F-2905A1445E30}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{3B4418D7-6D58-496E-927B-EADA1D89B642}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0532065D-3A76-42B2-A767-48B63F77D151}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{12FE20F6-9B85-4014-B9A7-73B0A376FE02}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9CB5DC6C-2280-4AB7-9560-B38AE2F8E321}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{2C4EFD1C-DE8C-406A-AC51-6ED268246F5F}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{E8CB3671-03E1-4030-8949-6439BE9BBCA3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{A233BD30-6C0A-400A-A915-BE9F034A5F94}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{101E0EB4-A616-407D-9BAE-301388D790D2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{9295DD75-9E8E-4103-B654-39A47B36A008}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{10728CD4-D82A-496C-A770-671005058508}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{66098620-64DE-4CA2-A12C-18BFF41F2963}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{DBC0ECD2-9056-4A6A-823C-2FFAA42BD15C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{627EBA4C-78D9-41A8-A079-F8FA61744D4D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{F8CB8B85-2C04-4331-9AFF-3EACD94A77D0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{AC8C08B6-B33A-49C1-8748-5767E74A1BDD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2A4DA3BB-EE69-47D2-A3F3-1F292802544F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{4E187FEF-765B-483A-AD11-10C1CEFA7953}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{092BC729-430D-4E00-9DE0-8589096BF89A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{FC9315CF-E593-4ED9-9F51-0ED1A5F9B9D1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{AF61583B-0240-4DA2-8F96-2AED5D2283CD}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{399925E7-1139-4C7F-959F-51EC7A76B692}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [TCP Query User{6615366C-61D2-4B2D-BB07-DEA659E9C06E}C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{C549153A-550F-4562-A582-7A43C7951166}C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{9D13D38F-9347-4236-8758-C9E00716D98C}] => (Allow) LPort=6994
FirewallRules: [{6170F78B-C714-4DAF-AC8D-A74C3875A637}] => (Allow) LPort=6994
FirewallRules: [{760649FA-18F4-4B35-A7D4-9A363AA5238D}] => (Allow) LPort=6899
FirewallRules: [{211A5A3A-9E1C-47D3-90C8-A6063C1DD627}] => (Allow) LPort=6899
FirewallRules: [{FE15004D-EBB1-4280-A946-C102F6B491BB}] => (Allow) C:\Program Files (x86)\Garena Plus\Room\garena_room.exe
FirewallRules: [TCP Query User{CE62E283-1DD5-49F7-8F9A-26ACB747E1B9}C:\users\owner\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\owner\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{AE42C7C7-9970-4FC3-BA89-65EDDB0B3069}C:\users\owner\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\owner\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{76E910F9-ECDC-400B-BDAA-5F902EB1CB3A}C:\users\owner\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\owner\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{1560E06D-D806-4677-B28D-40238A26B9B7}C:\users\owner\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\owner\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D57A6569-33AC-4FDF-8C6C-79D968D7DC7D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CEE980F1-7532-47D6-BB01-6AEC870E40BB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CA5C0696-244E-4910-B37B-28CB99956C9D}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D6F0A1D1-1EAE-4AFD-BF8B-AB245DB3DE60}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{967C475D-01EA-4D56-A413-AFDAA006A074}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{0D8E7C91-8B07-41FF-8C58-034E8F417BC9}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{DE8F85F8-368F-4295-A498-144489C2AB9B}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Allow) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [UDP Query User{2BEC613F-9EBF-405D-8CD1-B0D610038FBE}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Allow) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [{077C5C6D-C5B3-4C0F-9B5C-895E207A5361}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{41DBB670-E449-45EA-BC9F-6319B20D7B2F}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{21546CAF-D249-4C07-84AF-99CD7768D798}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{BF49AACB-13A6-4403-9D41-505C56E80BDD}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E30A0F0F-36F9-4020-BB49-C10D1B86C299}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9FCC1BF8-9243-4E93-AEB7-66F2975EB342}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{E49262D7-E7D5-4FDF-9EA5-FF99D10CEB1E}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{0F487A2A-5DE2-4926-AD80-3551B85A6661}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{2F7D8784-71D3-40D1-9842-44418553B108}] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{3ED145BD-D7DF-4C7B-B1BA-7B4ED6CB395E}] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{E0B4B3A1-438D-40BA-AA83-C739C042BBEF}] => (Allow) C:\Program Files (x86)\GarenaFO3\GameData\Apps\FO3\fifazf.exe
FirewallRules: [{03845EC4-45D0-4FAE-9F64-24566D950739}] => (Allow) C:\Program Files (x86)\GarenaFO3\GameData\Apps\FO3\fifazf.exe
FirewallRules: [{4F6B1851-42ED-4043-AB40-2E631F73EC6E}] => (Allow) LPort=8370
FirewallRules: [{559C331B-120B-454B-AB04-2B7DAC9E2627}] => (Allow) LPort=8370
FirewallRules: [{0C95BCF0-2C12-4D22-AF6B-62B252558C88}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Air\LolClient.exe
FirewallRules: [{30649E3B-2834-4E80-AC53-B5300B14BC5B}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Air\LolClient.exe
FirewallRules: [{FDF9E695-36FD-461F-B76A-EFDD51B6DDC5}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Game\League of Legends.exe
FirewallRules: [{D6B6B215-7A76-44CB-AFFF-92271404E0DD}] => (Allow) C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Game\League of Legends.exe
FirewallRules: [TCP Query User{D680067D-E5EB-4324-AA41-FDDDE98D4502}D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{C974E6A9-AEC2-44EF-AF9E-D1B3A534FE2F}D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D3F752FD-DF48-4E7C-A11A-348D15DF2DB8}] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{311990B5-64CD-464B-A86D-47A70C26A387}] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{6FF54967-83A2-4E7F-9644-CC739CF902B3}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{E1402245-C2D6-4292-BA51-E5A8E088C4E1}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{D56ECFF7-F826-4E00-B4BF-2A60490ABBE4}] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{987C2889-1268-4663-BE62-BE5F78F60C26}] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{BA823E36-1079-4B25-9759-8BA2FE203EE3}] => (Allow) LPort=6882
FirewallRules: [{F7DDF42F-52CB-491F-8BD2-B8972C1F9C0D}] => (Allow) LPort=6882
FirewallRules: [{D4FB757E-FFE3-4130-96C7-49992277C312}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3B28EAA7-E9B3-4C87-86ED-97919931A714}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5171CA7F-CB4A-4EE1-87CC-12C953957829}] => (Allow) D:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
FirewallRules: [{5225906E-78F6-43C8-86A5-A140DAAD4535}] => (Allow) D:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
FirewallRules: [{FD657466-82E1-4EB6-A748-888E0BC6BC4C}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{2218AC6C-BC7A-4E90-837D-3D091837BEFC}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{A615844E-D940-4D2B-9F1C-BD1763776237}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{D3DBACEF-D376-41B0-AF63-A5A9F5A040D1}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{06F4FC03-F9BA-4E2D-8612-90146E9FFFA6}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{481072B5-EF66-466B-9B29-DB4D7D5BA8C9}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{2FB05C51-DF79-46D7-9C2A-E849FE001889}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{B5CD7D74-401E-4D67-AA36-DE52754AF34D}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{BBCD8819-475F-4F9F-896A-1A408ADC4314}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{666A173C-4C27-472C-BF83-C1D787DB28C2}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{8CED9629-7ADB-4449-A6AA-B1ED1201916E}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{91D456E8-248B-42DF-8E40-9B8573C3B274}] => (Allow) D:\Program Files\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{C85968F4-AAFE-4F8E-A12A-9AA500842DD7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0565E540-C42A-492E-8136-05161A593A53}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{8C1E08E2-8961-42A2-B6A2-D04F73055A8B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{360E7B22-86D2-424E-BFC9-420D98D321BC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6A23B5C8-5CB5-4EDC-8747-562F3887EAD4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EA0A3866-3633-4EB8-8A91-1E6CDC34FEFD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/14/2015 10:34:24 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Service cannot be started. An instance of the service is already running
 
Error: (08/14/2015 10:34:24 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Service cannot be started. The handle is invalid
 
Error: (08/14/2015 10:31:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/14/2015 10:30:08 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.
 
Error: (08/14/2015 10:29:45 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.
 
Error: (08/14/2015 01:19:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.17813, time stamp: 0x554a15f3
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x556366f2
Exception code: 0xc0000264
Fault offset: 0x00000000000c9358
Faulting process id: 0x1374
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
 
Error: (08/14/2015 01:19:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.17813, time stamp: 0x554a15f3
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x556366f2
Exception code: 0xc0000005
Fault offset: 0x000000000004ada4
Faulting process id: 0x1374
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
 
Error: (08/14/2015 11:41:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/14/2015 10:19:55 AM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.
 
Error: (08/14/2015 10:19:20 AM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.
 
 
System errors:
=============
Error: (08/14/2015 10:29:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (08/14/2015 11:40:15 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (08/14/2015 03:25:57 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error: 
%%5
 
Error: (08/14/2015 03:25:55 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (08/14/2015 03:16:15 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (08/14/2015 03:15:55 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (08/13/2015 01:32:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (08/13/2015 01:32:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (08/13/2015 01:02:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error: 
%%5
 
Error: (08/13/2015 01:02:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
 
Microsoft Office:
=========================
Error: (08/14/2015 10:34:24 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Service cannot be started. An instance of the service is already running
 
Error: (08/14/2015 10:34:24 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Service cannot be started. The handle is invalid
 
Error: (08/14/2015 10:31:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/14/2015 10:30:08 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/14/2015 10:29:45 PM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/14/2015 01:19:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.17813554a15f3ntdll.dll6.1.7601.18869556366f2c000026400000000000c9358137401d0d650cc58332cC:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dll0eafa294-4244-11e5-877a-e03f491c27c0
 
Error: (08/14/2015 01:19:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.17813554a15f3ntdll.dll6.1.7601.18869556366f2c0000005000000000004ada4137401d0d650cc58332cC:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dll0adedd37-4244-11e5-877a-e03f491c27c0
 
Error: (08/14/2015 11:41:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/14/2015 10:19:55 AM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/14/2015 10:19:20 AM) (Source: MsiInstaller) (EventID: 11310) (User: Owner-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Owner\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4771 CPU @ 3.50GHz
Percentage of memory in use: 23%
Total physical RAM: 16289.32 MB
Available physical RAM: 12477.19 MB
Total Virtual: 32576.84 MB
Available Virtual: 28281.53 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.47 GB) (Free:61.75 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1642.6 GB) NTFS
Drive f: () (Removable) (Total:7.45 GB) (Free:2.89 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 17CC1B94)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 17CC1B8C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of log ============================


#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,759 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:10 AM

Posted 14 August 2015 - 11:19 AM

Thanks for the fresh logs. Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
2014-10-02 12:47 - 2014-10-02 12:47 - 0045270 _____ () C:\Users\Owner\AppData\Roaming\room_v3.dat
2014-05-07 17:42 - 2014-05-07 17:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
C:\Users\Owner\AppData\Local\Temp\7za.exe
C:\Users\Owner\AppData\Local\Temp\DaS_21.exe
C:\Users\Owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpalro_g.dll
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150602to20150707.exe
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150707to20150715.exe
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150715to20150720.exe
C:\Users\Owner\AppData\Local\Temp\hijackthis.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150616to150630.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150630to150714v2.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150714to150724.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150724to150729.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150729to150807.exe
C:\Users\Owner\AppData\Local\Temp\NirCmd.exe
C:\Users\Owner\AppData\Local\Temp\PEVZ.EXE
C:\Users\Owner\AppData\Local\Temp\remove.exe
C:\Users\Owner\AppData\Local\Temp\sed.exe
C:\Users\Owner\AppData\Local\Temp\shortcut.exe
C:\Users\Owner\AppData\Local\Temp\swreg.exe
C:\Users\Owner\AppData\Local\Temp\swxcacls.exe
C:\Users\Owner\AppData\Local\Temp\wget.exe
AlternateDataStreams: C:\Users\Owner\Desktop\Applications:com.dropbox.attributes
AlternateDataStreams: C:\Users\Owner\Desktop\Dot Arena Videos:com.dropbox.attributes
AlternateDataStreams: C:\Users\Owner\Desktop\VIDEO0017.mp4:com.dropbox.attributes
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Check your computer performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Update on computer behavior

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Delitescent

Delitescent
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 14 August 2015 - 11:57 AM

Fix result of Farbar Recovery Scan Tool (x64) Version:12-08-2015
Ran by Owner (2015-08-15 00:55:47) Run:2
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
2014-10-02 12:47 - 2014-10-02 12:47 - 0045270 _____ () C:\Users\Owner\AppData\Roaming\room_v3.dat
2014-05-07 17:42 - 2014-05-07 17:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
C:\Users\Owner\AppData\Local\Temp\7za.exe
C:\Users\Owner\AppData\Local\Temp\DaS_21.exe
C:\Users\Owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpalro_g.dll
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150602to20150707.exe
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150707to20150715.exe
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150715to20150720.exe
C:\Users\Owner\AppData\Local\Temp\hijackthis.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150616to150630.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150630to150714v2.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150714to150724.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150724to150729.exe
C:\Users\Owner\AppData\Local\Temp\lol_patch_150729to150807.exe
C:\Users\Owner\AppData\Local\Temp\NirCmd.exe
C:\Users\Owner\AppData\Local\Temp\PEVZ.EXE
C:\Users\Owner\AppData\Local\Temp\remove.exe
C:\Users\Owner\AppData\Local\Temp\sed.exe
C:\Users\Owner\AppData\Local\Temp\shortcut.exe
C:\Users\Owner\AppData\Local\Temp\swreg.exe
C:\Users\Owner\AppData\Local\Temp\swxcacls.exe
C:\Users\Owner\AppData\Local\Temp\wget.exe
AlternateDataStreams: C:\Users\Owner\Desktop\Applications:com.dropbox.attributes
AlternateDataStreams: C:\Users\Owner\Desktop\Dot Arena Videos:com.dropbox.attributes
AlternateDataStreams: C:\Users\Owner\Desktop\VIDEO0017.mp4:com.dropbox.attributes
*****************
 
C:\Users\Owner\AppData\Roaming\room_v3.dat => moved successfully.
C:\ProgramData\DP45977C.lfl => moved successfully.
C:\Users\Owner\AppData\Local\Temp\7za.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\DaS_21.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpalro_g.dll => moved successfully.
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150602to20150707.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150707to20150715.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\Garena_FO3_patcher_20150715to20150720.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\hijackthis.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\lol_patch_150616to150630.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\lol_patch_150630to150714v2.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\lol_patch_150714to150724.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\lol_patch_150724to150729.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\lol_patch_150729to150807.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\NirCmd.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\PEVZ.EXE => moved successfully.
C:\Users\Owner\AppData\Local\Temp\remove.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\sed.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\shortcut.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\swreg.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\swxcacls.exe => moved successfully.
C:\Users\Owner\AppData\Local\Temp\wget.exe => moved successfully.
C:\Users\Owner\Desktop\Applications => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\Owner\Desktop\Dot Arena Videos => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\Owner\Desktop\VIDEO0017.mp4 => ":com.dropbox.attributes" ADS removed successfully.
 
==== End of Fixlog 00:55:49 ====
 
Thanks Gary! I am only able to check whether the problem still persist when I play game tomorrow though! Hehehe





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users