Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast keeps asking for Mail Shield Security Exclusions


  • This topic is locked This topic is locked
9 replies to this topic

#1 Alek_xyz

Alek_xyz

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 14 November 2016 - 04:53 PM

Hello,
For several days AVAST keeps popping up all the time messages like this one:
 
"MAIL SHIELD SECURITY EXCLUSION
Avast has indentified a problem with this site certificate.
You can add this certificate as an exclusion, if you are sure about it.

Click the 'View' button for more details about the certificate.

If you want to change your certificates/exclusions, please open the Windows Certificate browser and perform the required operations directly from within the system certificate storage.

Legitimate public sites and mail servers should not ask you to do this.

 

SERVER
Location: smtp.stcable.net

Process: C:\Windows\SysWOW64\regsvr32.exe

CERTIFICATE STATUS
This site attempts to identify itself with invalid information.

Problems:
The certificate is not trusted."

 
I either close it or select "CANCEL" but it starts to worry me. I saw another topic with the same problem but it's closed without solution. Here's the contents of the FRST.txt report:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by USER (administrator) on ОЛЕГ-PC (14-11-2016 19:47:08)
Running from C:\Users\USER\Desktop
Loaded Profiles: USER & UpdatusUser (Available Profiles: USER & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(NGWIN) C:\Program Files (x86)\PicPick\picpick.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Viber Media S.Ã  r.l.) C:\Users\USER\AppData\Local\Viber\Viber.exe
(BitTorrent Inc.) C:\Users\USER\AppData\Roaming\uTorrent\uTorrent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(BitTorrent Inc.) C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe
(BitTorrent Inc.) C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-08] (AVAST Software)
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [19959616 2015-08-24] (NGWIN)
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [Dropbox Update] => C:\Users\USER\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [Ilsoft] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\USER\AppData\Local\Agjworks\EnObjKit4.dll
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [Viber] => C:\Users\USER\AppData\Local\Viber\Viber.exe [45485648 2016-11-03] (Viber Media S.Ã  r.l.)
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Run: [uTorrent] => C:\Users\USER\AppData\Roaming\uTorrent\uTorrent.exe [1977536 2016-10-10] (BitTorrent Inc.)
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-04-22] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [193128 2011-04-22] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-10] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-03-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Fast Start.lnk [2015-04-03]
ShortcutTarget: SolidWorks 2014 Fast Start.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{58CCC2EE-AD5E-4E6E-B009-E419FA4CF74D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6C0D3F50-FAA3-4953-A571-ECA314FB8E90}: [NameServer] 78.90.52.1,89.190.192.248
 
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-11-05] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll => No File
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll No File
 
FireFox:
========
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vjgzuhfu.default [2016-11-14]
FF Homepage: Mozilla\Firefox\Profiles\vjgzuhfu.default -> hxxp://www.mybreznik.com/n/
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-10]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
FF Extension: (MSN Toolbar) - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-11-09] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-11-09] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-03-20] [not signed]
FF HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\911bg.xml [2014-10-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml [2014-10-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pe-bg.xml [2014-10-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml [2014-10-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-04-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-04-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-287049870-4264774542-2349093501-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\USER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default [2016-10-31]
CHR Extension: (Rapport) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-04-17]
CHR Extension: (Avast SafePrice) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-04-17]
CHR Extension: (Avast Online Security) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-10]
CHR Extension: (Video Downloader Pro) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilppkoakomgpcblpemgbloapenijdcho [2016-07-10]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR HKU\S-1-5-21-287049870-4264774542-2349093501-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-10] (AVAST Software)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2387952 2016-10-06] (IBM Corp.)
R2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [235656 2014-03-31] (Mentor Graphics Corporation) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-04-03] (SolidWorks) [File not signed]
R2 SZASSIST; C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe [90112 2011-04-15] (Clarus, Inc.) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-10] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-10] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FTDIBUS; C:\Windows\System32\drivers\opcomusb.sys [69192 2009-02-17] (FTDI Ltd.)
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf16.sys [18288 2010-08-17] () [File not signed]
R3 mvd22; C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd22.sys [78192 2010-08-17] () [File not signed]
R1 RapportCerberus_1609053; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609053.sys [1181672 2016-09-16] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [566248 2016-10-06] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [235184 2016-10-06] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [489712 2016-10-06] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [547888 2016-10-06] (IBM Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-10-18] () [File not signed]
U3 abiwb860; C:\Windows\System32\Drivers\abiwb860.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-14 19:47 - 2016-11-14 19:48 - 00032033 _____ C:\Users\USER\Desktop\FRST.txt
2016-11-14 19:46 - 2016-11-14 19:47 - 00000000 ____D C:\FRST
2016-11-14 19:38 - 2016-11-14 19:38 - 02411520 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2016-11-12 13:21 - 2016-11-12 13:21 - 20092125 _____ C:\Users\USER\Downloads\Sarah McDaniel - Imgur.zip
2016-11-12 10:45 - 2016-11-12 10:46 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-09 00:33 - 2016-11-09 00:33 - 00044106 _____ C:\Users\USER\Downloads\NCIS.Season.03.DVDRip.XviD-Zamunda.NET.torrent
2016-11-09 00:33 - 2016-11-09 00:33 - 00043906 _____ C:\Users\USER\Downloads\NCIS.Season.04.DVDRip.XviD-Zamunda.NET.torrent
2016-11-09 00:33 - 2016-11-09 00:33 - 00023009 _____ C:\Users\USER\Downloads\NCIS Season 1 Episodes (1-23) Complete.torrent
2016-11-09 00:33 - 2016-11-09 00:33 - 00022965 _____ C:\Users\USER\Downloads\NCIS Season 2 Episodes 1-23  Complete.torrent
2016-11-07 17:49 - 2016-11-07 17:50 - 00000000 ____D C:\Users\USER\AppData\Local\Viber
2016-11-07 16:46 - 2016-11-14 17:26 - 00000000 ____D C:\Users\USER\AppData\LocalLow\uTorrent
2016-10-26 22:57 - 2016-10-26 22:57 - 03452989 _____ C:\Users\USER\Downloads\Jenna-Louise Coleman - 'Glamour Magazine UK' - - Imgur.zip
2016-10-23 18:40 - 2016-10-23 18:40 - 00049152 _____ C:\Users\USER\Downloads\pernik.xls
2016-10-23 17:13 - 2016-10-29 14:05 - 00000000 ____D C:\Users\USER\Desktop\Нова папка (2)
2016-10-15 17:28 - 2016-10-15 17:28 - 00018937 _____ C:\Users\USER\Downloads\Zdravko Colic -The Platinum Collection (2007).torrent
2016-10-15 17:26 - 2016-10-15 17:26 - 00037665 _____ C:\Users\USER\Downloads\Zdravko Colic - Diskografiq.torrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-14 19:47 - 2014-10-18 14:16 - 00000000 ____D C:\Users\USER\AppData\Roaming\uTorrent
2016-11-14 19:42 - 2015-06-19 07:19 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-287049870-4264774542-2349093501-1000UA.job
2016-11-14 19:28 - 2014-10-18 15:01 - 00000000 ____D C:\Users\USER\AppData\Roaming\Skype
2016-11-14 19:20 - 2014-10-18 14:05 - 00000998 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-14 19:06 - 2014-10-18 14:02 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-14 18:24 - 2015-04-03 10:40 - 00000000 ____D C:\Program Files\SolidWorks Corp
2016-11-14 18:16 - 2009-07-14 07:13 - 00794766 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-14 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-11-14 17:33 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-14 17:33 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-14 17:27 - 2014-10-19 10:37 - 00000000 ____D C:\Users\USER\Documents\ViberDownloads
2016-11-14 17:26 - 2015-11-06 08:50 - 00000000 ____D C:\Users\USER\AppData\Roaming\ViberPC
2016-11-14 17:25 - 2014-12-18 21:28 - 00000453 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-11-14 17:24 - 2014-10-18 14:05 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-14 17:24 - 2014-10-18 13:34 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-14 17:23 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-14 16:55 - 2015-02-24 15:54 - 00000000 ____D C:\Users\USER\Documents\Visual Studio 2013
2016-11-14 16:20 - 2014-10-18 14:55 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-13 22:00 - 2014-10-27 19:32 - 00000000 ____D C:\Users\USER\AppData\Roaming\vlc
2016-11-13 20:42 - 2015-06-19 07:19 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-287049870-4264774542-2349093501-1000Core.job
2016-11-13 00:47 - 2015-09-04 10:04 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-11-13 00:47 - 2014-10-18 14:02 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-12 11:09 - 2016-02-02 14:22 - 00000000 ___SD C:\Users\USER\AppData\LocalLow\Temp
2016-11-12 10:46 - 2014-10-18 14:57 - 00000000 ____D C:\Users\USER\AppData\Roaming\Dropbox
2016-11-12 01:39 - 2014-10-18 13:21 - 02845297 ____H C:\Users\USER\AppData\Local\IconCache.db.backup
2016-11-11 21:27 - 2016-02-02 10:37 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-10 14:41 - 2015-09-04 09:49 - 00003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1441352943
2016-11-10 14:41 - 2015-09-04 09:48 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-09 22:01 - 2014-12-24 14:17 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-09 20:37 - 2015-06-19 07:19 - 00003886 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-287049870-4264774542-2349093501-1000UA
2016-11-09 20:37 - 2015-06-19 07:19 - 00003490 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-287049870-4264774542-2349093501-1000Core
2016-11-09 18:25 - 2014-10-18 13:35 - 00000000 ____D C:\Users\UpdatusUser
2016-11-08 23:06 - 2015-09-04 10:04 - 00003882 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-11-08 23:06 - 2014-10-18 14:02 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 23:06 - 2014-10-18 14:02 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 23:06 - 2014-10-18 14:02 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 23:06 - 2014-10-18 14:02 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-07 10:31 - 2015-04-03 15:00 - 00000000 ____D C:\Users\USER\AppData\Local\TempSWBackupDirectory
2016-11-07 09:48 - 2009-07-14 07:08 - 00032660 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-06 18:36 - 2016-01-12 11:52 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-10-25 15:23 - 2014-10-18 14:06 - 00002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-21 20:05 - 2014-10-18 15:01 - 00000000 ____D C:\ProgramData\Skype
2016-10-17 20:31 - 2015-12-18 19:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-10-16 17:36 - 2015-01-20 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
 
==================== Files in the root of some directories =======
 
2013-10-02 04:56 - 2013-10-02 04:56 - 0000979 _____ () C:\Users\USER\AppData\Roaming\callout.unicode.font.xml
2015-09-14 15:36 - 2015-09-14 16:44 - 0000128 _____ () C:\Users\USER\AppData\Roaming\Camdata.ini
2015-09-14 15:36 - 2015-09-14 16:44 - 0000408 _____ () C:\Users\USER\AppData\Roaming\CamLayout.ini
2015-09-14 15:36 - 2015-09-14 16:44 - 0000408 _____ () C:\Users\USER\AppData\Roaming\CamShapes.ini
2015-09-14 15:36 - 2015-09-14 16:44 - 0004545 _____ () C:\Users\USER\AppData\Roaming\CamStudio.cfg
2015-05-20 03:28 - 2015-05-20 03:28 - 0004151 _____ () C:\Users\USER\AppData\Roaming\LF_Disabled.png
2013-10-02 04:56 - 2013-10-02 04:56 - 0002079 _____ () C:\Users\USER\AppData\Roaming\refentry.source.fallback.profile.xml
2016-02-01 13:37 - 2016-02-01 13:37 - 0001959 _____ () C:\Users\USER\AppData\Roaming\Scenography
2015-05-20 03:28 - 2015-05-20 03:28 - 0003181 _____ () C:\Users\USER\AppData\Roaming\support_tools.png
2015-05-20 03:14 - 2015-05-20 03:14 - 0001933 _____ () C:\Users\USER\AppData\Roaming\tweakNetworkingManual_de.p5p
2015-05-20 03:14 - 2015-05-20 03:14 - 0000109 _____ () C:\Users\USER\AppData\Roaming\tweakRepairWinsock_zh-cn.p5p
2015-09-14 15:22 - 2015-09-14 15:56 - 0000096 _____ () C:\Users\USER\AppData\Roaming\version2.xml
2016-02-01 13:37 - 2016-02-01 13:37 - 0052996 _____ () C:\Users\USER\AppData\Roaming\vmciver.dll
2015-04-08 20:33 - 2016-09-19 17:16 - 0032256 _____ () C:\Users\USER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-30 22:20 - 2016-03-26 23:34 - 0007598 _____ () C:\Users\USER\AppData\Local\Resmon.ResmonCfg
2014-11-09 13:34 - 2016-05-25 10:03 - 0021455 _____ () C:\ProgramData\hpzinstall.log
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-11-14 10:27
 
==================== End of FRST.txt ============================
 
I'll appreciate any help. Thanks.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:33 AM

Posted 15 November 2016 - 10:52 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

(BitTorrent Inc.) C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe
(BitTorrent Inc.) C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Policies\Explorer: []
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll => No File
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll No File
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [No File]
CHR Extension: (Avast SafePrice) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-04-17]
CHR Extension: (Avast Online Security) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-10]
CHR Extension: (Video Downloader Pro) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilppkoakomgpcblpemgbloapenijdcho [2016-07-10]
CHR Extension: (???????? ? ??? ???????? ?? Chrome) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 abiwb860; C:\Windows\System32\Drivers\abiwb860.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\System32\Drivers\abiwb860.sys

reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post also the Addition.txt file that was created by the Farbar tool.
===


If the problem persists and you have an e-Mail account with this provider stcable.net I would check with them.

Make sure that the Time and Date is correct on the computer. It could be the cause of this error message.

#3 Alek_xyz

Alek_xyz
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 15 November 2016 - 11:22 AM

Thank you for the quick response. Here is the log:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by USER (15-11-2016 18:01:25) Run:1
Running from C:\Users\USER\Desktop
Loaded Profiles: USER & UpdatusUser (Available Profiles: USER & UpdatusUser)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
(BitTorrent Inc.) C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe
(BitTorrent Inc.) C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Policies\Explorer: []
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll => No File
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll No File
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [No File]
CHR Extension: (Avast SafePrice) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-04-17]
CHR Extension: (Avast Online Security) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-10]
CHR Extension: (Video Downloader Pro) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilppkoakomgpcblpemgbloapenijdcho [2016-07-10]
CHR Extension: (???????? ? ??? ???????? ?? Chrome) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 abiwb860; C:\Windows\System32\Drivers\abiwb860.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\System32\Drivers\abiwb860.sys
 
reboot:
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe => No running process found
C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully
"HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0" => key removed successfully
C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => moved successfully
C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki => moved successfully
C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilppkoakomgpcblpemgbloapenijdcho => moved successfully
C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully
abiwb860 => service not found.
VGPU => service removed successfully
"C:\Windows\System32\Drivers\abiwb860.sys" => not found.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 173150000 B
Java, Flash, Steam htmlcache => 740 B
Windows/system/drivers => 340033 B
Edge => 0 B
Chrome => 190433309 B
Firefox => 5920738 B
Opera => 436572373 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 102294 B
systemprofile32 => 66228 B
LocalService => 66228 B
NetworkService => 66228 B
USER => 110137587 B
UpdatusUser => 0 B
 
RecycleBin => 2633 B
EmptyTemp: => 882.4 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 18:03:34 ====
 
And here is the Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by USER (14-11-2016 19:49:17)
Running from C:\Users\USER\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-10-18 08:19:45)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-287049870-4264774542-2349093501-500 - Administrator - Disabled)
Guest (S-1-5-21-287049870-4264774542-2349093501-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-287049870-4264774542-2349093501-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-287049870-4264774542-2349093501-1001 - Limited - Enabled) => C:\Users\UpdatusUser
USER (S-1-5-21-287049870-4264774542-2349093501-1000 - Administrator - Enabled) => C:\Users\USER
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
AutoCAD Mechanical 2014 - English (Version: 18.0.17.0 - Autodesk) Hidden
AutoCAD Mechanical 2014 Language Pack - English (Version: 18.0.17.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD Mechanical 2014 - English (HKLM\...\AutoCAD Mechanical 2014 - English) (Version: 18.0.17.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
B110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
Dell Custom Help (Version: 15.06.1000.0142 - Intel Corporation) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell System Detect (HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\58d94f3ce2c27db0) (Version: 7.3.0.6 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Deus.Ex.Human.Revolution.Directors.Cut (HKLM-x32\...\RGV1c0V4SHVtYW5SZXZvbHV0aW9uRGlyZWN0b3JzQ3V0_is1) (Version: 1 - )
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Folder Size 3.4.0.0 (HKLM-x32\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 3.4.0.0 - MindGems, Inc.)
Free Video Editor version 1.4.12.415 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.12.415 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{59C83C08-63F4-4AEC-81D6-392C5E23B843}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{fae8de85-97ab-4053-a8bb-03bfc86ac533}) (Version: 15.6.1 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Magic FLAC to MP3 Converter 3.71 (HKLM-x32\...\Magic FLAC to MP3 Converter_is1) (Version:  - Magic Video)
Malwarebytes Anti-Malware, версия 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{8c13edfc-064c-4ba0-91cd-5b04248be882}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 33.0 (x86 bg) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 bg)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSN Toolbar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 4.0.0357.1 - Microsoft Corporation)
MSN Toolbar Platform (x32 Version: 4.0.0357.1 - Microsoft Corporation) Hidden
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Driver 268.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 268.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Opera Stable 41.0.2353.56 (HKLM-x32\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)
PicPick (HKLM-x32\...\PicPick) (Version: 4.0.7 - NGWIN)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Rapport (x32 Version: 3.5.1609.103 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung SecretZone (HKLM-x32\...\{66491E5A-7899-4863-A2E9-057E10BCB578}) (Version: 2.1.630.0 - Clarus)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolidWorks 2014 API SDK (HKLM-x32\...\{E9E60895-0B1F-4116-93EE-C08EF317D313}) (Version: 22.30.56 - SolidWorks Corporation)
SolidWorks 2014 x64 Edition SP03 (HKLM-x32\...\SolidWorks Installation Manager 20140-40300-1100-100) (Version: 22.3.0.56 - SolidWorks Corporation)
SolidWorks 2014 x64 Edition SP03 (Version: 22.130.56 - SolidWorks) Hidden
SolidWorks Composer Player 2014 SP03 x64 Edition (Version: 22.30.56 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP03 (Version: 14.3.107 - Dassault Systиmes SolidWorks Corp) Hidden
SolidWorks Flow Simulation 2014 SP03 x64 Edition  (Version: 22.30.57 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2014 SP03 x64 Edition (Version: 22.30.56 - SolidWorks Corporation) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1609.103 - Trusteer)
Unity Web Player (HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Viber (HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\{b1142ab5-4e7c-4fa1-8734-115e5d1e1933}) (Version: 5.4.0.1661 - Viber Media Inc.)
Viber (x32 Version: 5.4.0.1661 - Viber Media Inc.) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - AUTO M3 Ltd OPCOM USB V2 Driver (03/13/2008 2.04.06) (HKLM\...\F65BA1827B87BAB2EE23DC048D5555200191BBA7) (Version: 03/13/2008 2.04.06 - AUTO M3 Ltd)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
Архиватор WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe" => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\iDrop.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TI.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe" => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe" => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtCp.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxApprenticeServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxInventorUtilities.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvResc.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvTXTStack.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04B33CE6-EE65-458A-9457-7B2E1E16DEAD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {2F8EF983-7574-47E6-85C9-00DE337C9B9C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {3CB5226F-6DC0-4CBF-A91A-D1783A40E3EF} - System32\Tasks\Opera scheduled Autoupdate 1441352943 => C:\Program Files (x86)\Opera\launcher.exe [2016-11-07] (Opera Software)
Task: {4CFA1BBD-5349-4265-A1AF-33C126D5D40D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {521570A6-8582-4B2E-A4BD-238FFCD4D723} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-287049870-4264774542-2349093501-1000Core => C:\Users\USER\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {6E72B56C-76F8-4905-BAA9-130A2C5324FF} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {6F3B9517-AFB4-4E0B-960D-E888B8BCD6B6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {7FEBCA71-329E-4D89-9B18-B3B9B5264742} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {7FF8F326-0028-4C96-AE85-A00DE7326682} - System32\Tasks\SafeZone scheduled Autoupdate 1458771168 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {897F1CCB-C65D-46C6-B5A4-A7AFFDB0E4FA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {BD972F6E-6CA4-4233-BEF2-DC53EE547D60} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C24032A7-57CD-4674-A46D-F6640FE1EBF8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {C38061CB-988E-4F2B-83F0-983CEBE94DB0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {C6539A99-1492-4E02-8E17-83CBA09CC87A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {CCB9F923-5854-43DB-9EBD-823DA93B5E6D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-10] (AVAST Software)
Task: {E696A225-7232-4251-91D7-09312CF743F8} - System32\Tasks\{D92C909D-480C-4E8B-B7DB-5C9C9C07FCF5} => pcalua.exe -a C:\dell\drivers\R312222\Setup.exe -d C:\dell\drivers\R312222
Task: {EA73F31F-8035-45EC-9DCB-322224DF2F6D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {F02BBABC-CD3A-47BD-8CD8-543A418A194F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-287049870-4264774542-2349093501-1000UA => C:\Users\USER\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-287049870-4264774542-2349093501-1000Core.job => C:\Users\USER\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-287049870-4264774542-2349093501-1000UA.job => C:\Users\USER\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\USER\Links\Изтеглени файлове.lnk -> C:\Users\USER\Downloads () <===== Cyrillic
Shortcut: C:\Users\USER\Desktop\Part1 - Пряк път.lnk -> C:\SolidWorks Data\Modules\Part1.SLDPRT () <===== Cyrillic
Shortcut: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Конзола на наръчника на RAR.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt () <===== Cyrillic
Shortcut: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\помощ от WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm () <===== Cyrillic
Shortcut: C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Калкулатор за Windows.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation) <===== Cyrillic
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-10-18 14:13 - 2008-06-19 23:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-10-18 13:19 - 2012-11-15 01:03 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-18 18:02 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2013-02-05 00:21 - 2013-02-05 00:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2015-08-24 20:28 - 2015-08-24 20:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1026.dll
2014-04-01 01:54 - 2014-04-01 01:54 - 00276008 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll
2016-09-10 08:24 - 2016-09-10 08:24 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-14 17:24 - 2016-11-14 17:24 - 03130832 _____ () C:\Program Files\AVAST Software\Avast\defs\16111400\algo.dll
2016-09-10 08:24 - 2016-09-10 08:24 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-11-04 19:29 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-11-04 19:29 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-11-04 19:29 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-11-04 19:29 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-11-04 19:29 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-06-02 14:51 - 2015-06-02 14:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2014-10-18 18:02 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2016-02-02 02:28 - 2016-02-02 02:28 - 00103424 _____ () C:\Users\USER\AppData\Local\Agjworks\EnObjKit4.dll
2016-11-07 17:50 - 2016-11-03 12:21 - 00042064 _____ () C:\Users\USER\AppData\Local\Viber\qrencode.dll
2016-11-07 17:50 - 2016-11-03 12:21 - 00016976 _____ () C:\Users\USER\AppData\Local\Viber\libEGL.DLL
2016-11-07 17:50 - 2016-11-03 12:21 - 01652304 _____ () C:\Users\USER\AppData\Local\Viber\libGLESv2.dll
2016-11-07 17:50 - 2016-11-03 12:22 - 00398416 _____ () C:\Users\USER\AppData\Local\Viber\imageformats\qsvg.dll
2016-07-03 13:59 - 2016-07-03 13:59 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-11-10 14:40 - 2016-11-10 14:40 - 66023632 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\opera.dll
2016-11-10 14:40 - 2016-11-10 14:40 - 01888464 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\libglesv2.dll
2016-11-10 14:40 - 2016-11-10 14:40 - 00094416 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\libegl.dll
2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C [124]
AlternateDataStreams: C:\ProgramData\TEMP:B0456F0C [128]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-287049870-4264774542-2349093501-1000\...\dell.com -> dell.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-287049870-4264774542-2349093501-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\USER\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 78.90.52.1 - 89.190.192.248
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{C05D1A37-15D6-43E7-A2EB-CC1F081BF9F3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{093AB0F1-087B-42F7-A370-F5D6D522934E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{3A7DCD26-8F30-4AC6-B932-59AA1EF2AB37}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{1537C1DA-2CFD-4AEB-A93F-9DC1D22235D5}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [{C428181C-1EAF-4789-BAF2-E8926DBC7DFE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{79E92F79-1209-45ED-9E2C-F5B24299A309}C:\program files (x86)\wb games\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\wb games\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{DEF4996A-F4A8-403A-89DD-364E517233BA}C:\program files (x86)\wb games\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\wb games\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{2232E475-4B6F-43D7-B58E-E7AB4CC3D2E1}D:\r.g. catalyst\batman arkham city\binaries\win32\batmanac.exe] => (Block) D:\r.g. catalyst\batman arkham city\binaries\win32\batmanac.exe
FirewallRules: [UDP Query User{2DEB29E1-F8EB-482A-98B9-31274C4A0069}D:\r.g. catalyst\batman arkham city\binaries\win32\batmanac.exe] => (Block) D:\r.g. catalyst\batman arkham city\binaries\win32\batmanac.exe
FirewallRules: [{F9B216C8-0AF2-4E27-A442-9FCB97946A29}] => (Allow) LPort=50248
FirewallRules: [{924167DE-531D-4602-B1B2-B6C638F85DED}] => (Allow) F:\setup\hpznui40.exe
FirewallRules: [{12A516DF-C87F-414F-ACF8-E97694A6A7F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{B81BD1F6-B344-40E0-8AFA-8ED62002482D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{DE3292B8-A2C0-402C-BB16-5A2B887F060B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{53F27BFB-BDA0-4152-B040-B922C6B44107}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{21FDA143-1A3E-423C-8818-5A93A6F99A93}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{3B5EC3E4-54FF-4705-9BFB-7F763540F436}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{99A0672F-C9C6-489E-B6DD-A837A1F38E64}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5140AF16-BCF2-4FF6-BF13-91B54B78E17D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{6109F327-D15A-44C7-8807-F6C670B548BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{15B74197-D886-44DF-9180-F3A5EF146D5C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{BFFFEA4E-55D3-4655-8902-119AD73AE194}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{82B94E73-C7A0-486E-9A0B-9AC5787ECD57}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{8740C8E6-9D91-49A6-BA7F-B50010A71AEC}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{5A69FC94-6F1A-4613-A726-0C2835FD0480}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe
FirewallRules: [UDP Query User{1A31B21B-698D-4FA6-A9D2-2C261EB1F2A7}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\cma\bin\intelmpi\smpd-intel-4.0.3.009-x64.exe
FirewallRules: [TCP Query User{35125D29-E7FC-4C9F-A2C4-E2DF6BDAF5DE}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [UDP Query User{D256DB3F-3C9C-4241-B02E-4B76C247DADC}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [TCP Query User{82544160-D5E5-4D97-AE7D-02C146AFF074}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe
FirewallRules: [UDP Query User{8B792379-9C18-44D3-B804-46A41DCA2EAB}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\xtop.exe
FirewallRules: [TCP Query User{DABC28A4-E8F9-4E3D-AD95-368FC569EEEF}C:\program files (x86)\ptc\creo\platform\3.96\creoagent.exe] => (Block) C:\program files (x86)\ptc\creo\platform\3.96\creoagent.exe
FirewallRules: [UDP Query User{861A699A-CEEE-4EC8-A6B9-78E886E1B39F}C:\program files (x86)\ptc\creo\platform\3.96\creoagent.exe] => (Block) C:\program files (x86)\ptc\creo\platform\3.96\creoagent.exe
FirewallRules: [TCP Query User{55D84ABA-A503-45BC-A697-57E9EBC83FF7}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\invodxtopro.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\invodxtopro.exe
FirewallRules: [UDP Query User{3ADD8C1C-B344-44BC-AC95-9D1F843C95AD}C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\invodxtopro.exe] => (Allow) C:\program files\ptc\creo 3.0\m030\common files\x86e_win64\obj\invodxtopro.exe
FirewallRules: [TCP Query User{D22D27FD-0FC2-4930-8F5F-53589A37DDDF}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{78D4FB88-58B6-4BB1-BE6B-7FCBEEFA53E1}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{2B4D7992-1CB2-4085-BDA5-3DA3A68F5114}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A47D51B-7406-4AD6-B683-9B5A23DFE91F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3DB0F6E0-289D-42DC-A59B-3E4D055B0D13}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{30E19D77-A83F-4D22-87C3-F8E1FC47CE06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8F725DE9-89FC-4BF0-A5DF-9A046188DBEC}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{1962E502-C9E7-418B-953A-8E21A9B08B93}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{89A8A4C1-766D-4128-A754-FB3416163686}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{69EE1A7C-88C8-4806-8537-4B690A605B8E}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{70FC5C56-501D-41CA-BAB7-10A2DA71B9C1}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{F1C77A4F-0CC8-49B2-9566-63ECBF926184}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{BD93DC57-B084-4568-BB50-D539D6EF7F67}] => (Allow) C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FA465CB6-CE59-46C4-BD67-0392A5446570}] => (Allow) C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{89BE2820-49D3-4930-9425-0766173A3385}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E66FCBCF-1602-4D5B-9A1B-FD78E46E9B0D}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4891CE4E-E104-4F2C-9F0F-2E2988E193E6}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{2E9B33BF-A131-401E-BA07-C52EE442F6B4}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{3C019598-8C9F-4F7D-B7DD-3628AEA9751F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{6F26D613-6573-43F0-A981-E7067116BC4B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{34CAB729-9B0D-421B-ACD3-6503405D8543}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{7F2B3D12-3632-4C2F-B4A8-BA8B8C4F800C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{9F1526E3-3929-4BDE-86FB-A8AAA01BAD03}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{65310B32-85CF-4BFA-9BB7-76D344427111}] => (Allow) LPort=12292
FirewallRules: [{8BFD0591-E7C7-4527-BB19-14655B510FC1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{C4B94785-E8C3-4AE5-B138-E8BC7E100479}C:\program files (x86)\prince of persia - the forgotten sands\prince of persia.exe] => (Block) C:\program files (x86)\prince of persia - the forgotten sands\prince of persia.exe
FirewallRules: [UDP Query User{E3554833-14E4-4929-ABB0-A36C75137E24}C:\program files (x86)\prince of persia - the forgotten sands\prince of persia.exe] => (Block) C:\program files (x86)\prince of persia - the forgotten sands\prince of persia.exe
FirewallRules: [{B615D95B-BF0C-4864-BCED-7F41DFA7A893}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9994E011-B1F4-4C1B-8130-A4F39233A53B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C574997D-C8F0-4439-85B7-0EC7EA4AE3B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3D2792FB-1A74-4967-B713-4137FB255034}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{41A760F8-51DE-4CDA-8428-711526F1B94D}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{833CE1CF-A337-472A-9CE1-2600BC4AF139}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{0D55B196-C756-4FD8-9376-5404CEC3D801}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8F994694-DA5C-4E89-AE0E-B3DC977720A0}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{5F3D5082-9BD1-45C3-9D11-945266DDE41C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{020EC5DC-5A43-439A-BE89-BF4080347430}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4919870C-0069-4F75-96DF-DE0FD3B953FD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
01-11-2016 10:48:39 Планирана контролна точка
09-11-2016 12:24:27 Планирана контролна точка
 
==================== Faulty Device Manager Devices =============
 
Name: HP LaserJet 1022n
Description: HP LaserJet 1022n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/14/2016 07:49:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Задължителният сертификат не се намира в своя период на валидност, когато е проверен за съответствие с текущия системен часовник или времевото клеймо в подписания файл.
.
 
Error: (11/14/2016 07:43:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Задължителният сертификат не се намира в своя период на валидност, когато е проверен за съответствие с текущия системен часовник или времевото клеймо в подписания файл.
.
 
Error: (11/14/2016 07:42:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Задължителният сертификат не се намира в своя период на валидност, когато е проверен за съответствие с текущия системен часовник или времевото клеймо в подписания файл.
.
 
Error: (11/14/2016 07:39:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Задължителният сертификат не се намира в своя период на валидност, когато е проверен за съответствие с текущия системен часовник или времевото клеймо в подписания файл.
.
 
Error: (11/14/2016 07:34:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Задължителният сертификат не се намира в своя период на валидност, когато е проверен за съответствие с текущия системен часовник или времевото клеймо в подписания файл.
.
 
Error: (11/14/2016 07:29:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Задължителният сертификат не се намира в своя период на валидност, когато е проверен за съответствие с текущия системен часовник или времевото клеймо в подписания файл.
.
 
Error: (11/14/2016 07:24:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Задължителният сертификат не се намира в своя период на валидност, когато е проверен за съответствие с текущия системен часовник или времевото клеймо в подписания файл.
.
 
Error: (11/14/2016 07:18:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Задължителният сертификат не се намира в своя период на валидност, когато е проверен за съответствие с текущия системен часовник или времевото клеймо в подписания файл.
.
 
Error: (11/14/2016 07:13:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Задължителният сертификат не се намира в своя период на валидност, когато е проверен за съответствие с текущия системен часовник или времевото клеймо в подписания файл.
.
 
Error: (11/14/2016 07:09:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Задължителният сертификат не се намира в своя период на валидност, когато е проверен за съответствие с текущия системен часовник или времевото клеймо в подписания файл.
.
 
 
System errors:
=============
Error: (11/14/2016 04:55:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
 
Error: (11/14/2016 12:41:10 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
 
Error: (11/13/2016 12:56:00 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
 
Error: (11/13/2016 12:50:12 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
 
Error: (11/13/2016 12:38:05 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
 
Error: (11/13/2016 12:00:23 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
 
Error: (11/12/2016 11:48:16 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
 
Error: (11/12/2016 11:10:34 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
 
Error: (11/12/2016 10:58:27 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
 
Error: (11/12/2016 10:20:45 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
 
 
CodeIntegrity:
===================================
  Date: 2016-09-20 20:37:09.023
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswHdsKe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-09-20 20:37:09.022
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswHdsKe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-09-11 00:31:09.870
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-10 21:30:09.902
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-10 15:28:09.837
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-10 09:26:09.803
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-10 09:19:24.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-10 09:19:24.404
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-10 09:19:24.342
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-10 09:19:24.030
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609042.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 79%
Total physical RAM: 6051.17 MB
Available physical RAM: 1211.59 MB
Total Virtual: 12100.52 MB
Available Virtual: 7962.47 MB
 
==================== Drives ================================
 
Drive c: (WINDOWS-7) (Fixed) (Total:171.49 GB) (Free:74.24 GB) NTFS
Drive d: () (Fixed) (Total:263.13 GB) (Free:62.52 GB) NTFS
Drive e: () (Fixed) (Total:263.67 GB) (Free:29.55 GB) NTFS
Drive h: (SANDISK) (Removable) (Total:7.44 GB) (Free:5.58 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=356 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=171.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=263.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=263.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
I don't have account with stcable.net. The messages are always different, the one after the stcable.net was for mail.net.mk.
I don't use any e-mail programs on my PC. The Time and Date are correct.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:33 AM

Posted 15 November 2016 - 11:40 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
CloseProcesses:
cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers

CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe" => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\iDrop.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TI.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe" => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe" => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtCp.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxApprenticeServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxInventorUtilities.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvResc.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvTXTStack.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C [124]
AlternateDataStreams: C:\ProgramData\TEMP:B0456F0C [128]
FirewallRules: [TCP Query User{3A7DCD26-8F30-4AC6-B932-59AA1EF2AB37}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{1537C1DA-2CFD-4AEB-A93F-9DC1D22235D5}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.e
C:\windows\kmsemulator.exe
C:\Windows\AutoKMS.exe
reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

If the problem persists execute this scan.

Temporarily disable your AV program so it does not interfere.
Info on how to disable your security applications How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides.

Download Zoek tool from here

When the download appears, save to the Desktop.
On the Desktop, right-click the Zoek.exe file and select: Run as Administrator
(Give it a few seconds to appear.)

Next, copy/paste the entire script inside the code box below to the input field of Zoek:
createsrpoint;
autoclean;
emptyclsid;
emptyffcache;
FFdefaults;
emptyiecache;
iedefaults;
emptychrcache;
CHRdefaults;
emptyalltemp;
emptyfolderscheck;delete
ipconfig /flushdns;b
Now...
Close any open Browsers.
Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please attach the zoek-results.log in your reply.
===

Also, please provide an update on how the computer is behaving after running the above script.

#5 Alek_xyz

Alek_xyz
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 15 November 2016 - 04:13 PM

Hello again. I did the FRST and after like half an hour the message popped up again for "smtp.excite.com". Here is the log:
 

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by USER (15-11-2016 18:53:24) Run:2
Running from C:\Users\USER\Desktop
Loaded Profiles: USER & UpdatusUser (Available Profiles: USER & UpdatusUser)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CreateRestorePoint:
CloseProcesses:
cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
 
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe" => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\iDrop.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TI.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe" => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2013\Compatibility\Bin\DbxBridge.exe" => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtCp.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\BodyReceiver.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxApprenticeServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\RxInventorUtilities.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\Inventor.exe => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvResc.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2013\Bin\InvTXTStack.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C [124]
AlternateDataStreams: C:\ProgramData\TEMP:B0456F0C [128]
FirewallRules: [TCP Query User{3A7DCD26-8F30-4AC6-B932-59AA1EF2AB37}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{1537C1DA-2CFD-4AEB-A93F-9DC1D22235D5}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.e
C:\windows\kmsemulator.exe
C:\Windows\AutoKMS.exe
reboot:
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= IPCONFIG /release =========
 
 
Windows IP Configuration
 
No operation can be performed on ЃҐ§¦Ёз­  ¬аҐ¦®ў  ўак§Є  4 while it has its media disconnected.
No operation can be performed on ЃҐ§¦Ёз­  ¬аҐ¦®ў  ўак§Є  while it has its media disconnected.
No operation can be performed on Bluetooth ¬аҐ¦®ў  ўак§Є  while it has its media disconnected.
 
========= End of CMD: =========
 
 
========= IPCONFIG /renew =========
 
 
Windows IP Configuration
 
No operation can be performed on ЃҐ§¦Ёз­  ¬аҐ¦®ў  ўак§Є  5 while it has its media disconnected.
No operation can be performed on ЃҐ§¦Ёз­  ¬аҐ¦®ў  ўак§Є  4 while it has its media disconnected.
No operation can be performed on ЃҐ§¦Ёз­  ¬аҐ¦®ў  ўак§Є  while it has its media disconnected.
No operation can be performed on Bluetooth ¬аҐ¦®ў  ўак§Є  while it has its media disconnected.
 
========= End of CMD: =========
 
 
========= netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
========= netsh int ip reset c:\resetlog.txt =========
 
Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= netsh int ipv4 reset =========
 
There's no user specified settings to be reset.
 
 
========= End of CMD: =========
 
 
========= netsh int ipv6 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}" => key removed successfully
"HKU\S-1-5-21-287049870-4264774542-2349093501-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}" => key removed successfully
C:\Windows\Tasks\AutoKMS.job => moved successfully
C:\Windows\Tasks\AutoKMSDaily.job => moved successfully
C:\ProgramData\TEMP => ":57B2B96C" ADS removed successfully.
C:\ProgramData\TEMP => ":B0456F0C" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3A7DCD26-8F30-4AC6-B932-59AA1EF2AB37}C:\windows\kmsemulator.exe => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1537C1DA-2CFD-4AEB-A93F-9DC1D22235D5}C:\windows\kmsemulator.exe => value not found.
"C:\windows\kmsemulator.exe" => not found.
"C:\Windows\AutoKMS.exe" => not found.
 
 
The system needed a reboot.
 
==== End of Fixlog 18:54:03 ====

I did the Zoek next, I'll attach the results. Attached File  zoek-results.txt   8.66KB   2 downloads
But it keeps popping -  "mail.lycos.co.uk.cust.b.hostedemail.com" and again "smtp.excite.com".
 


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:33 AM

Posted 16 November 2016 - 10:17 AM

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.
=======


If nothing bad found I suggest you reset your Router.

Reset your router. It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.html

Keep me posted.

#7 Alek_xyz

Alek_xyz
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 16 November 2016 - 03:13 PM

Hi.

I did it, but I clicked the Remove button befor exporting txt and then the program restarted the PC.

I think found the report (there were 2 - Scan and Delete, this is the Scan):

 

RogueKiller V12.8.1.0 (x64) [Nov 14 2016] (Free) by Adlice Software

 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : USER [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 11/16/2016 20:45:48 (Duration : 00:56:04)
 
¤¤¤ Processes : 1 ¤¤¤
[Suspicious.Path|VT.Unknown] EnObjKit4.dll(6308) -- C:\Users\USER\AppData\Local\Agjworks\EnObjKit4.dll[-] -> Found
 
¤¤¤ Registry : 8 ¤¤¤
[Suspicious.Path|VT.HEUR:Trojan.Win32.Generic] (X64) HKEY_USERS\S-1-5-21-287049870-4264774542-2349093501-1000\Software\Microsoft\Windows\CurrentVersion\Run | Ilsoft : C:\Windows\SysWOW64\regsvr32.exe C:\Users\USER\AppData\Local\Agjworks\EnObjKit4.dll [-] -> Found
[Suspicious.Path|VT.HEUR:Trojan.Win32.Generic] (X86) HKEY_USERS\S-1-5-21-287049870-4264774542-2349093501-1000\Software\Microsoft\Windows\CurrentVersion\Run | Ilsoft : C:\Windows\SysWOW64\regsvr32.exe C:\Users\USER\AppData\Local\Agjworks\EnObjKit4.dll [-] -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-287049870-4264774542-2349093501-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-287049870-4264774542-2349093501-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{6C0D3F50-FAA3-4953-A571-ECA314FB8E90} | NameServer : 78.90.52.1,89.190.192.248 ([Bulgaria][Bulgaria])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{6C0D3F50-FAA3-4953-A571-ECA314FB8E90} | NameServer : 78.90.52.1,89.190.192.248 ([Bulgaria][Bulgaria])  -> Found
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 14 ¤¤¤
[Tr.Generic][File] C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.5_41073\utorrentie.exe -> Found
[Tr.Generic][File] C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.5_41162\utorrentie.exe -> Found
[Tr.Generic][File] C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe -> Found
[Tr.Generic][File] C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe -> Found
[Tr.Generic][File] C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe -> Found
[Tr.Generic][File] C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe -> Found
[Tr.Generic][File] C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe -> Found
[Tr.Generic][File] C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe -> Found
[Tr.Generic][File] C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe -> Found
[Tr.Generic][File] C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe -> Found
[Tr.Generic][File] C:\Users\USER\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe -> Found
[PUP][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk [LNK@] C:\PROGRA~2\COMMON~1\DVDVID~1\FREEST~1.EXE -> Found
[PUP][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk [LNK@] C:\PROGRA~2\COMMON~1\DVDVID~1\lib\UNINST~1.EXE -> Found
[PUP][Folder] C:\Program Files (x86)\Common Files\DVDVideoSoft -> Found
 
¤¤¤ WMI : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500BPKX-00HPJT0 ATA Device +++++
--- User ---
[MBR] 0649e89219a388837db2d844f1364334
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 356 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 731136 | Size: 175605 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 360370176 | Size: 269441 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 912185344 | Size: 270000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 
 
Also I don't use a router right now.


#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:33 AM

Posted 17 November 2016 - 09:25 AM

Run the RogueKiller tool and remove/fix these items.
 

¤¤¤ Processes : 1 ¤¤¤
[Suspicious.Path|VT.Unknown] EnObjKit4.dll(6308) -- C:\Users\USER\AppData\Local\Agjworks\EnObjKit4.dll[-] -> Found

¤¤¤ Registry : 8 ¤¤¤
[Suspicious.Path|VT.HEUR:Trojan.Win32.Generic] (X64) HKEY_USERS\S-1-5-21-287049870-4264774542-2349093501-1000\Software\Microsoft\Windows\CurrentVersion\Run | Ilsoft : C:\Windows\SysWOW64\regsvr32.exe C:\Users\USER\AppData\Local\Agjworks\EnObjKit4.dll [-] -> Found
[Suspicious.Path|VT.HEUR:Trojan.Win32.Generic] (X86) HKEY_USERS\S-1-5-21-287049870-4264774542-2349093501-1000\Software\Microsoft\Windows\CurrentVersion\Run | Ilsoft : C:\Windows\SysWOW64\regsvr32.exe C:\Users\USER\AppData\Local\Agjworks\EnObjKit4.dll [-] -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-287049870-4264774542-2349093501-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-287049870-4264774542-2349093501-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{6C0D3F50-FAA3-4953-A571-ECA314FB8E90} | NameServer : 78.90.52.1,89.190.192.248 ([Bulgaria][Bulgaria]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{6C0D3F50-FAA3-4953-A571-ECA314FB8E90} | NameServer : 78.90.52.1,89.190.192.248 ([Bulgaria][Bulgaria]) -> Found
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Found
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Found


Restart the computer normally.

How is the computer running now?

Edited by nasdaq, 17 November 2016 - 09:25 AM.


#9 Alek_xyz

Alek_xyz
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 17 November 2016 - 01:59 PM

Hi. So far so good.
For now it stopped popping up.
Thank you very much for the help.


#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:33 AM

Posted 18 November 2016 - 09:24 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users